CN103649963B - 信赖等级激活 - Google Patents

信赖等级激活 Download PDF

Info

Publication number
CN103649963B
CN103649963B CN201280035888.1A CN201280035888A CN103649963B CN 103649963 B CN103649963 B CN 103649963B CN 201280035888 A CN201280035888 A CN 201280035888A CN 103649963 B CN103649963 B CN 103649963B
Authority
CN
China
Prior art keywords
trust
level
application
assembly
execution environment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201280035888.1A
Other languages
English (en)
Chinese (zh)
Other versions
CN103649963A (zh
Inventor
S.阿布拉罕
H.威尔逊
T.巴苏
S.伊斯金
L.赵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing LLC filed Critical Microsoft Technology Licensing LLC
Publication of CN103649963A publication Critical patent/CN103649963A/zh
Application granted granted Critical
Publication of CN103649963B publication Critical patent/CN103649963B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Automation & Control Theory (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
  • Mobile Radio Communication Systems (AREA)
CN201280035888.1A 2011-07-20 2012-07-10 信赖等级激活 Active CN103649963B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/186,474 US8973158B2 (en) 2011-07-20 2011-07-20 Trust level activation
US13/186474 2011-07-20
PCT/US2012/045998 WO2013012592A1 (en) 2011-07-20 2012-07-10 Trust level activation

Publications (2)

Publication Number Publication Date
CN103649963A CN103649963A (zh) 2014-03-19
CN103649963B true CN103649963B (zh) 2016-02-03

Family

ID=47556777

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201280035888.1A Active CN103649963B (zh) 2011-07-20 2012-07-10 信赖等级激活

Country Status (6)

Country Link
US (2) US8973158B2 (OSRAM)
EP (1) EP2734949B1 (OSRAM)
JP (2) JP5985631B2 (OSRAM)
KR (1) KR101970744B1 (OSRAM)
CN (1) CN103649963B (OSRAM)
WO (1) WO2013012592A1 (OSRAM)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130061316A1 (en) * 2011-09-06 2013-03-07 Microsoft Corporation Capability Access Management for Processes
US9773102B2 (en) 2011-09-09 2017-09-26 Microsoft Technology Licensing, Llc Selective file access for applications
US8990561B2 (en) 2011-09-09 2015-03-24 Microsoft Technology Licensing, Llc Pervasive package identifiers
US9800688B2 (en) 2011-09-12 2017-10-24 Microsoft Technology Licensing, Llc Platform-enabled proximity service
US9524477B2 (en) * 2012-05-15 2016-12-20 Apple Inc. Utilizing a secondary application to render invitational content in a separate window above an allocated space of primary content
US10356204B2 (en) 2012-12-13 2019-07-16 Microsoft Technology Licensing, Llc Application based hardware identifiers
US9515832B2 (en) 2013-06-24 2016-12-06 Microsoft Technology Licensing, Llc Process authentication and resource permissions
US9282100B2 (en) * 2013-12-02 2016-03-08 Cisco Technology, Inc. Privilege separation
US9483636B2 (en) 2014-01-17 2016-11-01 Microsoft Technology Licensing, Llc Runtime application integrity protection
CN105404819A (zh) * 2014-09-10 2016-03-16 华为技术有限公司 一种数据访问控制方法、装置以及终端
US9600682B2 (en) * 2015-06-08 2017-03-21 Accenture Global Services Limited Mapping process changes
US9785783B2 (en) 2015-07-23 2017-10-10 Ca, Inc. Executing privileged code in a process
US20170149828A1 (en) 2015-11-24 2017-05-25 International Business Machines Corporation Trust level modifier
BR112018010584A2 (pt) 2016-01-26 2018-11-27 Hewlett Packard Development Co arquitetura de privilégio de modo de gerenciamento de sistema
US10360135B2 (en) * 2016-03-31 2019-07-23 Microsoft Technology Licensing, Llc Privilege test and monitoring
JP6779758B2 (ja) * 2016-11-21 2020-11-04 キヤノン株式会社 情報処理装置、情報処理方法及びプログラム
KR102802837B1 (ko) 2016-12-20 2025-05-07 삼성전자주식회사 사용자 단말 장치 및 그의 제어 방법
US10503908B1 (en) 2017-04-04 2019-12-10 Kenna Security, Inc. Vulnerability assessment based on machine inference
US10728500B2 (en) 2018-06-13 2020-07-28 At&T Intellectual Property I, L.P. Object-managed secured multicast system
US10762244B2 (en) * 2018-06-29 2020-09-01 Intel Corporation Securely exposing an accelerator to privileged system components
US11171983B2 (en) * 2018-06-29 2021-11-09 Intel Corporation Techniques to provide function-level isolation with capability-based security
JP2020135555A (ja) * 2019-02-21 2020-08-31 Necソリューションイノベータ株式会社 処理実行方法
US20200364354A1 (en) * 2019-05-17 2020-11-19 Microsoft Technology Licensing, Llc Mitigation of ransomware in integrated, isolated applications
CN114902223A (zh) * 2020-01-14 2022-08-12 华为技术有限公司 安全隔离方法、装置以及计算机系统
US11895105B2 (en) 2020-06-19 2024-02-06 Apple, Inc. Authenticated interface element interactions
US11880719B2 (en) * 2022-01-20 2024-01-23 Dell Products L.P. Trust-aware and adaptive system to aid virtual/human intervention using an API-based mechanism
CN115048643A (zh) * 2022-07-07 2022-09-13 奇安信科技集团股份有限公司 数据处理方法、装置、电子设备和存储介质
US12147533B2 (en) * 2022-07-31 2024-11-19 Microsoft Technology Licensing, Llc Securely brokering access tokens to partially trusted code

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050149726A1 (en) * 2003-10-21 2005-07-07 Amit Joshi Systems and methods for secure client applications
CN1678968A (zh) * 2002-06-28 2005-10-05 英特尔公司 可信计算机平台
US20060190606A1 (en) * 2005-02-22 2006-08-24 Kidaro Inc. Data transfer security

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6167522A (en) 1997-04-01 2000-12-26 Sun Microsystems, Inc. Method and apparatus for providing security for servers executing application programs received via a network
US6275938B1 (en) 1997-08-28 2001-08-14 Microsoft Corporation Security enhancement for untrusted executable code
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content
US6691230B1 (en) 1998-10-15 2004-02-10 International Business Machines Corporation Method and system for extending Java applets sand box with public client storage
WO2001025949A1 (en) * 1999-10-05 2001-04-12 Ejasent Inc. Ip virtualization
US7284124B1 (en) * 2000-06-05 2007-10-16 Microsoft Corporation Trust level based platform access regulation application
US7793111B1 (en) 2000-09-28 2010-09-07 Intel Corporation Mechanism to handle events in a machine with isolated execution
JP2004252584A (ja) * 2003-02-18 2004-09-09 Nec Corp データアクセス制御装置
US7380087B2 (en) 2004-08-25 2008-05-27 Microsoft Corporation Reclaiming application isolated storage
US20070260577A1 (en) 2006-03-30 2007-11-08 Microsoft Corporation Providing COM access to an isolated system
JP2008102838A (ja) * 2006-10-20 2008-05-01 Canon Inc 情報処理方法およびプログラム
JP2010282242A (ja) * 2007-08-20 2010-12-16 Nec Corp アクセス制御システム、アクセス制御方法およびアクセス制御用プログラム
US9218200B2 (en) * 2008-08-21 2015-12-22 Vmware, Inc. Selective class hiding in open API component architecture system
US8745361B2 (en) 2008-12-02 2014-06-03 Microsoft Corporation Sandboxed execution of plug-ins
US20100199357A1 (en) 2009-02-02 2010-08-05 Microsoft Corporation Secure hosting for untrusted code
JP4787341B2 (ja) * 2009-02-18 2011-10-05 株式会社エヌ・ティ・ティ・ドコモ データ処理装置、データ処理方法、データ処理プログラム
EP2433238B1 (en) * 2009-05-18 2015-10-07 Hewlett-Packard Development Company, L.P. Systems and methods of determining a trust level from system management mode
US8627451B2 (en) 2009-08-21 2014-01-07 Red Hat, Inc. Systems and methods for providing an isolated execution environment for accessing untrusted content

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1678968A (zh) * 2002-06-28 2005-10-05 英特尔公司 可信计算机平台
US20050149726A1 (en) * 2003-10-21 2005-07-07 Amit Joshi Systems and methods for secure client applications
US20060190606A1 (en) * 2005-02-22 2006-08-24 Kidaro Inc. Data transfer security

Also Published As

Publication number Publication date
US8973158B2 (en) 2015-03-03
JP5985631B2 (ja) 2016-09-06
CN103649963A (zh) 2014-03-19
EP2734949A4 (en) 2015-05-13
US9465948B2 (en) 2016-10-11
KR101970744B1 (ko) 2019-04-22
JP2014521184A (ja) 2014-08-25
JP2017016669A (ja) 2017-01-19
US20130024929A1 (en) 2013-01-24
KR20140045502A (ko) 2014-04-16
US20150106915A1 (en) 2015-04-16
JP6248153B2 (ja) 2017-12-13
EP2734949A1 (en) 2014-05-28
EP2734949B1 (en) 2020-11-04
WO2013012592A1 (en) 2013-01-24

Similar Documents

Publication Publication Date Title
CN103649963B (zh) 信赖等级激活
US11157616B2 (en) Mobile application management
Enck Defending users against smartphone apps: Techniques and future directions
US8893222B2 (en) Security system and method for the android operating system
US8893268B2 (en) Permission re-delegation prevention
Do et al. Enhancing user privacy on android mobile devices via permissions removal
US9871800B2 (en) System and method for providing application security in a cloud computing environment
Mongiovì et al. Combining static and dynamic data flow analysis: a hybrid approach for detecting data leaks in Java applications
US10482034B2 (en) Remote attestation model for secure memory applications
CN107636667B (zh) 在设备中创建多个工作空间的系统及方法
WO2018023368A1 (en) Enhanced security using scripting language-based hypervisor
US9398019B2 (en) Verifying caller authorization using secret data embedded in code
Xu Techniques and tools for analyzing and understanding android applications
EP3961450B1 (en) Identity registration methods, apparatuses, and devices
Yason Diving Into IE 10’s Enhanced Protected Mode Sandbox
US10248412B2 (en) Sharing applications by modifying attributes
US20250383997A1 (en) Memory access locking and logging for trusted execution environments
AlJarrah et al. Closer look at mobile hybrid apps configurations: Statistics and implications
Sharikov et al. Methodology for Analyzing Dockerfile Using AI for Vulnerabilities
Schöni et al. Automatically Retrofitting Cordova Applications for Stricter Content Security Policies
CN119127390A (zh) 一种支持虚拟化云环境的容器安全增强方法及系统
CN116861410A (zh) 隔离多开进程的方法和终端设备
Zhang Uncovering and mitigating unsafe program integrations in Android
Gadyatskaya et al. Emerging Mobile Platforms: Firefox OS and Tizen
Davidson Enhancing Mobile Security and Privacy through App Splitting

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: MICROSOFT TECHNOLOGY LICENSING LLC

Free format text: FORMER OWNER: MICROSOFT CORP.

Effective date: 20150702

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20150702

Address after: Washington State

Applicant after: Micro soft technique license Co., Ltd

Address before: Washington State

Applicant before: Microsoft Corp.

C14 Grant of patent or utility model
GR01 Patent grant