KR102089826B1 - 사용자 모드에서의 샌드박스 내의 제한된 드라이버 플랫폼의 드라이버 구동 - Google Patents

사용자 모드에서의 샌드박스 내의 제한된 드라이버 플랫폼의 드라이버 구동 Download PDF

Info

Publication number
KR102089826B1
KR102089826B1 KR1020157036987A KR20157036987A KR102089826B1 KR 102089826 B1 KR102089826 B1 KR 102089826B1 KR 1020157036987 A KR1020157036987 A KR 1020157036987A KR 20157036987 A KR20157036987 A KR 20157036987A KR 102089826 B1 KR102089826 B1 KR 102089826B1
Authority
KR
South Korea
Prior art keywords
driver
platform
vpn
variant
security platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
KR1020157036987A
Other languages
English (en)
Korean (ko)
Other versions
KR20160015300A (ko
Inventor
제라르도 디아즈-쿠엘라
디라즈 칸트 굽타
Original Assignee
마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 filed Critical 마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Publication of KR20160015300A publication Critical patent/KR20160015300A/ko
Application granted granted Critical
Publication of KR102089826B1 publication Critical patent/KR102089826B1/ko
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
  • User Interface Of Digital Computer (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)
  • Small-Scale Networks (AREA)
KR1020157036987A 2013-05-31 2013-09-20 사용자 모드에서의 샌드박스 내의 제한된 드라이버 플랫폼의 드라이버 구동 Expired - Fee Related KR102089826B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/906,902 2013-05-31
US13/906,902 US9075985B2 (en) 2013-05-31 2013-05-31 Restricted transmogrifying driver platform
PCT/US2013/060753 WO2014193443A1 (en) 2013-05-31 2013-09-20 Restricted driver platform runs drivers in sandbox in user mode

Publications (2)

Publication Number Publication Date
KR20160015300A KR20160015300A (ko) 2016-02-12
KR102089826B1 true KR102089826B1 (ko) 2020-05-27

Family

ID=49293887

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020157036987A Expired - Fee Related KR102089826B1 (ko) 2013-05-31 2013-09-20 사용자 모드에서의 샌드박스 내의 제한된 드라이버 플랫폼의 드라이버 구동

Country Status (11)

Country Link
US (1) US9075985B2 (https=)
EP (1) EP3005208B1 (https=)
JP (1) JP6348173B2 (https=)
KR (1) KR102089826B1 (https=)
CN (1) CN105453097B (https=)
AU (1) AU2013390782B9 (https=)
BR (1) BR112015029296A2 (https=)
CA (1) CA2910252C (https=)
MX (1) MX352776B (https=)
RU (1) RU2646332C2 (https=)
WO (1) WO2014193443A1 (https=)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2525596B (en) * 2014-04-28 2021-05-26 Arm Ip Ltd Access control and code scheduling
CN104092691A (zh) * 2014-07-15 2014-10-08 北京奇虎科技有限公司 免root权限的联网防火墙的实现方法及客户端
US10289853B2 (en) 2016-03-31 2019-05-14 Microsoft Technology Licensing, Llc Secure driver platform
US10282210B2 (en) * 2016-06-13 2019-05-07 Huawei Technologies Co., Ltd. System and method for virtual hardware control
US10375111B2 (en) 2016-11-12 2019-08-06 Microsoft Technology Licensing, Llc Anonymous containers
US10445257B2 (en) 2017-04-30 2019-10-15 Microsoft Technology Licensing, Llc Execution of subset of driver code in separate protection domain
CN107171894A (zh) * 2017-06-15 2017-09-15 北京奇虎科技有限公司 终端设备、分布式云端检测系统以及样本检测的方法
CN107402784B (zh) * 2017-07-07 2021-06-04 北京小米移动软件有限公司 应用管理方法及应用管理装置
CN108234526B (zh) * 2018-04-12 2020-06-26 厦门安胜网络科技有限公司 一种在沙箱中获取https数据的方法、装置、设备及可读介质
CN109657457B (zh) * 2018-12-27 2021-11-19 北京联创信安科技股份有限公司 一种面向业务环境的智能化内外双层沙箱管理系统
US11153315B2 (en) * 2019-05-30 2021-10-19 Bank Of America Corporation Controlling access to secure information resources using rotational datasets and dynamically configurable data containers
DE102020200969A1 (de) * 2020-01-28 2021-07-29 Robert Bosch Gesellschaft mit beschränkter Haftung Verfahren zum Instanziieren mindestens einer Ausführungsumgebung
KR20210125330A (ko) 2020-04-08 2021-10-18 삼성전자주식회사 보안 데이터 처리 방법 및 이를 지원하는 전자 장치
CN116171424B (zh) * 2020-09-09 2025-06-06 华为技术有限公司 异构i/o设备发现和握手

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999039254A2 (en) 1998-01-30 1999-08-05 3Com Corporation Providing low level hardware device driver from user mode under multi-tasking operating systems
US20060242270A1 (en) 2005-04-21 2006-10-26 Microsoft Corporation Isolation of user-mode device drivers
US20070088890A1 (en) 2004-11-10 2007-04-19 Microsoft Corporation System and method for interrupt handling

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7508532B2 (en) * 2003-05-20 2009-03-24 Microsoft Corporation Method and system for sandboxing printer drivers
US7457626B2 (en) * 2004-03-19 2008-11-25 Microsoft Corporation Virtual private network structure reuse for mobile computing devices
US7784065B2 (en) * 2005-02-07 2010-08-24 Microsoft Corporation Interface for consistent program interaction with auxiliary computing devices
US7603484B2 (en) * 2005-04-21 2009-10-13 Microsoft Corporation Protocol for communication with a user-mode device driver
US7581051B2 (en) 2005-05-16 2009-08-25 Microsoft Corporation Method for delivering interrupts to user mode drivers
US8659505B2 (en) * 2005-08-31 2014-02-25 Mircosoft Corporation Auxiliary display device driver interface
GB2430523B (en) * 2005-09-22 2010-02-17 Software 2000 Ltd Managing user permissions in a computer system
US8074231B2 (en) * 2005-10-26 2011-12-06 Microsoft Corporation Configuration of isolated extensions and device drivers
US20070101342A1 (en) * 2005-10-31 2007-05-03 Microsoft Corporation Automated device driver management
US7941813B1 (en) 2006-02-17 2011-05-10 Parallels Holdings, Ltd. System and method for using virtual machine for driver installation sandbox
US8281387B2 (en) * 2006-06-30 2012-10-02 Intel Corporation Method and apparatus for supporting a virtual private network architecture on a partitioned platform
CN101478407B (zh) * 2008-01-03 2011-05-25 联想(北京)有限公司 在线安全登录的方法及装置
US8850409B2 (en) * 2008-05-21 2014-09-30 Optumsoft, Inc. Notification-based constraint set translation to imperative execution
US8429741B2 (en) 2008-08-29 2013-04-23 Google, Inc. Altered token sandboxing
US8381288B2 (en) 2008-09-30 2013-02-19 Intel Corporation Restricted component access to application memory
US9262628B2 (en) 2009-09-11 2016-02-16 Empire Technology Development Llc Operating system sandbox
US8775802B1 (en) * 2009-10-23 2014-07-08 Secure Vector Computer security system and method
US8997078B2 (en) * 2011-04-12 2015-03-31 Pivotal Software, Inc. Release lifecycle management system for a multi-node application
US20130067531A1 (en) * 2011-09-12 2013-03-14 Microsoft Corporation Access Brokering Based on Declarations and Consent

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999039254A2 (en) 1998-01-30 1999-08-05 3Com Corporation Providing low level hardware device driver from user mode under multi-tasking operating systems
US20070088890A1 (en) 2004-11-10 2007-04-19 Microsoft Corporation System and method for interrupt handling
US20060242270A1 (en) 2005-04-21 2006-10-26 Microsoft Corporation Isolation of user-mode device drivers

Also Published As

Publication number Publication date
US9075985B2 (en) 2015-07-07
AU2013390782B2 (en) 2019-06-20
MX352776B (es) 2017-12-07
CN105453097A (zh) 2016-03-30
CA2910252C (en) 2020-09-08
BR112015029296A2 (pt) 2017-07-25
RU2646332C2 (ru) 2018-03-02
EP3005208B1 (en) 2019-01-02
KR20160015300A (ko) 2016-02-12
RU2015150949A (ru) 2017-06-01
CA2910252A1 (en) 2014-12-04
JP2016526226A (ja) 2016-09-01
MX2015016351A (es) 2016-04-13
CN105453097B (zh) 2018-05-29
AU2013390782B9 (en) 2019-07-04
JP6348173B2 (ja) 2018-06-27
US20140359706A1 (en) 2014-12-04
WO2014193443A1 (en) 2014-12-04
EP3005208A1 (en) 2016-04-13
AU2013390782A1 (en) 2015-11-12

Similar Documents

Publication Publication Date Title
KR102089826B1 (ko) 사용자 모드에서의 샌드박스 내의 제한된 드라이버 플랫폼의 드라이버 구동
CN110199271B (zh) 用于现场可编程门阵列虚拟化的方法和设备
EP3568789B1 (en) Signature verification of field-programmable gate array programs
US11048544B2 (en) Cloud resource credential provisioning for services running in virtual machines and containers
JP6397500B2 (ja) 仮想マシン・マネージャーによって支援される選択的コード完全性強制
US9116712B2 (en) Compile based obfuscation
US20180096113A1 (en) Content Protection for a Screen Sharing Experience
US10908948B2 (en) Multiple application instances in operating systems that utilize a single process for application execution
US20190266338A1 (en) Electronic device and control method therefor
US10303462B2 (en) Windows support of a pluggable ecosystem for universal windows application stores
US20180300160A1 (en) Host and Component Relationship between Applications
US11082491B2 (en) Propagating origin information for applications during application installation

Legal Events

Date Code Title Description
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

P22-X000 Classification modified

St.27 status event code: A-2-2-P10-P22-nap-X000

A201 Request for examination
P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

GRNT Written decision to grant
PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

P22-X000 Classification modified

St.27 status event code: A-4-4-P10-P22-nap-X000

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5

PC1903 Unpaid annual fee

St.27 status event code: A-4-4-U10-U13-oth-PC1903

Not in force date: 20250311

Payment event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

H13 Ip right lapsed

Free format text: ST27 STATUS EVENT CODE: N-4-6-H10-H13-OTH-PC1903 (AS PROVIDED BY THE NATIONAL OFFICE); TERMINATION CATEGORY : DEFAULT_OF_REGISTRATION_FEE

Effective date: 20250311

PC1903 Unpaid annual fee

St.27 status event code: N-4-6-H10-H13-oth-PC1903

Ip right cessation event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

Not in force date: 20250311