Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2007-02-02
2009-06-16
Nalven, Andrew L (Department: 2434)
Information security
Prevention of unauthorized use of data including prevention...
Access control
Reexamination Certificate
active
07549173
ABSTRACT:
To provide improved security in adjunct program modules such as plug-ins and dynamic link libraries, a requesting module provides an authorization interface to the invoked module such that the invoked module can require a certificate of the requesting module and can also challenge the authority of the requesting module. The certificate can include one or more permissions which are prerequisites for processing by the invoked module. The invoked module can challenge the authority of the requesting module by sending random test data to the requesting module and receiving in response a cryptographic signature of the test data. By verifying the signature of the requesting module using the received certificate, the invoked module confirms that the requesting module is, in fact, the owner of the receive certificate.
REFERENCES:
patent: 5418713 (1995-05-01), Allen
patent: 5636276 (1997-06-01), Bragger
patent: 5734823 (1998-03-01), Saigh et al.
patent: 5734891 (1998-03-01), Saigh
patent: 5794217 (1998-08-01), Allen
patent: 5991399 (1999-11-01), Graunke et al.
patent: 6088450 (2000-07-01), Davis et al.
patent: 6105137 (2000-08-01), Graunke et al.
patent: 6138235 (2000-10-01), Lipkin et al.
patent: 6301658 (2001-10-01), Koehler
patent: 6598167 (2003-07-01), Devine et al.
patent: 6615350 (2003-09-01), Schell et al.
patent: 6754829 (2004-06-01), Butt et al.
patent: WO 98/07255 (1998-02-01), None
Housley, R. et al., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile”,Network Working Group Request For Comments, Jan. 1999, 1-32, XP-002227696.
Linn, J. et al., “Attribute Certification: An Enabling Technology for Delegation and Role-Based Controls in Distributed Environments”,Proceedings 4th.ACM Workshop on Role-Based Access Control, Oct. 28-29, 1999, 121-130, XP-000958110.
Park, J.S. et al., “Smart Certificates: Extending X.509 for Secure Attribute Services on the Web”,National Information Systems Security Conference, 1999, 22, 337-348, XP-002954616.
Ansell Steven T.
Brownell Jason S.
Devine Perry T.
Levine Earl
Microsoft Corporation
Nalven Andrew L
Woodcock & Washburn LLP
LandOfFree
Security mechanism for computer processing does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security mechanism for computer processing, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security mechanism for computer processing will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4098144