Electrical computers and digital processing systems: multicomput – Computer-to-computer data routing – Least weight routing
Reexamination Certificate
1999-12-15
2003-07-01
Oberley, Alvin (Department: 2126)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data routing
Least weight routing
Reexamination Certificate
active
06587888
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention is directed at the implementation of a dynamic wrapper for discovery of non-exported functions and subsequent method interception.
2. Description of the Prior Art and Related Information
The distributed component object model (DCOM) is a model providing access to distributed objects, usually on a network. DCOM defines the object interfaces. DCOM defines a remote procedure call protocol that allows objects to be run remotely over a network. DCOM was introduced in the operating system WINDOWS NT 4.0 by the Microsoft Corporation of Redmond Wash.
A service control manager (SCM) is a part of WINDOWS NT that launches background tasks. Developers can write executable programs that run under the control of the SCM. DCOM functions can similarly be written to run under the control of the SCM. Part of defining the functions to do so comprises having the function “register” itself with the SCM.
In object technology, including DCOM object technology, software applications include objects, which include methods or functions, which are called functions herein. Objects are the software building blocks of object technology. A function defines the processing that an object performs. DCOM clients access functions through the protocol defined within DCOM.
A software wrapper is a piece of code that is inserted into a target function at execution time. The execution behavior of the function is altered intentionally by the inserted wrapper code. Heretofore, since the wrapper does not have knowledge of the target function's source code a priori, the wrapper can only access a target function's publicly defined entry points. These entry points are normally established statically by the compiler and referred to as exported functions. The compiler generated program module contains embedded symbol information for exported functions that can be used by the wrapper at runtime. In contrast, non-exported functions have no compiler produced symbol information stored in the program module.
A DCOM system may be implemented on a DCOM server, which allows client computers to access exported functions having the publicly defined entry points on the DCOM server. Current software wrapper technology for DCOM software application programs revolves around interception of exported functions. Such systems are described in Matt Pietrek, “Learn System-Level Win 32 Coding Techniques by Writing an API Spy Program”, Microsoft Systems Journal, Vol 9 No Dec. 12, 1994, pp 17-44; Timothy Fraser, Lee Badger, and Mark Feldman, “Hardening COTS Software with Generic Software Wrappers”, Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland Calif., May 1999; and Robert Balzer and Neil Goldman, “Mediating Connectors”, Proceedings the 19th IEEE International Conference on Distributed Computing Systems Workshop, Austin, Tex. May 31-Jun. 5, 1999. In order for the wrapper code to intercept functions in given software module, a set of exported functions has to be explicitly declared at compile time. This approach works well with interception at kernel level application programming interfaces (API) which are the interfaces between applications and operating systems.
However, application software development has progressed toward a more object-oriented model where packaged modules have few explicitly exported functions. Conventional wrapper technology is unsuitable for such environments because of the lack of compiled symbol information.
There exist the need for a wrapping, or intercepting, technique that dynamically discovers non-exported functions for subsequent interception. The system and method of the present invention is referred to as a system of dynamic wrappers because the system does not rely on compiled symbol information. In one embodiment, the system of the present invention is used intercept functions of computer programs written as Microsoft DCOM executables.
SUMMARY OF THE INVENTION
The present invention defines a technology for dynamic wrappers for non-exported functions, allowing interception of non-exported functions in application software modules or functions. In order for a dynamic wrapper to understand and intercept software modules that have non-exported functions, the wrapper preferably should have intrinsic knowledge of the underlying protocol used by the intercepted modules. Therefore, one embodiment of the present invention is coupled with the Microsoft DCOM protocol and Windows NT operating system. Such a system may run on Microsoft Windows NT for the Intel x86 platform. However, DCOM interception may also run on other windowed operating systems and UNIX machines as well.
The design permits interception of DCOM client initiated method calls at the DCOM server during runtime. The interceptor of the method call denies or grants access to the DCOM method to be executed. The actual logic to determine access permissions need not be part of the interceptor. The interceptor runs as part of the DCOM server. It contains logic to distinguish at runtime the identity of the principal associated with the DCOM client requesting the execution of the function call. The technique works with commercial-off-the-shelf (COTS) software and does not require modification of the application source code.
REFERENCES:
patent: 6014666 (2000-01-01), Helland et al.
patent: 6026238 (2000-02-01), Bond et al.
patent: 6141696 (2000-10-01), Goertzel et al.
patent: 6263491 (2001-07-01), Hunt
Matt Pietrek, “Learn System-Level Win32 Coding Techniques by Writing an API Spy Program,” Dec. 1994, Microsoft Systems Journal, Volumn. 9.*
Jacob R. Lorch and Alan Jay Smith, “The VTrace Tool: Building a System Tracer for Windows NT and Windows 2000”, Oct. 2000, MSDN Magazine, vol. 15 No. 10.*
Balzer, et al., Mediating Connectors.
Brown, Building a Lightweight COM Interception Framework Part I: The Universal Delegator, Microsoft Systems Journal, Jan. 1999, 17 pgs., vol. 14 http://www.microsoft.com/msj/defaultframe.asp?page=/msj/0199/intercept/intercept.htm.
Brown, Building a Lightweight COM Interception Framework Part II: The Guts of the UD, Microsoft System Journal, Feb. 1999, 15 pgs., vol. 14 http:www.microsoft.com/msj/defaultframe.asp?page=/msj/0299/intercept2.intercept2.htm.
Fraser, et al., Hardening COTS Software with Generic Software Wrappers, Proceedings of the 1999 IEEE Symposium on Security and Privacy, The Institute of Electrical and Electronics Engineers, Inc., 1999.
Hunt, et al., Intercepting and Instrumenting COM Applications, Proceedings of the 5th Conference on Object-Oriented Technologies and Systems (COOTS'99), May 1999, 12 pgs., San Diego, CA, http:www.research.microsoft.com/research/os/galenh/Publications/huntCoots99.pdf.
Pietrek, Learn System-Level Win32 Coding Techniques by Writing an API Spy Program, Microsoft Systems Journal 19, Dec. 1994, vol. 9, No. 12.
Chieu David Pai-wei
Hollingworth Dennis
Hamaty Christopher J.
Networks Associates Technology Inc.
Oberley Alvin
Silicon Valley IP Group
Zhen Li
LandOfFree
Dynamic software wrapper does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Dynamic software wrapper, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Dynamic software wrapper will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3035257