Computer system security method and apparatus having program authorization information data structures
INFORMATION PROTECTION AND AUTHENTICATION OF TEXAS, LLCThe holder of the '717 patent has sued Microsoft, Symantec, CA, F-Secure, McAfee, Kaspersky, Sophos, Novell, and PC Tools for infringing this patent.
#119Authorization for selective program access to data in multiple address spaces.
Applies to Claims 1
Last updated: about 1 year ago
Summary / Description
| Summary / Description | Patent that Anticipates using an access list which contains information on whether a program is allowed to access a computer resource. In this case the computer resource is an address space in the main memory. |
Basic Information
| Type of Prior Art | Issued Patents - US |
| Country | United States of America |
| Patent/Application # | 5,023,773 |
| Kind Code | United States (US) - United STATES Patent - A |
| Patentee Name | International Business Machines Corporation |
| Relevant Pages, Columns, or Lines | |
| URL | |
| Publication Date | July 11, 1991 |
| Additional Information | |
Notes / To Do
| Notes | |
Excerpt
Abstract: A program authorization mechanism for authorizing access to an address space in the main memory of a computer system by a program being run under a multiple address space facility. An access-list entry is associated with each address space, each access-list entry being designated by an access-list-entry token contained in an access register. Each access-list entry includes a private indicator which indicates if the associated address space can be accessed by all programs from this access-list entry or if the associated address space can only be accessed by an authorized program. For program to be authorized, an extended authorization index in a control register must match an access-list extended authorization index in the access-list entry, or the extended authorization index value must be authorized in an authority table associated with the address space. An instruction for testing a given extended authorization index for a given access-list-entry is also disclosed.
Relevance
Claims
Claim 1
In a digital computer system having a digital data processing means for executing a plurality of digital programs and a memory means for storing digital program instructions and digital data, apparatus for protecting a digital computer user from operations typically performable by a digital computer program executing on behalf of a user comprising:
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means; and
b) means for storing in at least one segment, digital data for associating said authorization entries with at least one program.
Relevance
Anticipates using an access list which contains information on whether a program is allowed to access a computer resource. In this case the computer resource is an address space in the main memory.
Anticipates using an access list which contains information on whether a program is allowed to access a computer resource. In this case the computer resource is an address space in the main memory.
Claim Chart
All
