Security framework for dynamically wrapping software applications executing in a computing system

Assignee

• Secure Computing, LLC · US

Inventors

• Richard O'Brien · Brooklyn Park, US
• Raymond Lu · Shoreview, US
• Terrence Mitchem · Andover, US
• Spencer Minear · Fridley, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2101
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A security framework for wrapping standard, commercially-available software applications in order to limit the amount of potential damage that a successful attacker or corrupt program can cause. The security framework includes a security master that coordinates installation and removal of kernel-based security modules and that provides a means for managing these modules. The security module are loadable kernel modules that include security information for enforcing application-specific or resource-specific policies. The security module are easy to install and require no modification to the existing operating system or to the software applications that they are monitoring. The security framework has a number of potential applications, including protecting a computing system from malicious software downloaded via a web browser, for wrapping web servers and firewalls in order to limit possible compromise and for replicating file operations.