Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
2005-03-15
2010-12-07
Lanier, Benjamin E (Department: 2432)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S165000, C713S166000, C713S167000, C726S026000, C726S027000
Reexamination Certificate
active
07849311
ABSTRACT:
The present invention is a system that switches between non-secure and secure modes by making processes, applications and data for the non-active mode unavailable to the active mode. That is, non-secure processes, applications and data are not accessible when in the secure mode and visa versa. This is accomplished by creating dual hash tables where one table is used for secure processes and one for non-secure processes. A hash table pointer is changed to point to the table corresponding to the mode. The path-name look-up function that traverses the path name tree to obtain a device or file pointer is also restricted to allow traversal to only secure devices and file pointers when in the secure mode and only to non-secure devices and files in the non-secure mode. The process thread run queue is modified to include a state flag for each process that indicates whether the process is a secure or non-secure process. A process scheduler traverses the queue and only allocates time to processes that have a state flag that matches the current mode. Running processes are marked to be idled and are flagged as unrunnable, depending on the security mode, when the process reaches an intercept point. The switch operation validates the switch process and pauses the system for a period of time to allow all running processes to reach an intercept point and be marked as unrunnable. After all the processes are idled, the hash table pointer is changed, the look-up control is changed to allow traversal of the corresponding security mode branch of the file name path tree, and the scheduler is switched to allow only threads that have a flag that corresponds to the security mode to run. The switch process is then put to sleep and a master process, either secure or non-secure, depending on the mode, is then awakened.
REFERENCES:
patent: 2004/0139346 (2004-07-01), Watt et al.
Whitepaper, “Linux Vserver”, http://linux-vserver.org/, Feb. 22, 2005.
Donlin Patrick J.
Raymond Michael
Baker & Botts L.L.P.
Lanier Benjamin E
Silicon Graphics International
LandOfFree
Computer system with dual operating modes does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer system with dual operating modes, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer system with dual operating modes will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4152094