Information security – Access control or authentication – Authorization
Reexamination Certificate
2006-07-26
2010-06-15
Moazzami, Nasser (Department: 2436)
Information security
Access control or authentication
Authorization
C713S189000
Reexamination Certificate
active
07739735
ABSTRACT:
The invention relates to a system and method for efficient security runtime. If the same security demand for permissions occurs twice during the same code path (i.e. execution stack) the latter can be automatically turned (optimized) into a security assertion based on the former demand. A security runtime can determine which assertions to establish in a call stack, using declarative security information kept in an assembly metadata and based on execution history to know what has already been demanded for a specific stack frame. If the method being called has been allowed to execute before then a demand may be replaced with an assertion for the same permissions within the call stack. If that frame was executed then it means the security demand was successfully evaluated. Furthermore, if the permission evaluation result is known to be static (e.g., its result will not change) it can be determined that another check on the same permissions is not required higher on the stack, so this demand can safely be replaced by an assertion, which can effectively speed up the code execution without sacrificing security.
REFERENCES:
patent: 5452457 (1995-09-01), Alpert et al.
patent: 6071316 (2000-06-01), Goossen et al.
patent: 6230312 (2001-05-01), Hunt
patent: 6282701 (2001-08-01), Wygodny et al.
patent: 6308275 (2001-10-01), Vaswani et al.
patent: 6560774 (2003-05-01), Gordon et al.
patent: 6615264 (2003-09-01), Stoltz et al.
patent: 6802054 (2004-10-01), Faraj
patent: 6871284 (2005-03-01), Cooper et al.
patent: 6971091 (2005-11-01), Arnold et al.
patent: 7069554 (2006-06-01), Stammers et al.
patent: 7487221 (2009-02-01), Araki
patent: 7512965 (2009-03-01), Amdur et al.
patent: 7552472 (2009-06-01), Baffes et al.
patent: 7620940 (2009-11-01), Goldsmith et al.
patent: 2002/0042897 (2002-04-01), Klein et al.
patent: 2002/0069200 (2002-06-01), Cooper et al.
patent: 2002/0198675 (2002-12-01), Underseth et al.
patent: 2003/0041267 (2003-02-01), Fee et al.
patent: 2003/0065942 (2003-04-01), Lineman et al.
patent: 2003/0110192 (2003-06-01), Valente et al.
patent: 2003/0115484 (2003-06-01), Moriconi et al.
patent: 2003/0177355 (2003-09-01), Elgressy et al.
patent: 2003/0196114 (2003-10-01), Brew et al.
patent: 2003/0225822 (2003-12-01), Olson et al.
patent: 2004/0103323 (2004-05-01), Dominic
patent: 2004/0250112 (2004-12-01), Valente et al.
patent: 2005/0071668 (2005-03-01), Yoon et al.
patent: 2005/0172126 (2005-08-01), Lange et al.
patent: 2005/0240999 (2005-10-01), Rubin et al.
patent: 2005/0262517 (2005-11-01), French
patent: 2006/0064737 (2006-03-01), Wallace
patent: 2006/0117299 (2006-06-01), Goldsmith et al.
patent: 2006/0143396 (2006-06-01), Cabot
patent: 2006/0150021 (2006-07-01), Traskov et al.
patent: 2006/0235655 (2006-10-01), Qing et al.
Clark, Jason, “Return of the Rich Client—Code Access Security and Distribution Features in .Net Enhance Client-Side Apps”,MSDN Magazine, printed from http://msdn.microsoft.com/msdnmag/issues/02/06/rich/default.aspx, Jun. 2002, 16 pages.
MONO, “MONO:Runtime—The Mono Runtime”, printed from http://www.mono-project.com/Mono:Runtime, Jan. 24, 2006, 8 pages.
MONO, “Assemblies and the GAC—How Mono Finds Assemblies”, printed from http://www.mono-project.com/Assemblies—and—the—GAC, Jul. 20, 2005, 11 pages.
Damianou, Nicodemos C., “A Policy Framework for Management of Distributed Systems”, Thesis, Imperial College of Science, Technology and Medicine, University of London, Department of Computing, Feb. 2002, 233 pages.
Oaks, Scott, “Java Security, 2ndEdition”, Publisher O'Reilly Media, Inc., May 17, 2001, 22 pages.
Sundmark et al., “Monitored Software Components—A Novel Software Engineering Approach”,Proceedings of the 11thAsia-Pacific Software Engineering Conference(APSEC'04), Nov. 30-Dec. 3, 2004, pp. 624-631.
Sokolsky et al., “Steering of Real-Time Systems Based on Monitoring and Checking”,Proceedings of the Fifth International Workshop, Nov. 18-20, 1999, pp. 11-18.
Moazzami Nasser
Novell Inc.
Pillsbury Winthrop Shaw & Pittman LLP
Shehni Ghazal
LandOfFree
System and method for dynamic optimizations using security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for dynamic optimizations using security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for dynamic optimizations using security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4230980