Processing

Please wait...

Settings

Settings

Goto Application

1. WO2009005935 - USING A TRUSTED ENTITY TO DRIVE SECURITY DECISIONS

Publication Number WO/2009/005935
Publication Date 08.01.2009
International Application No. PCT/US2008/065730
International Filing Date 04.06.2008
IPC
G06F 15/16 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
15Digital computers in general; Data processing equipment in general
16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
CPC
G06F 21/33
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
33using certificates
G06F 21/41
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
41where a single sign-on provides access to a plurality of computers
G06F 2221/2141
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
G06F 2221/2149
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
2149Restricted operating environment
Applicants
  • MICROSOFT CORPORATION [US]/[US] (AllExceptUS)
Inventors
  • RAYMOND, Michael
  • CHEN, Yu
  • WANG, Wei
  • HANSON, Mark T.
  • SCHWARTZ, Jonathan David
  • SYKES, Kenneth W.
Priority Data
11/823,57928.06.2007US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) USING A TRUSTED ENTITY TO DRIVE SECURITY DECISIONS
(FR) UTILISATION D'UNE ENTITÉ DE CONFIANCE POUR DIRIGER DES DÉCISIONS DE SÉCURITÉ
Abstract
(EN)
An arrangement is provided for programmatically responding to a privilege request on behalf of a user by pre-configuring a trusted entity with a list of processes requiring elevated user credentials and a set of user's credentials having such privilege. The trusted entity determines if a requested process is included in the list of processes, and responds to the privilege requests generated by the kernel of the operating system for such processes, eliminating the need for the user to manually authenticate using some type of input mechanism.
(FR)
La présente invention concerne un agencement prévu pour répondre par programmation à une demande de privilèges au nom d'un utilisateur en pré-configurant une entité de confiance avec une liste de procédés nécessitant des références utilisateur élevées et un ensemble de références utilisateur bénéficiant de ce privilège. L'entité de confiance détermine si un procédé requis est inclus dans la liste des procédés et répond aux demandes de privilèges générées par le noyau du système d'exploitation pour ces procédés, éliminant le besoin pour l'utilisateur de s'authentifier manuellement à l'aide d'un certain type de mécanisme d'entrée.
Also published as
Latest bibliographic data on file with the International Bureau