Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

A method and system are provided for determining whether a principal (e.g. a thread) may access a particular resource. According to one aspect of the invention, the access authorization determination takes into account the sources of the code on the call stack of the principal at the time the access is desired. Because the source of the code on the call stack will vary over time, so will the access rights of the principal. Thus, when a request for an action is made by a thread, a determination is made of whether the action is authorized based on permissions associated with routines in a calling hierarchy associated with the thread. The determination of whether a request is authorized is based on a determination of whether at least one permission associated with each routine encompasses the permission required to perform the requested action. Support for "privileged" routines is also provided. When a routine in the calling hierarchy is privileged, the determination of whether an...

InventorLi Gong
Original AssigneeSun Microsystems, Inc.
Primary Examiner: Scott T. Baderman
Current U.S. Classification726/4; 709/229; 713/152
International Classification: H04L 900

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited PatentFiling dateIssue dateOriginal AssigneeTitle
US4809160Oct 28, 1985Feb 28, 1989Hewlett-Packard CompanyPrivilege level checking instruction for implementing a secure hierarchical computer system
US5311591Jun 3, 1993May 10, 1994Computer system security method and apparatus for creating and using program authorization information data structures
US5649099Jun 4, 1993Jul 15, 1997Xerox CorporationMethod for delegating access rights through executable access control program without delegating access rights not in a specification to any intermediary nor comprising server security
US5720033Jul 25, 1995Feb 17, 1998Lucent Technologies Inc.Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems
US5745678Aug 18, 1997Apr 28, 1998International Business Machines CorporationMethod and system for the secured distribution of multimedia titles
US5758153Oct 24, 1995May 26, 1998Object Technology Licensing Corp.Object oriented file system in an object oriented operating system
US5845129Mar 22, 1996Dec 1, 1998Philips Electronics North America CorporationProtection domains in a single address space
US5892904Dec 6, 1996Apr 6, 1999Microsoft CorporationCode certification for network transmission
US5915085Feb 28, 1997Jun 22, 1999International Business Machines CorporationMultiple resource or security contexts in a multithreaded application
US5987608May 13, 1997Nov 16, 1999Netscape Communications CorporationJava security mechanism

Referenced by

Citing PatentFiling dateIssue dateOriginal AssigneeTitle
US6748594Sep 29, 1998Jun 8, 2004International Business Machines CorporationObject mechanism and method for retrieving attribute values in a object oriented framework
US6754889Oct 4, 2000Jun 22, 2004Compuware CorporationJava automation, testing, and analysis
US6941552Jul 30, 1998Sep 6, 2005International Business Machines CorporationMethod and apparatus to retain applet security privileges outside of the Java virtual machine
US7020653Feb 10, 2003Mar 28, 2006Oracle International CorporationTechniques for supporting application-specific access controls with a separate server
US7073062Dec 19, 2000Jul 4, 2006International Business Machines CorporationMethod and apparatus to mutually authentication software modules
US7076804May 11, 2001Jul 11, 2006International Business Machines CorporationAutomated program resource identification and association
US7103644Jun 29, 2001Sep 5, 2006BellSouth Intellectual Property Corp.Systems for an integrated data network voice-oriented service and non-voice-oriented service converged creation and execution environment
US7124203Feb 26, 2001Oct 17, 2006Oracle International CorporationSelective cache flushing in identity and access management systems
US7181017Mar 25, 2002Feb 20, 2007David FelsherSystem and method for secure three-party communications
US7185364Mar 21, 2001Feb 27, 2007Oracle International CorporationAccess system interface
US7194764Feb 26, 2001Mar 20, 2007Oracle International CorporationUser authentication
US7225256Nov 30, 2001May 29, 2007Oracle International CorporationImpersonation in an access system
US7231661Jun 21, 2001Jun 12, 2007Oracle International CorporationAuthorization services with external authentication
US7249369Feb 26, 2001Jul 24, 2007Oracle International CorporationPost data processing
US7275032Apr 25, 2003Sep 25, 2007Bvoice CorporationTelephone call handling center where operators utilize synthesized voices generated or modified to exhibit or omit prescribed speech characteristics
US7330876Oct 13, 2000Feb 12, 2008AOL LLC, a Delaware limited liability companyMethod and system of automating internet interactions
US7370159Mar 31, 2004May 6, 2008STMicroelectronics SAMicroprocessor having an extended addressable space
US7398311Oct 3, 2006Jul 8, 2008Oracle International CorporationSelective cache flushing in identity and access management systems
US7444678Jun 14, 2004Oct 28, 2008AOL LLCSecuring resources from untrusted scripts behind firewalls
US7458084Aug 12, 2005Nov 25, 2008AT&T Delaware Intellectual Property, Inc.Methods and systems for converged service creation and execution environment applications
US7458096Oct 27, 2006Nov 25, 2008Oracle International CorprationAccess system interface
US7464162Feb 26, 2001Dec 9, 2008Oracle International CorporationSystems and methods for testing whether access to a resource is authorized based on access information
US7546956Apr 29, 2005Jun 16, 2009Research In Motion LimitedSystem and method of operation control on an electronic device
US7587368Jul 5, 2001Sep 8, 2009Information record infrastructure, system and method
US7630974Sep 28, 2004Dec 8, 2009Oracle International CorporationMulti-language support for enterprise identity and access management
US7653936Jun 25, 2003Jan 26, 2010Microsoft CorporationDistributed expression-based access control
US7725735Mar 29, 2005May 25, 2010International Business Machines CorporationSource code management method for malicious code detection
US7752438Aug 27, 2002Jul 6, 2010Hewlett-Packard Development Company, L.P.Secure resource access
US7765298Nov 16, 2006Jul 27, 2010Oracle International CorporationImpersonation in an access system
US7814536Oct 4, 2006Oct 12, 2010Oracle International CorporationUser authentication
US7815100Apr 29, 2005Oct 19, 2010Research In Motion LimitedSystem and method of owner application control of electronic devices
US7849451Mar 2, 2006Dec 7, 2010Oracle America Inc.Dynamic delegation chain for runtime adaptation of a code unit to an environment
US7870596Feb 1, 2007Jan 11, 2011Microsoft CorporationAccessing network resources outside a security boundary
US7882132Oct 9, 2003Feb 1, 2011Oracle International CorporationSupport for RDBMS in LDAP system
US7904454Jun 16, 2002Mar 8, 2011International Business Machines CorporationDatabase access security
US7904487Oct 9, 2003Mar 8, 2011Oracle International CorporationTranslating data access requests
US7926105Feb 28, 2006Apr 12, 2011Microsoft CorporationUsing security-related attributes
US7933923Nov 4, 2005Apr 26, 2011International Business Machines CorporationTracking and reconciling database commands
US7970788Aug 2, 2005Jun 28, 2011International Business Machines CorporationSelective local database access restriction
US8045958Nov 21, 2005Oct 25, 2011Research In Motion LimitedSystem and method for application program operation on a wireless device
US8095597May 1, 2001Jan 10, 2012AOL Inc.Method and system of automating data capture from electronic correspondence
US8141100Dec 20, 2006Mar 20, 2012International Business Machines CorporationIdentifying attribute propagation for multi-tier processing
US8204999Feb 26, 2001Jun 19, 2012Oracle International CorporationQuery string processing

Claims

1. A method for providing security, the method comprising the steps of:

detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions.

2. The method of claim 1, wherein:

the step of detecting when a request for an action is made includes detecting when a request for an action is made by a thread; and
the step of determining whether said action is authorized includes determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said thread.

3. The method of claim 1, wherein:

the calling hierarchy includes a first routine; and
the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.

4. The method of claim 1, wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.

5. A method for providing security, the method comprising the steps of:

detecting when a request for an action is made by a principal,
determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said principal;
wherein each routine of said plurality of routines is associated with a class; and
wherein said association between permissions and said plurality of routines is based on a second association between classes and protection domains.

6. A method for providing security, the method comprising the steps of:

detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein a first routine in said calling hierarchy is privileged; and
wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and a second routine in said calling hierarchy, wherein said second routine is invoked after said first routine, wherein said second routine is a routine for performing said requested action.

7. The method of claim 6, wherein the step of determining whether said permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and said second routine further includes the steps of:

determining whether said permission required is encompassed by at least one permission associated with said second routine; and
in response to determining said permission required is encompassed by at least one permission associated with said second routine, then performing the steps of:
A) selecting a next routine from said plurality of routines in said calling hierarchy,
B) if said permission required is not encompassed by at least one permission associated with said next routine, then transmitting a message indicating that said permission required is not authorized, and
C) repeating steps A and B until:
said permission required is not authorized by at least one permission associated with said next routine,
there are no more routines to select from said plurality of routines in said calling hierarchy, or
determining that said next routine is said first routine.

8. The method of claim 7, wherein:

the method further includes the step of setting a flag associated with said first routine to indicate that said first routine is privileged; and
the step of determining that said next routine is said first routine includes determining that a flag associated with said next routine indicates said next routine is privileged.

9. The method of claim 8, wherein the step of setting said flag associated with said first routine includes setting a flag in a frame in said calling hierarchy associated with said thread.

10. A computer-readable medium carrying one or more sequences of one or more instructions, the one or more sequences of the one or more instructions including instructions which, when executed by one or more processors, causes the one or more processors to perform the steps of:

detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions.

11. The computer-readable medium of claim 10, wherein:

the step of detecting when a request for an action is made includes detecting when a request for an action is made by a thread; and
the step of determining whether said action is authorized includes determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said thread.

12. The computer readable medium of claim 10, wherein:

the calling hierarchy includes a first routine; and
the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.

13. The computer readable medium of claim 10, wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.

14. A computer-readable medium bearing instructions for providing security, the instructions including instructions for performing the steps of:

detecting when a request for an action is made by a principal;
determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said principal;
wherein each routine of said plurality of routines is associated with a class; and
wherein said association between permissions and said plurality of routines is based on a second association between classes and protection domains.

15. A computer-readable medium carrying one or more sequences of one or more instructions, the one or more sequences of the one or more instructions including instructions which, when executed by one or more processors, causes the one or more processors to perform the steps of:

detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein a first routine in said calling hierarchy is privileged; and
wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and a second routine in said calling hierarchy, wherein said second routine is invoked after said first routine, wherein said second routine is a routine for performing said requested action.

16. The computer readable medium of claim 15, wherein the step of determining whether said permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and said second routine further includes the steps of:

determining whether said permission required is encompassed by at least one permission associated with said second routine; and
in response to determining said permission required is encompassed by at least one permission associated with said second routine, then performing the steps of:
A) selecting a next routine from said plurality of routines in said calling hierarchy,
B) if said permission required is not encompassed by at least one permission associated with said next routine, then transmitting a message indicating that said permission required is not authorized, and
C) repeating steps A and B until:
said permission required is not authorized by at least one permission associated with said next routine,
there are no more routines to select from said plurality of routines in said calling hierarchy, or
determining that said next routine is said first routine.

17. The computer readable medium of claim 16, wherein:

the computer readable medium further comprises one or more instructions for performing the step of setting a flag associated with said first routine to indicate that said first routine is privileged; and
the step of determining that said next routine is said first routine includes determining that a flag associated with said next routine indicates said next routine is privileged.

18. The computer readable medium of claim 17, wherein the step of setting said flag associated with said first routine includes setting a flag in a frame in said calling hierarchy associated with said thread.

19. A computer system comprising:

a processor;
a memory coupled to said processor;
said processor being configured to detect when a request for an action is made by a principal; and
said processor being configured to respond to detecting the request by determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions.

20. The computer system of claim 19, wherein:

the calling hierarchy includes a first routine; and
said processor is configured to determine whether said action is authorized by determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.

21. The computer system of claim 19, wherein

said processor is configured to determine whether said action is authorized by determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.

Drawings