Patent · US Active

Privilege separation

US9282100B2 · kind B2 · utility

7Cited by

9References

17Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Jonathan Clark · San Francisco, US
Tyler Abair · New Milford, US

Key dates

Filing date	Dec 2, 2013
Grant date	Mar 8, 2016
Priority date	—
Expiry date	Dec 23, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2113
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

In one implementation, an interposer library is installed on an embedded system or another type of computing system. The system may be configured to host web services or route data packets. A processor, executes processes of the system, and the interposer library intercepts data indicative of relationships of the processes. An access map is generated based on relationships of the processes of the system. The system is modified according to a set of procedures derived from the access map. The set of procedures may be derived by the processor or the access map. The set of procedures may be a minimum privilege solution that minimizes the privilege level of each process to a lowest privilege possible while maintaining the requisite functions of the process.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.