Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
2007-04-10
2007-04-10
Moise, Emmanuel L. (Department: 2137)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S164000, C726S022000, C717S127000, C717S131000, C705S059000
Reexamination Certificate
active
10329193
ABSTRACT:
In the access control model of security, an access control matrix associates rights for operations on objects with subjects. An approach for assigning rights to code at run-time involves determining the run-time rights of a piece of code by examining the attributes of the pieces of code that have run (including their origins) and any explicit requests to augment rights. Thus, this approach relies on the execution history for security. This history based approach reduces the difficulties and the error-proneness of securing extensible software systems.
REFERENCES:
patent: 6189103 (2001-02-01), Nevarez et al.
patent: 6460141 (2002-10-01), Olden
patent: 6895503 (2005-05-01), Tadayon et al.
Bershad, B.N. et al., “Extensibility, Safety and Performance in the SPIN Operating Systems,”Proceedings of the 15thACM Symposium on Operating System Principles, 1995, 267-283.
Brewer, D.F.C. et al., “The Chinese Wall Security Policy,”Proceedings of the 1989 IEEE Symposium on Security and Privacy, 1989, 206-214.
Edjlali, G. et al., “History-based Access Control for Mobile Code,”ACM Conference on Computer and Communications Security, 1998, 38-48.
Erlingsson, U. et al., “IRM Enforcement of Java Stack Inspection,”Proceedings of the 2000 IEEE Symposium on Security and Privacy, Berkeley, CA, May 14-17, 2000, 246-255.
Fournet, C. et al., “Stack Inspection: Theory and Variants,”POPL 2002: The 29thACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, OR, Jan. 16-18, 2002, 307-318.
Hardy, N., “The Confused Deputy,”ACM Operating Systems Review, 1999, 24(4), 36-38.
Jensen, T. et al., “Verification of Control Flow Based Security Properties,”Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999, 89-103.
Myers, A.C., “JFlow: Practical, Mostly-Static Information Flow Control,”POPL 1999: The 26thACM Symposium on Principles of Programming Languages, San Antonio, TX, 1999, 228-241.
Pottier, F. et al., “A Systematic Approach to Access Control,”Programming Languages and Systems(ESOP 2001), Genova, Italy, Apr. 2-6, 2001,vol. 2028 of LNCS, 30-45.
Saltzer, J.H., “Protection and Control of Information Sharing in Multics,”Communications of the ACM, 1974, 17(7), 388-402.
Schneider, F.B., “Enforceable Security Policies,”ACM Trans. on Information and System Security, 2000, 3(1), 30-50.
Schroeder, M.D. et al., “A Hardware Architecture for Implementing Protection Rings,”Communications of the ACM, 1972, 15(3), 157-170.
Wallach, D.S. et al., SAFKASI: A Security Mechanism for Language-Based Systems,ACM Transactions on Software Engineering and Methodology, 2000, 9(4), 341-378.
“Access Control based on Execution History,”Proceedings CCS'02, May 10, 2002, 1-19.
“.NET Security,” http://msnd.microsoft.com
hp, 2003, 2 pages.
“ECMA C#and Common Language Infrastructure Standards,” http://msdn.microsof.com
et/ecma/, 2003, 3 pages.
Got Dot Net, “About the Common Language Runtime (CLR),” http://ww2w.gotdotnet.com/team/clr/about—clr.aspx, Dec. 2001, 2 pages.
Visual Studio.net, “Microsoft .NET Language Partners,” http://msdn.microsoft.com/vstudio/partners/language/default.asp, 2002, 4 pages.
Box, D.,Essential .NET vol. 1: The Common Language Runtime, Addison Wesley, 2002, pp. 281-325.
Denning, D.,Cryptography and Data Security, Addison Wesley, 1992, pp. 265-329.
Gong, L.,Inside Java™ 2 Platform Security, Addison Wesley, 1999, pp. 90-106.
Lange, S. et al.,.NET Framework Security, Addison Wesley, 2002, 69-98.
Solomon, D.A. et al.,Inside Microsoft Windows 2000, Microsoft Press, Third edition, 2000, p. 506.
Abadi Martín
Fournet Cédric A. M.
Microsoft Corporation
Moise Emmanuel L.
Nguyen Minh Dieu
Woodcock & Washburn LLP
LandOfFree
History based rights computation for managed code does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with History based rights computation for managed code, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and History based rights computation for managed code will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3734171