System and methods for construction, fusion, prosecution, and maintenance of minimized operating environments
US7650501B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 15, 2005 |
| Grant date | Jan 19, 2010 |
| Priority date | — |
| Expiry date | May 20, 2027 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2141
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Several methods are provided for applying minimization to computer systems. A unified security profile is created and applied to a computer system. This provides a listing of software packages required to be installed on the computer system. Extraneous files not associated with a required software package are identified. In one method, a software module interposes between calls to filesystem operations and the filesystem. This module allows or denies access to files based on a configuration information source (which is itself based on the unified security profile), the zone from which the access request originates, and the privileges of the user making the request. Reference to each file minimized is removed from the computer system's package manifest. Files thus minimized are neither visible nor accessible to unauthorized entities on the computer system. If the unified security profile of the system is required to change, minimization actions can therefore be reversed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.