Information security – Policy
Reexamination Certificate
2006-08-11
2010-12-21
Truong, Thanhnga B (Department: 2438)
Information security
Policy
C726S003000, C709S203000, C709S224000
Reexamination Certificate
active
07856654
ABSTRACT:
The invention is a system and method for delegating security permission evaluation from a client computer to remote network service (e.g., a security server). The centralization of permission evaluation allows performance enhancements using rules compilation and better manageability. An application on a client machine may request a permission to access a resource at runtime and provide evidence data to a security server. The permission evaluation (the decision) is executed by the network service and enforced locally on the client machine. When the application runs on top of a virtual machine, its security manager may be used to hide all of the client-side processes, and thus providing the extra information to the network service in order to locally enforce the results.
REFERENCES:
patent: 5452457 (1995-09-01), Alpert et al.
patent: 6071316 (2000-06-01), Goossen et al.
patent: 6230312 (2001-05-01), Hunt
patent: 6282701 (2001-08-01), Wygodny et al.
patent: 6308275 (2001-10-01), Vaswani et al.
patent: 6560774 (2003-05-01), Gordon et al.
patent: 6615264 (2003-09-01), Stoltz et al.
patent: 6802054 (2004-10-01), Faraj
patent: 6871284 (2005-03-01), Cooper et al.
patent: 6971091 (2005-11-01), Arnold et al.
patent: 7069554 (2006-06-01), Stammers et al.
patent: 7171655 (2007-01-01), Gordon et al.
patent: 7487221 (2009-02-01), Araki
patent: 7512965 (2009-03-01), Amdur et al.
patent: 7552472 (2009-06-01), Baffes et al.
patent: 7587487 (2009-09-01), Gunturu
patent: 7590684 (2009-09-01), Herrmann
patent: 7620940 (2009-11-01), Goldsmith et al.
patent: 7725922 (2010-05-01), Pouliot
patent: 7739735 (2010-06-01), Pouliot
patent: 7743414 (2010-06-01), Pouliot
patent: 7805707 (2010-09-01), Pouliot
patent: 7823186 (2010-10-01), Pouliot
patent: 2002/0042897 (2002-04-01), Klein et al.
patent: 2002/0069200 (2002-06-01), Cooper et al.
patent: 2002/0198675 (2002-12-01), Underseth et al.
patent: 2003/0041267 (2003-02-01), Fee et al.
patent: 2003/0065942 (2003-04-01), Lineman et al.
patent: 2003/0110192 (2003-06-01), Valente et al.
patent: 2003/0115484 (2003-06-01), Moriconi et al.
patent: 2003/0177355 (2003-09-01), Elgressy et al.
patent: 2003/0196114 (2003-10-01), Brew et al.
patent: 2003/0225822 (2003-12-01), Olson et al.
patent: 2004/0103323 (2004-05-01), Dominic
patent: 2004/0250112 (2004-12-01), Valente et al.
patent: 2005/0071668 (2005-03-01), Yoon et al.
patent: 2005/0172126 (2005-08-01), Lange et al.
patent: 2005/0240999 (2005-10-01), Rubin et al.
patent: 2005/0262517 (2005-11-01), French
patent: 2006/0064737 (2006-03-01), Wallace
patent: 2006/0117299 (2006-06-01), Goldsmith et al.
patent: 2006/0143396 (2006-06-01), Cabot
patent: 2006/0150021 (2006-07-01), Traskov et al.
patent: 2006/0235655 (2006-10-01), Qing et al.
Author: Nicodemos C. Damianou Title: A Policy Framework for Management of Distributed System Date: Feb. 2002.
Author: Scott Oaks Title: Java Security, 2nd Edition Date: May 17, 2001 Publisher: O'Reilly Media, Inc.
Clark, Jason, “Return of the Rich Client—Code Access Security and Distrubtion Features in .NET Enhance Client-Side Apps”,MSDN Magazine, printed from http://msdn.microsoft.com/msdnmag/issues/02/06/rich/default.aspx, Jun. 2002, 16 pages.
Mono, “MON:Runtime—The Mono Runtime”, printed from http://www.mono-project.com/Mono:Runtime, Jan. 24, 2006, 8 pages.
Mono, “Assemblies and the GAC—How Mono Finds Assemblies”, printed from http://www.mono-project.com/Assemblies—and—the—GAC, Jul. 20, 2005, 11 pages.
Alcazar, Mark, “Windows Presentation Foun dation Security Sandbox”, MSDN Library, Microsoft Corporation, printed from http://msdn.microsoft.com/library/en-us/dnlong/html/wpfsecuritysandbox.asp?frame=true, Sep. 2005, 9 pages.
Novell AppArmor Powered by Immunix 1.2 Installation and QuickStart Guide, Sep. 29, 2005, 18 pages.
Sundmark et al., “Monitored Software Components—A Novel Software Engineering Approach”,Proceedings of the 11thAsia-Pacific Software Engineering Conference(APSEC'04), Nov. 30-Dec. 3, 2004, pp. 624-631.
Sokolsky et al., “Steering of Real-Time Systems Based on Monitoring and Checking”,Proceedings of the Fifth International Workshop, Nov. 18-20, 1999, pp. 11-18.
Novell Inc.
Pillsbury Winthrop Shaw & Pittman LLP
Truong Thanhnga B
LandOfFree
System and method for network permissions evaluation does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for network permissions evaluation, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for network permissions evaluation will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4203901