Computer system security method and apparatus having program authorization information data structures
INFORMATION PROTECTION AND AUTHENTICATION OF TEXAS, LLCThe holder of the '717 patent has sued Microsoft, Symantec, CA, F-Secure, McAfee, Kaspersky, Sophos, Novell, and PC Tools for infringing this patent.
Last updated: about 1 year ago
Summary / Description
| Summary / Description | The invention therefore provides an arrangement in which a processor, in response to a request from a program to access a location in memory, tests to determine if the access requires transfers to multiple locations in different pages. |
Basic Information
| Type of Prior Art | Issued Patents - US |
| Country | United States of America |
| Patent/Application # | 4821169 |
| Kind Code | United States (US) - United STATES Patent - A |
| Patentee Name | Digital Equipment Corporation |
| Relevant Pages, Columns, or Lines | col. 5, ln 49 - col. 6, ln 23 |
| URL | http://patft.uspto.gov/netacgi/... |
| Publication Date | February 11, 1987 |
| Additional Information | The publication date is actually the filing date. |
Notes / To Do
| Notes | |
Excerpt
A bus interface unit for connecting a processor to a memory to form a digital data processing system. The storage locations in the memory are grouped in pages each having a selected access rights mode which regulates access to the data stored therein by the programs, each of which has a selected access rights mode. The access rights are assigned on a page by page basis. If an access request from a program requires transfers to multiple locations, the processor will normally perform an access verification on the first location while it is in the first transfer operation, and then perform the transfer operation and successive transfer operations. If the transfer operations require accesses to separate pages in memory, a microtrap operation is performed and the processor performs access verifications on locations in both pages before performing any transfers.
Relevance
Claims
Claim 120
In a digital computer system having digital data processing means for executing a plurality of digital computer programs for a computer user and memory means for storing digital program instructions and digital data, a method for providing improved computer security comprising the steps of:
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user; and
b) storing in at least one segment, digital data for associating said authorization information with at least one program to be executed by said processing means for said computer user.
Relevance
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user; and b) storing in at least one segment, digital data for associating said authorization information with at least one program to be executed by said processing means for said computer user.
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user; and b) storing in at least one segment, digital data for associating said authorization information with at least one program to be executed by said processing means for said computer user.
Claim Chart
All
Claim 61
In a digital computer system for providing improved computer security having digital data processing means for executing a plurality of digital computer programs for a computer user and memory means for storing digital program instructions and digital data, apparatus for protecting a digital computer user from operations typically performable by a digital computer program executing on behalf of a user comprising:
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user; and
b) means for storing in at least one segment digital data for associating said authorization information with at least one program to be executed by said processing means.
Relevance
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user; and b) means for storing in at least one segment digital data for associating said authorization information with at least one program to be executed by said processing means.
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user; and b) means for storing in at least one segment digital data for associating said authorization information with at least one program to be executed by said processing means.
Claim Chart
All
Claim 1
In a digital computer system having a digital data processing means for executing a plurality of digital programs and a memory means for storing digital program instructions and digital data, apparatus for protecting a digital computer user from operations typically performable by a digital computer program executing on behalf of a user comprising:
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means; and
b) means for storing in at least one segment, digital data for associating said authorization entries with at least one program.
Relevance
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means; and b) means for storing in at least one segment, digital data for associating said authorization entries with at least one program.
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means; and b) means for storing in at least one segment, digital data for associating said authorization entries with at least one program.
Claim Chart
All
