Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2007-07-31
2007-07-31
Lanier, Benjamin E. (Department: 2132)
Information security
Prevention of unauthorized use of data including prevention...
Access control
C713S165000, C713S166000, C713S167000, C713S190000
Reexamination Certificate
active
11254839
ABSTRACT:
A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.
REFERENCES:
patent: 5295266 (1994-03-01), Hinsley et al.
patent: 5825877 (1998-10-01), Dan et al.
patent: 5915085 (1999-06-01), Koved
patent: 5958050 (1999-09-01), Griffin et al.
patent: 5978484 (1999-11-01), Apperson et al.
patent: 6044466 (2000-03-01), Anand et al.
patent: 6044467 (2000-03-01), Gong
patent: 6321334 (2001-11-01), Jerger et al.
patent: 6473800 (2002-10-01), Jerger et al.
patent: 6526513 (2003-02-01), Shrader et al.
patent: 6981281 (2005-12-01), LaMacchia et al.
patent: WO 99/30217 (1999-06-01), None
InternationalSearch Report for PCT/US01/16057.
International Search Report for PCT/US01/16127.
Oaks, Scott, Java Security, May 1998, O'Reilly & Associates, Inc, pp. 62-123.
“Compliance Checking in the PolicyMaker Trust Management Systems”, by Blaze, Feigenbaum and Strauss, AT&T Labs-Research, 1999.
“Trust management on the World Wide Web”, by Khare and Rifkin, at http://www7.scu.edu.au/programme/posters/1902/com1902.htm, 1998.
Information on KeyNote including “The Key Note Trust Management System” from RFC 2704 at http://www.cis.upenn.edu/-angelos/keynote.html; and “Using the Key Note Trust Management System” by Matt Blaze at http://www.crypto.com/trustmgt/, 2001.
“The Evolution of Java Security”, by Koved, Nadalin, Neal & Lawson, including informaton on Java-based systems IBM, 1998.
“Managing Trust in an Information-Labeling System” European Transactions on Telecommunications, 8 (1997) pp. 491-501. (Special issue of selected papers from the 1996 Amalfi Conference on Secure Communication in Networks.) Postscript from http://www.research.att.com/˜jf/pubs/ett97.ps.
“The Role of Trust Management in Distributed System Security”, M. Blaze, J. Feigenbaum, J. Ioannidis, A. Keromytis, Secure Internet Programming: Security Issues for Distributed and Mobile Objects, Lecture Notes in Computer Science, vol. 1603, Springer Berlin, 1999, pp. 185-210. Postscript available from http://www.research.att.com/˜jf/pubs/sip99.pc.
“Proceedings of the 6th International World Wide Web Conference”, Santa Clara, CA, Apr. 1997, by Y. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, M. Strauss, REFEREE: Trust Management for Web Applications. Available from http://www.farcaster.com/papers/www6-referee/index.htm.
“Decentralized Trust Management” by M. Blaze, J. Feigenbaum, J. Lacy, in Proceedings of the 1996 IEEE Symposoium on Security and Privacy pp. 164-173. Also available as a DIMACS Technical Report. This paper describes PolicyMaker. Available in Postscript at http://www.research.att.com/˜jf/pubs/oakland96proc.ps.
“Logically Extensible Privilege Control Set” IBM Technical Disclosure Bulletin IBM Cor,p New York, NY, V. 34 n. 7B, Dec. 1, 1991.
Anad, R. et al. “A flexible Security Model for Using Internet Content” Proceedings of the 16th Symposium on Reliable Distributed Systems. SRDS '97 Durham NC Oct. 22-24, 1997, & Proceedings of the Symposium on Reliable Distributed systems Los Alamitos CA: IEEE Computer Soc, US, Oct. 22, 1997.
Fee Gregory D.
Kohnfelder Loren M.
LaMacchia Brian A.
Toutonghi Michael J.
Lanier Benjamin E.
Lee & Hayes PLLC
Microsoft Corporation
LandOfFree
Filtering a permission set using permission requests... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Filtering a permission set using permission requests..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Filtering a permission set using permission requests... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3725072