Application security model

Information security – Access control or authentication – Authorization

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S003000, C726S004000

Reexamination Certificate

active

08011008

ABSTRACT:
Performing security sensitive operations with an application security model. Security agnostic code is executed. The security agnostic code is identified as not having authorization to perform a security sensitive operation. Executing the security agnostic code includes calling code identified as security safe critical code. In response to the security agnostic code calling the security safe critical code, the security safe critical code is executed. The security safe critical code includes functionality for performing validity checks. Executing the security safe critical code includes performing an validity check for the security agnostic code. When the security agnostic code passes the validity check, code identified as security critical code is called. In response to the security safe critical code calling the security critical code, the security critical code is executed. The security critical code is authorized to perform the security sensitive operation.

REFERENCES:
patent: 7039801 (2006-05-01), Narin
patent: 7082600 (2006-07-01), Rau et al.
patent: 7168063 (2007-01-01), Meijer
patent: 2004/0019887 (2004-01-01), Taylor et al.
patent: 2004/0133777 (2004-07-01), Kiriansky et al.
patent: 2004/0143631 (2004-07-01), Banerjee et al.
patent: 2005/0172133 (2005-08-01), Brumme et al.
patent: 2005/0172286 (2005-08-01), Brumme et al.
patent: 2006/0075383 (2006-04-01), Moorthy et al.
patent: 2006/0129995 (2006-06-01), DeBoe et al.
patent: 2006/0259763 (2006-11-01), Cooperstein et al.
patent: 2007/0199050 (2007-08-01), Meier
patent: 2007/0199051 (2007-08-01), Parikh et al.
Mike Downen, What's New with Code Access Security in the .NET Framework 2.0, Nov. 2005.
CSTS: A Prototype Tool for Testing COM Component Security; Jinfu Chen; Yansheng Lu; Xiaodong Xie; Hybrid Intelligent Systems, 2009. HIS '09. Ninth International Conference on vol. 3; Publication Year: 2009 , pp. 83-88.
Can Microsoft's Service Pack2 (SP2) Security Software Prevent SMURF Attacks?; Kumar, S.; Azad, M.; Gomez, O.; Valdez, R.; Telecommunications, 2006. AICT-ICIW '06. International Conference on Internet and Web Applications and Services/Advanced International Conference on; Publication Year: 2006; p. 89-94.
From stack inspection to access control: a security analysis for libraries; Besson, F.; Blanc, T.; Fournet, C.; Gordon, A.D.; Computer Security Foundations Workshop, 2004. Proceedings. 17th IEEE; Publication Year: 2004 , pp. 61-75.
.NET Security Blog, “The Silverlight Security Model”, 2007, 4 pages, http://blogs.msdn.com/shawnfa/archive/2007/05/09/the-silverlight-security-model.aspx.
Allen, Jonathan, “Silverlight's New Security Model”, May 2, 2007, 2 pages, http://www.infoq.com
ews/2007/05/Silverlight-SecurityModel.
Pramati Server 3.5, 2003, 4 pages, http://www.pramati.com/docstore/1215012/psv35data.pdf.
“Container internationalization attributes”, 2 pages, Jun. 2007, http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/i18n/concepts/cin—containerattribute.html.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Application security model does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Application security model, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Application security model will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-2770947

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.