DE69838378D1 - Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten - Google Patents

Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten

Info

Publication number
DE69838378D1
DE69838378D1 DE69838378T DE69838378T DE69838378D1 DE 69838378 D1 DE69838378 D1 DE 69838378D1 DE 69838378 T DE69838378 T DE 69838378T DE 69838378 T DE69838378 T DE 69838378T DE 69838378 D1 DE69838378 D1 DE 69838378D1
Authority
DE
Germany
Prior art keywords
guaranteed
security
procedure
ensure
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69838378T
Other languages
English (en)
Other versions
DE69838378T2 (de
Inventor
John Y Lee
Satish K Dharmaraj
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sun Microsystems Inc
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Publication of DE69838378D1 publication Critical patent/DE69838378D1/de
Application granted granted Critical
Publication of DE69838378T2 publication Critical patent/DE69838378T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
DE69838378T 1997-04-01 1998-03-27 Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten Expired - Lifetime DE69838378T2 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US08/829,990 US6167522A (en) 1997-04-01 1997-04-01 Method and apparatus for providing security for servers executing application programs received via a network
US829990 1997-04-01
PCT/US1998/006116 WO1998044404A1 (en) 1997-04-01 1998-03-27 Method and apparatus for providing security for servers executing application programs received via a network

Publications (2)

Publication Number Publication Date
DE69838378D1 true DE69838378D1 (de) 2007-10-18
DE69838378T2 DE69838378T2 (de) 2008-05-29

Family

ID=25256058

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69838378T Expired - Lifetime DE69838378T2 (de) 1997-04-01 1998-03-27 Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten

Country Status (5)

Country Link
US (1) US6167522A (de)
EP (1) EP0972234B1 (de)
JP (1) JP2002503364A (de)
DE (1) DE69838378T2 (de)
WO (1) WO1998044404A1 (de)

Families Citing this family (82)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5928323A (en) * 1996-05-30 1999-07-27 Sun Microsystems, Inc. Apparatus and method for dynamically generating information with server-side software objects
US8079086B1 (en) 1997-11-06 2011-12-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US7058822B2 (en) 2000-03-30 2006-06-06 Finjan Software, Ltd. Malicious mobile code runtime monitoring system and methods
US7529856B2 (en) 1997-03-05 2009-05-05 At Home Corporation Delivering multimedia services
US6370571B1 (en) 1997-03-05 2002-04-09 At Home Corporation System and method for delivering high-performance online multimedia services
US6453334B1 (en) 1997-06-16 2002-09-17 Streamtheory, Inc. Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching
US6275938B1 (en) * 1997-08-28 2001-08-14 Microsoft Corporation Security enhancement for untrusted executable code
US7047369B1 (en) * 1997-09-25 2006-05-16 Aladdin Knowledge Systems Ltd. Software application environment
US6584495B1 (en) * 1998-01-30 2003-06-24 Microsoft Corporation Unshared scratch space
IL123512A0 (en) * 1998-03-02 1999-03-12 Security 7 Software Ltd Method and agent for the protection against hostile resource use access
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content
US6691230B1 (en) * 1998-10-15 2004-02-10 International Business Machines Corporation Method and system for extending Java applets sand box with public client storage
US20040030768A1 (en) * 1999-05-25 2004-02-12 Suban Krishnamoorthy Unified system and method for downloading code to heterogeneous devices in distributed storage area networks
JP2001117769A (ja) * 1999-10-20 2001-04-27 Matsushita Electric Ind Co Ltd プログラム実行装置
US6678733B1 (en) 1999-10-26 2004-01-13 At Home Corporation Method and system for authorizing and authenticating users
WO2001035565A2 (en) * 1999-10-26 2001-05-17 At Home Corporation Method and system for authorizing and authenticating users
US6510464B1 (en) * 1999-12-14 2003-01-21 Verizon Corporate Services Group Inc. Secure gateway having routing feature
US6631417B1 (en) * 2000-03-29 2003-10-07 Iona Technologies Plc Methods and apparatus for securing access to a computer
US6985963B1 (en) 2000-08-23 2006-01-10 At Home Corporation Sharing IP network resources
US7036146B1 (en) 2000-10-03 2006-04-25 Sandia Corporation System and method for secure group transactions
US8831995B2 (en) 2000-11-06 2014-09-09 Numecent Holdings, Inc. Optimized server for streamed applications
US7062567B2 (en) 2000-11-06 2006-06-13 Endeavors Technology, Inc. Intelligent network streaming and execution system for conventionally coded applications
US6965939B2 (en) * 2001-01-05 2005-11-15 International Business Machines Corporation Method and apparatus for processing requests in a network data processing system based on a trust association between servers
US7099663B2 (en) 2001-05-31 2006-08-29 Qualcomm Inc. Safe application distribution and execution in a wireless environment
US6996602B2 (en) * 2001-06-18 2006-02-07 Ford Global Technologies, Llc Server-side page table framework for client application definition and execution
US7392313B2 (en) * 2001-10-18 2008-06-24 International Business Machines Corporation Method and apparatus for partitioned environment for web application servers
US7653814B2 (en) 2001-12-11 2010-01-26 International Business Machines Corporation System and method for securely hyperlinking graphic objects
JP4522705B2 (ja) * 2001-12-13 2010-08-11 独立行政法人科学技術振興機構 ソフトウェア安全実行システム
US7197530B2 (en) * 2002-01-18 2007-03-27 Bea Systems, Inc. System and method for pluggable URL pattern matching for servlets and application servers
US20030140100A1 (en) * 2002-01-18 2003-07-24 Sam Pullara System and method for URL response caching and filtering in servlets and application servers
WO2003063029A1 (en) * 2002-01-18 2003-07-31 Bea Systems, Inc. System and method for using virtual directories to service url requests in application servers
AU2002326284A1 (en) * 2002-03-28 2003-10-13 Oleksiy Yuryevich Shevchenko Method and device for computer memory protection against unauthorized access
US6961813B2 (en) * 2002-06-21 2005-11-01 Hewlett-Packard Development Company, L.P. System and method for providing multi-initiator capability to an ATA drive
US6948036B2 (en) * 2002-06-21 2005-09-20 Hewlett-Packard Development Company, L.P. System and method for providing multi-initiator capability to an ATA drive
US20040123117A1 (en) * 2002-12-18 2004-06-24 Symantec Corporation Validation for behavior-blocking system
US20040212485A1 (en) * 2003-03-06 2004-10-28 Koji Tajima Method and apparatus for controlling transfer of content
EP1763744B1 (de) 2004-04-30 2017-07-19 BlackBerry Limited System und verfahren zur eigneranwendungssteuerung elektronischer einrichtungen
US7908653B2 (en) * 2004-06-29 2011-03-15 Intel Corporation Method of improving computer security through sandboxing
US7484247B2 (en) * 2004-08-07 2009-01-27 Allen F Rozman System and method for protecting a computer system from malicious software
US8819639B2 (en) * 2004-09-15 2014-08-26 Lakeside Software, Inc. System for selectively blocking execution of applications on a computer system
US20060123398A1 (en) * 2004-12-08 2006-06-08 Mcguire James B Apparatus and method for optimization of virtual machine operation
US20060156400A1 (en) * 2005-01-06 2006-07-13 Gbs Laboratories Llc System and method for preventing unauthorized access to computer devices
US8024523B2 (en) 2007-11-07 2011-09-20 Endeavors Technologies, Inc. Opportunistic block transmission with time constraints
JP2006323614A (ja) * 2005-05-18 2006-11-30 Fujitsu Ltd 不正防止装置、不正防止プログラム、および不正防止方法
US8346950B1 (en) * 2005-05-19 2013-01-01 Glam Media, Inc. Hosted application server
US7756945B1 (en) 2005-08-02 2010-07-13 Ning, Inc. Interacting with a shared data model
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US8045958B2 (en) 2005-11-21 2011-10-25 Research In Motion Limited System and method for application program operation on a wireless device
US7757269B1 (en) 2006-02-02 2010-07-13 Mcafee, Inc. Enforcing alignment of approved changes and deployed changes in the software change life-cycle
US8332906B2 (en) 2006-02-27 2012-12-11 Research In Motion Limited Method of customizing a standardized IT policy
US7895573B1 (en) 2006-03-27 2011-02-22 Mcafee, Inc. Execution environment file inventory
US8060916B2 (en) * 2006-11-06 2011-11-15 Symantec Corporation System and method for website authentication using a shared secret
US8332929B1 (en) 2007-01-10 2012-12-11 Mcafee, Inc. Method and apparatus for process enforced configuration management
US9424154B2 (en) 2007-01-10 2016-08-23 Mcafee, Inc. Method of and system for computer system state checks
US20090125977A1 (en) * 2007-10-31 2009-05-14 Docomo Communications Laboratories Usa, Inc. Language framework and infrastructure for safe and composable applications
US8892738B2 (en) 2007-11-07 2014-11-18 Numecent Holdings, Inc. Deriving component statistics for a stream enabled application
US8789159B2 (en) * 2008-02-11 2014-07-22 Microsoft Corporation System for running potentially malicious code
US20100058016A1 (en) * 2008-08-26 2010-03-04 Jari Nikara Method, apparatus and software product for multi-channel memory sandbox
JP2010092376A (ja) * 2008-10-10 2010-04-22 Softbank Mobile Corp 情報処理装置、情報処理方法及び情報処理プログラム
US8745361B2 (en) * 2008-12-02 2014-06-03 Microsoft Corporation Sandboxed execution of plug-ins
US8381284B2 (en) 2009-08-21 2013-02-19 Mcafee, Inc. System and method for enforcing security policies in a virtual environment
US9552497B2 (en) 2009-11-10 2017-01-24 Mcafee, Inc. System and method for preventing data loss using virtual machine wrapped applications
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US8938800B2 (en) 2010-07-28 2015-01-20 Mcafee, Inc. System and method for network level protection against malicious software
US8549003B1 (en) 2010-09-12 2013-10-01 Mcafee, Inc. System and method for clustering host inventories
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
US9075993B2 (en) 2011-01-24 2015-07-07 Mcafee, Inc. System and method for selectively grouping and managing program files
US9112830B2 (en) 2011-02-23 2015-08-18 Mcafee, Inc. System and method for interlocking a host and a gateway
US8973158B2 (en) 2011-07-20 2015-03-03 Microsoft Technology Licensing Llc Trust level activation
US8832447B2 (en) 2011-08-10 2014-09-09 Sony Corporation System and method for using digital signatures to assign permissions
US9594881B2 (en) 2011-09-09 2017-03-14 Mcafee, Inc. System and method for passive threat detection using virtual memory inspection
US8694738B2 (en) 2011-10-11 2014-04-08 Mcafee, Inc. System and method for critical address space protection in a hypervisor environment
US9069586B2 (en) 2011-10-13 2015-06-30 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8973144B2 (en) 2011-10-13 2015-03-03 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8713668B2 (en) 2011-10-17 2014-04-29 Mcafee, Inc. System and method for redirected firewall discovery in a network environment
US8739272B1 (en) 2012-04-02 2014-05-27 Mcafee, Inc. System and method for interlocking a host and a gateway
US8973146B2 (en) 2012-12-27 2015-03-03 Mcafee, Inc. Herd based scan avoidance system in a network environment
EP3061030A4 (de) 2013-10-24 2017-04-19 McAfee, Inc. Agentenunterstützte blockierung böswilliger anwendungen in einer netzwerkumgebung
US11176240B1 (en) * 2021-04-20 2021-11-16 Stanley Kevin Miles Multi-transfer resource allocation using modified instances of corresponding records in memory
US11461456B1 (en) * 2015-06-19 2022-10-04 Stanley Kevin Miles Multi-transfer resource allocation using modified instances of corresponding records in memory
JP6901997B2 (ja) 2018-05-31 2021-07-14 富士フイルム株式会社 プログラムの実行制御方法、プログラム、記録媒体、ウェブページ、送信サーバ、クライアントおよびウェブシステム

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB8916586D0 (en) * 1989-07-20 1989-09-06 Int Computers Ltd Distributed data processing system
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
ATE177857T1 (de) * 1992-05-15 1999-04-15 Addison M Fischer Verfahren und vorrichtung zur sicherheit eines computersystem mit programmberechtigungsdatenstrukturen
US5235642A (en) * 1992-07-21 1993-08-10 Digital Equipment Corporation Access control subsystem and method for distributed computer system using locally cached authentication credentials
US5720033A (en) * 1994-06-30 1998-02-17 Lucent Technologies Inc. Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems
US5692047A (en) * 1995-12-08 1997-11-25 Sun Microsystems, Inc. System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources
US5928323A (en) * 1996-05-30 1999-07-27 Sun Microsystems, Inc. Apparatus and method for dynamically generating information with server-side software objects
US5825877A (en) * 1996-06-11 1998-10-20 International Business Machines Corporation Support for portable trusted software
US5958051A (en) * 1996-11-27 1999-09-28 Sun Microsystems, Inc. Implementing digital signatures for data streams and data archives
US5892904A (en) * 1996-12-06 1999-04-06 Microsoft Corporation Code certification for network transmission

Also Published As

Publication number Publication date
JP2002503364A (ja) 2002-01-29
DE69838378T2 (de) 2008-05-29
WO1998044404A1 (en) 1998-10-08
EP0972234A1 (de) 2000-01-19
EP0972234B1 (de) 2007-09-05
US6167522A (en) 2000-12-26

Similar Documents

Publication Publication Date Title
DE69838378D1 (de) Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten
DE69715494D1 (de) Internetfähiges Portfolioverwaltungssystem, Verfahren und Programmprodukt
DE69821387D1 (de) Kommunikationsverfahren und vorrichtung
DE3872059T2 (de) Verfahren und vorrichtungen, um duftstoffe zu verteilen.
DE69729095D1 (de) Pülverfüllanlage, vorrichtung und verfahren
DE69831795D1 (de) Intelligenter kommunikationsserver und kommunikationssystem
DE60009819D1 (de) Netzwerkgerätskonfigurationsverfahren und Vorrichtung
DE69533533D1 (de) Kommunikationssystem, Server und Verfahren zur Adressenverwaltung
DE69927131D1 (de) Kommunikationsverfahren, -system und -vorrichtung und Server
DE69929314D1 (de) Verfahren, vorrichtung und apparat um information bereit zustellen
EE200000491A (et) Autentimismeetod, -süsteem ja -seade
BR0107459A (pt) Aperfeiçoamento introduzido em sistema de autenticação, aparato para a realização da referida autenticação e aparato de terminal
DE69941313D1 (de) Datenkommunikationssystem, Datenkommunikationsverfahren und Datenkommunikationsvorrichtung
DE69840059D1 (de) Anzeigeverfahren, Anzeigegerät und Kommunikationsverfahren
DE69812339D1 (de) Datenkommunikationsvorrichtung, datenkommunikationssystem und datenkommunikationsverfahren
DE69421191D1 (de) Kommunikationsverfahren und vorrichtung dafür
EP0664545A3 (de) Verfahren und Vorrichtung zur Verwaltung von Meldungen.
EE200000280A (et) Kaugsidesüsteemis kasutatav meetod ja seade
EE9900513A (et) Kaugsidevõrgus kasutatav meetod ja süsteem
DK0999854T3 (da) Omskiftelige viskoelastiske systemer, der indeholder galactomannanpolymerer og -borater
IS4925A (is) Flytjanlegt, öruggt aðgerðakerfi fyrir forritanlegan búnað
EE200000019A (et) Meetod ja kaugsidevõrgu aparatuuri kuuluv seade
DE642282T1 (de) Vorrichtung zur Kommunikation zwischen privaten Fernsprechnetzen und dafür verwendbarer Emulator.
DE69629242D1 (de) Terminal, Netzwerk und Übertragungssystem
AU6939598A (en) Method, system, and computer program product for spread spectrum communication using circular waveform shift-keying

Legal Events

Date Code Title Description
8364 No opposition during term of opposition