Methods and systems for controlling access to resources and privileges per process
US9594898B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 23, 2014 |
| Grant date | Mar 14, 2017 |
| Priority date | — |
| Expiry date | Oct 23, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/6209
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
To control privileges and access to resources on a per-process basis, an administrator creates a rule that may be applied to modify a token of a process. The rule may include an application-criterion set and changes to be made to the groups and/or privileges of the token. The rule may be set as a policy within a group policy object (GPO), where a GPO is associated with one or more groups of computers or users. When a GPO containing a rule is applied to a computer, a driver installed on the computer may access the rule(s) anytime a logged-on user executes a process. If the executed process satisfies the criterion set of a rule, the changes contained within the rule are made to the process token, and the user has expanded and/or contracted access and/or privileges for only that process.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.