Processing

Please wait...

Settings

Settings

1. WO2000043876 - TECHNIQUES FOR PERMITTING ACCESS ACROSS A CONTEXT BARRIER ON A SMALL FOOTPRINT DEVICE USING AN ENTRY POINT OBJECT

Publication Number WO/2000/043876
Publication Date 27.07.2000
International Application No. PCT/US2000/001235
International Filing Date 20.01.2000
Chapter 2 Demand Filed 23.08.2000
IPC
G06F 1/00 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
1Details not covered by groups G06F3/-G06F13/82
G06F 9/46 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
G06F 21/00 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
CPC
G06F 21/34
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
34involving the use of external additional devices, e.g. dongles or smart cards
G06F 21/53
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity ; ; Preventing unwanted data erasure; Buffer overflow
53by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 9/468
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
468Specific access rights for resources, e.g. using capability register
Applicants
  • SUN MICROSYSTEMS, INC. [US/US]; 901 San Antonio Road Palo Alto, CA 94303, US
Inventors
  • SUSSER, Joshua; US
  • BUTLER, Mitchel, B.; US
  • STREICH, Andy; US
Agents
  • RITCHIE, David, B. ; D'Alessandro & Ritchie P.O. Box 640640 San Jose, CA 95164-0640, US
Priority Data
09/235,15722.01.1999US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) TECHNIQUES FOR PERMITTING ACCESS ACROSS A CONTEXT BARRIER ON A SMALL FOOTPRINT DEVICE USING AN ENTRY POINT OBJECT
(FR) TECHNIQUES PERMETTANT UN ACCES A TRAVERS UNE BARRIERE DE CONTEXTE DANS UN DISPOSITIF A FAIBLE EMPREINTE PAR UTILISATION D'UN OBJET POINT D'ACCES
Abstract
(EN)
A small footprint device can securely run multiple programs from unrelated vendors by the inclusion of a context barrier isolating the execution of the programs. The context barrier performs security checks to see that principal and object are within the same context or to see that a requested action is authorized for an object to be operated upon. Each program or set of programs runs in a separate context. Access from one program to another program across the context barrier can be achieved under controlled circumstances by using an entry point object.
(FR)
Ce dispositif à faible empreinte peut exécuter en toute sécurité plusieurs programmes provenant de vendeurs non apparentés par inclusion d'une barrière de contexte isolant l'exécution des programmes. Cette barrière de contexte procède à des vérifications de sécurité de manière à déterminer si un mandant et un objet se trouvent dans le même espace des noms ou le même espace mémoire ou à déterminer qu'une action demandée est autorisée pour un objet à exécuter. Chaque programme ou ensemble de programmes tourne dans un contexte séparé. L'accès d'un programme à un autre programme à travers la barrière de contexte peut être obtenu dans des conditions sous contrôle par utilisation d'un objet point d'accès.
Latest bibliographic data on file with the International Bureau