Computer device with anti-tamper resource security
US8826419B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 31, 2012 |
| Grant date | Sep 2, 2014 |
| Priority date | — |
| Expiry date | Aug 31, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/6218
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer device provides an execution environment that supports a plurality of processes. A plurality of key resources are associated with a security application that may perform process elevation to grant privileged access rights to a user process. A security module controls access to the key resources using an access control list. An anti-tamper mechanism creates a protection group as a local security group and adds a deny access control entry to the access control list. The anti-tamper mechanism intercepts the user process and creates a revised access token identifying the user process as a member of the protection group. The security module matches the protection group in the revised access token of the user process against the deny access control entry in the access control list of the key resources thereby restricting access by the user process even though the user process otherwise has privileges to access those resources.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.