Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

A method and apparatus are provided for maintaining and enforcing security rules using protection domains. As new code arrives at a computer, a determination is assigned to a protection domain based on the source from which the code is received. The protection domain establishes the permissions that apply to the code. In embodiments where the code to be executed by the computer belongs to object classes, an association is established between the protection domains and the classes of objects. When an object requests an action, a determination is made as to whether the action is permitted based on the class to which the object belongs and the association between classes and protection domains.

InventorLi Gong
Original AssigneeSun Microsystems, Inc.
Primary Examiner: Scott T. Baderman
Current U.S. Classification726/17; 713/154
International Classification: H04L 900

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited PatentFiling dateIssue dateOriginal AssigneeTitle
US5311591Jun 3, 1993May 10, 1994Computer system security method and apparatus for creating and using program authorization information data structures
US5720033Jul 25, 1995Feb 17, 1998Lucent Technologies Inc.Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems
US5758153Oct 24, 1995May 26, 1998Object Technology Licensing Corp.Object oriented file system in an object oriented operating system
US5841870Nov 12, 1996Nov 24, 1998Cheyenne Property TrustDynamic classes of service for an international cryptography framework
US5845129Mar 22, 1996Dec 1, 1998Philips Electronics North America CorporationProtection domains in a single address space
US5892904Dec 6, 1996Apr 6, 1999Microsoft CorporationCode certification for network transmission

Referenced by

Citing PatentFiling dateIssue dateOriginal AssigneeTitle
US6691230Oct 15, 1998Feb 10, 2004International Business Machines CorporationMethod and system for extending Java applets sand box with public client storage
US6721958Mar 8, 2000Apr 13, 2004OpenTV, Inc.Optional verification of interactive television content
US6886038Oct 24, 2000Apr 26, 2005Microsoft CorporationSystem and method for restricting data transfers and managing software components of distributed computers
US6915338Oct 24, 2000Jul 5, 2005Microsoft CorporationSystem and method providing automatic policy enforcement in a multi-computer service application
US7016950Dec 8, 2004Mar 21, 2006Microsoft CorporationSystem and method for restricting data transfers and managing software components of distributed computers
US7043545Dec 8, 2004May 9, 2006Microsoft CorporationSystem and method for restricting data transfers and managing software components of distributed computers
US7076804May 11, 2001Jul 11, 2006International Business Machines CorporationAutomated program resource identification and association
US7080143May 11, 2004Jul 18, 2006Microsoft CorporationSystem and method providing automatic policy enforcement in a multi-computer service application
US7089242Feb 29, 2000Aug 8, 2006International Business Machines CorporationMethod, system, program, and data structure for controlling access to sensitive functions
US7093288Oct 24, 2000Aug 15, 2006Microsoft CorporationUsing packet filters and network virtualization to restrict network communications
US7096258May 12, 2004Aug 22, 2006Microsoft CorporationSystem and method providing automatic policy enforcement in a multi-computer service application
US7113900Oct 24, 2000Sep 26, 2006Microsoft CorporationSystem and method for logical modeling of distributed computer systems
US7131143Jun 21, 2000Oct 31, 2006Microsoft CorporationEvaluating initially untrusted evidence in an evidence-based security policy manager
US7155380Dec 9, 2004Dec 26, 2006Microsoft CorporationSystem and method for designing a logical model of a distributed computer system and deploying physical resources according to the logical model
US7200655Nov 12, 2004Apr 3, 2007Microsoft CorporationSystem and method for distributed management of shared computers
US7213247Jan 10, 2000May 1, 2007Wind River Systems, Inc.Protection domains for a computer operating system
US7243374Aug 8, 2001Jul 10, 2007Microsoft CorporationRapid application security threat analysis
US7337318Feb 27, 2003Feb 26, 2008International Business Machines CorporationMethod and apparatus for preventing rogue implementations of a security-sensitive class interface
US7363493Jan 4, 2002Apr 22, 2008Antimalware, Ltd.Method for protecting computer programs and data from hostile code
US7370103Nov 12, 2004May 6, 2008System and method for distributed management of shared computers
US7392525Oct 1, 2003Jun 24, 2008Cray Inc.Inter-thread long jumps in a multithreaded environment
US7395320Jun 1, 2005Jul 1, 2008Microsoft CorporationProviding automatic policy enforcement in a multi-computer service application
US7406517Nov 1, 2004Jul 29, 2008Microsoft CorporationSystem and method for distributed management of shared computers
US7426732Oct 10, 2003Sep 16, 2008Cray Inc.Placing a task of a multithreaded environment in a known state
US7536690Sep 16, 2003May 19, 2009Cray Inc.Deferred task swapping in a multithreaded environment
US7567504Sep 8, 2003Jul 28, 2009Microsoft CorporationNetwork load balancing with traffic routing
US7574343Mar 7, 2006Aug 11, 2009Microsoft CorporationSystem and method for logical modeling of distributed computer systems
US7590736Jun 30, 2003Sep 15, 2009Microsoft CorporationFlexible network load balancing
US7606898Oct 24, 2000Oct 20, 2009Microsoft CorporationSystem and method for distributed management of shared computers
US7606929Sep 8, 2003Oct 20, 2009Microsoft CorporationNetwork load balancing with connection manipulation
US7613822Jun 30, 2003Nov 3, 2009Microsoft CorporationNetwork load balancing with session information
US7613930Jun 2, 2005Nov 3, 2009Trustware International LimitedMethod for protecting computer programs and data from hostile code
US7630877Dec 29, 2005Dec 8, 2009Microsoft CorporationArchitecture for distributed computing system and automated design, deployment, and management of distributed applications
US7636917Jun 30, 2003Dec 22, 2009Microsoft CorporationNetwork load balancing with host status information
US7669235May 25, 2004Feb 23, 2010Microsoft CorporationSecure domain join for computing devices
US7684964Sep 8, 2005Mar 23, 2010Microsoft CorporationModel and system state synchronization
US7689676Jan 12, 2007Mar 30, 2010Microsoft CorporationModel-based policy application
US7711121Nov 2, 2004May 4, 2010Microsoft CorporationSystem and method for distributed management of shared computers
US7734739Apr 20, 2001Jun 8, 2010Hewlett-Packard Development Company, L.P.Method and system for consolidating network topology in duplicate IP networks
US7734918Jan 17, 2008Jun 8, 2010International Business Machines CorporationPreventing rogue implementations of a security-sensitive class interface
US7739380Nov 12, 2004Jun 15, 2010Microsoft CorporationSystem and method for distributed management of shared computers
US7739731Aug 21, 2006Jun 15, 2010Oracle America, Inc.Method and apparatus for protection domain based security
US7743407Aug 13, 2002Jun 22, 2010Qualcomm IncorporatedUsing permissions to allocate device resources to an application
US7778422Feb 27, 2004Aug 17, 2010Microsoft CorporationSecurity associations for devices
US7779460Apr 17, 2007Aug 17, 2010Microsoft CorporationPartial grant set evaluation from partial evidence in an evidence-based security policy manager
US7797147Apr 15, 2005Sep 14, 2010Microsoft CorporationModel-based system monitoring
US7802144Apr 15, 2005Sep 21, 2010Microsoft CorporationModel-based system monitoring
US7822723Mar 23, 2005Oct 26, 2010International Business Machines CorporationMethod, system, program and data structure for controlling access to sensitive functions
US7840997May 30, 2002Nov 23, 2010Method and device for computer memory protection against unauthorized access
US7886041Mar 1, 2004Feb 8, 2011Microsoft CorporationDesign time validation of systems
US7890543Oct 24, 2003Feb 15, 2011Microsoft CorporationArchitecture for distributed computing system and automated design, deployment, and management of distributed applications
US7890951Jun 29, 2005Feb 15, 2011Microsoft CorporationModel-based provisioning of test environments
US7904454Jun 16, 2002Mar 8, 2011International Business Machines CorporationDatabase access security
US7925881Oct 4, 2007Apr 12, 2011International Business Machines CorporationMethod and apparatus for preventing rogue implementations of a security-sensitive class interface
US7933923Nov 4, 2005Apr 26, 2011International Business Machines CorporationTracking and reconciling database commands
US7941309Nov 2, 2005May 10, 2011Microsoft CorporationModeling IT operations/policies
US7970788Aug 2, 2005Jun 28, 2011International Business Machines CorporationSelective local database access restriction
US8078886Sep 2, 2009Dec 13, 2011Trustware International LimitedMethod for protecting computer programs and data from hostile code
US8122106Oct 24, 2003Feb 21, 2012Microsoft CorporationIntegrating design, deployment, and management phases for systems
US8141100Dec 20, 2006Mar 20, 2012International Business Machines CorporationIdentifying attribute propagation for multi-tier processing
US8239923Jun 12, 2006Aug 7, 2012Cisco Technology, Inc.Controlling computer program extensions in a network device

Claims

1. A method for providing security, the method comprising the steps of:

establishing one or more protection domains, wherein a protection domain is associated with zero or more permissions;
establishing an association between said one or more protection domains and one or more classes of one or more objects; and
determining whether an action requested by a particular object is permitted based on said association between said one or more protection domains and said one or more classes.

2. The method of claim 1, wherein:

at least one protection domain of said one or more protection domains is associated with a code identifier;
at least one class of said one or more classes is associated with said code identifier; and
the step of establishing an association between said one or more protection domains and said one or more classes of one or more objects further includes the step of associating said one or more protection domains and said one or more classes based on said code identifier.

3. The method of claim 2, wherein said code identifier indicates a source of code used to define each class of said one or more classes.

4. The method of claim 2, wherein said code identifier indicates a key associated with each class of said one or more classes.

5. The method of claim 2, wherein said code identifier indicates a source of code used to define each class of said one or more classes and indicates a key associated with each class of said one or more classes.

6. The method of claim 2, wherein the step of associating said one or more protection domains and said one or more classes based on said code identifier further includes associating said one or more protection domains and said one or more classes based on data persistently stored, wherein said data associates code identifiers with a set of one or more permissions.

7. A method of providing security, the method comprising the steps of:

establishing one or more protection domains, wherein a protection domain is associated with zero or more permissions;
establishing an association between said one or more protection domains and one or more sources of code; and
in response to executing code making a request to perform an action, determining whether said request is permitted based on a source of said code making said request and said association between said one or more protection domains and said one or more sources of code.

8. The method of claim 7, wherein the step of establishing an association between said one or more protection domains and said one or more sources of code further includes establishing an association between said one or more protection domains and said one or more sources of code and one or more keys associated with said one or more sources of code.

9. The method of claim 8, wherein the step of establishing an association between said one or more protection domains and said one or more sources of code and said one or more keys associated with said one or more sources of code further includes establishing said association between said one or more protection domains and said one or more sources of code and said one or more keys associated with said one or more sources of code based on data persistently stored, wherein said data associates particular sources of code and particular keys with a set of one or more permissions.

10. A computer-readable medium carrying one or more sequences of one or more instructions, the one or more sequences of the one or more instructions including instructions which, when executed by one or more processors, causes the one or more processors to perform the steps of:

establishing one or more protection domains, wherein a protection domain is associated with zero or more permissions;
establishing an association between said one or more protection domains and one or more classes of one or more objects; and
determining whether an action requested by a particular object is permitted based on said association between said one or more protection domains and said one or more classes.

11. The computer readable medium of claim 10, wherein:

at least one protection domain of said one or more protection domains is associated with a code identifier;
at least one class of said one or more classes is associated with said code identifier; and
the step of establishing an association between said one or more protection domains and said one or more classes of one or more objects further includes the step of associating said one or more protection domains and said one or more classes based on said code identifier.

12. The computer readable medium of claim 11, wherein said code identifier indicates a source of code used to define each class of said one or more classes.

13. The computer readable medium of claim 11, wherein said code identifier indicates a key associated with each class of said one or more classes.

14. The computer readable medium of claim 11, wherein said code identifier indicates a source of code used to define each class of said one or more classes and indicates a key associated with each class of said one or more classes.

15. The computer readable medium of claim 14, wherein the step of associating said one or more protection domains and said one or more classes based on said code identifier further includes associating said one or more protection domains and said one or more classes based on data persistently stored, wherein said data associates code identifiers with a set of one or more permissions.

16. A computer-readable medium carrying one or more sequences of one or more instructions, wherein the execution of the one or more sequences of the one or more instructions causes the one or more processors to perform the steps of:

establishing one or more protection domains, wherein a protection domain is associated with zero or more permissions;
establishing an association between said one or more protection domains and one or more sources of code; and
in response to executing code making a request to perform an action, determining whether said request is permitted based on a source of said code making said request and said association between said one or more protection domains and said one or more sources of code.

17. The computer readable medium of claim 16, wherein the step of establishing an association between said one or more protection domains and said one or more sources of code further includes establishing an association between said one or more protection domains and said one or more sources of code and one or more keys associated with said one or more sources of code.

18. The computer readable medium of claim 17, wherein the step of establishing an association between said one or more protection domains and said one or more sources of code and said one or more keys associated with said one or more sources of code further includes establishing said association between said one or more protection domains and said one or more sources of code and said one or more keys associated with said one or more sources of code based on data persistently stored, wherein said data associates particular sources of code and particular keys with a set of one or more permissions.

19. A computer system comprising:

a processor;
a memory coupled to said processor;
one or more protection domains stored as objects in said memory, wherein each protection domain is associated with zero or more permissions;
a domain mapping object stored in said memory, said domain mapping object establishing an association between said one or more protection domains and one or more classes of one or more objects; and
said processor being configured to determine whether an action requested by a particular object is permitted based on said association between said one or more protection domains and said one or more classes.

20. The computer system of claim 19, wherein:

at least one protection domain of said one or more protection domains is associated with a code identifier;
at least one class of said one or more classes is associated with said code identifier; and
said computer system further comprises said processor configured to establish an association between said one or more protection domains and said one or more classes of one or more objects by associating said one or more protection domains and said one or more classes based on said code identifier.

21. The computer system of claim 20, wherein said code identifier indicates a source of code used to define each class of said one or more classes.

22. The computer system of claim 20, wherein said code identifier indicates a key associated with each class of said one or more classes.

23. The computer system of claim 20, wherein said code identifier indicates a source of code used to define each class of said one or more classes and indicates a key associated with each class of said one or more classes.

24. The computer system of claim 20, further comprising said processor configured to associate said one or more protection domains and said one or more classes based on said code identifier by associating said one or more protection domains and said one or more classes based on data persistently stored in said computer system, wherein said data associates code identifiers with a set of one or more permissions.

Drawings