WO1999044138A3 - Exigences de securite dans des systemes a empilement - Google Patents

Exigences de securite dans des systemes a empilement Download PDF

Info

Publication number
WO1999044138A3
WO1999044138A3 PCT/US1999/003519 US9903519W WO9944138A3 WO 1999044138 A3 WO1999044138 A3 WO 1999044138A3 US 9903519 W US9903519 W US 9903519W WO 9944138 A3 WO9944138 A3 WO 9944138A3
Authority
WO
WIPO (PCT)
Prior art keywords
security requirements
stack
methods
call stack
thread
Prior art date
Application number
PCT/US1999/003519
Other languages
English (en)
Other versions
WO1999044138A2 (fr
Inventor
Robert Scheifler
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/044,944 external-priority patent/US6226746B1/en
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Priority to EP99907134A priority Critical patent/EP1057110A2/fr
Priority to KR1020007008972A priority patent/KR20010040981A/ko
Priority to JP2000533821A priority patent/JP2002505477A/ja
Priority to AU26866/99A priority patent/AU2686699A/en
Publication of WO1999044138A2 publication Critical patent/WO1999044138A2/fr
Publication of WO1999044138A3 publication Critical patent/WO1999044138A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/42Loop networks
    • H04L12/427Loop networks with decentralised control
    • H04L12/433Loop networks with decentralised control with asynchronous transmission, e.g. token ring, register insertion
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/468Specific access rights for resources, e.g. using capability register
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/133Protocols for remote procedure calls [RPC]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Multi Processors (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un système permettant d'obtenir les exigences de sécurité pour une action demandée par un fil d'exécution d'un ordinateur. Ce fil appelle plusieurs procédés lors de son exécution. Le système comprend une pile d'appels et une unité de détermination. La pile d'appels conserve des exigences concernant l'identificateur et la sécurité pour chacun des procédés, dans l'ordre où ils sont appelés par le fil d'exécution. L'unité de détermination combine les exigences de sécurité des procédés, à partir de la pile d'appels, afin d'obtenir les exigences de sécurité pour l'action demandée.
PCT/US1999/003519 1998-02-26 1999-02-18 Exigences de securite dans des systemes a empilement WO1999044138A2 (fr)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP99907134A EP1057110A2 (fr) 1998-02-26 1999-02-18 Exigences de securite dans des systemes a empilement
KR1020007008972A KR20010040981A (ko) 1998-02-26 1999-02-18 스택에 기초한 보안 조건
JP2000533821A JP2002505477A (ja) 1998-02-26 1999-02-18 スタックベースのセキュリティ要求
AU26866/99A AU2686699A (en) 1998-02-26 1999-02-18 Stack-based security requirements

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US7604898P 1998-02-26 1998-02-26
US60/076,048 1998-02-26
US09/044,944 US6226746B1 (en) 1998-03-20 1998-03-20 Stack-based system and method to combine security requirements of methods
US09/044,944 1998-03-20

Publications (2)

Publication Number Publication Date
WO1999044138A2 WO1999044138A2 (fr) 1999-09-02
WO1999044138A3 true WO1999044138A3 (fr) 1999-11-04

Family

ID=26722193

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1999/003519 WO1999044138A2 (fr) 1998-02-26 1999-02-18 Exigences de securite dans des systemes a empilement

Country Status (6)

Country Link
EP (1) EP1057110A2 (fr)
JP (1) JP2002505477A (fr)
KR (1) KR20010040981A (fr)
CN (1) CN1298511A (fr)
AU (1) AU2686699A (fr)
WO (1) WO1999044138A2 (fr)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100560166B1 (ko) * 2001-12-05 2006-03-13 한국전자통신연구원 실시간 버퍼 오버플로우 해킹 탐지 방법
JP4062441B2 (ja) 2003-07-18 2008-03-19 日本電気株式会社 並列処理システム及び並列処理プログラム
US7284107B2 (en) * 2004-04-30 2007-10-16 Microsoft Corporation Special-use heaps
JP4844102B2 (ja) * 2005-11-30 2011-12-28 富士ゼロックス株式会社 サブプログラム及びそのサブプログラムを実行する情報処理装置
KR100949949B1 (ko) * 2008-02-28 2010-03-30 주식회사 안철수연구소 콜 스택을 이용한 디버깅 방지 방법 및 장치
US10229280B2 (en) * 2011-06-14 2019-03-12 International Business Machines Corporation System and method to protect a resource using an active avatar

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0635792A2 (fr) * 1993-07-16 1995-01-25 Siemens Aktiengesellschaft Méthode de coordination d'accès parallèles de plusieurs processeurs aux configurations des ressources
WO1998004971A1 (fr) * 1996-07-25 1998-02-05 Tradewave Corporation Procede et systeme de mise en application d'un protocole generalise sur des connexions de communications client/serveur

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0635792A2 (fr) * 1993-07-16 1995-01-25 Siemens Aktiengesellschaft Méthode de coordination d'accès parallèles de plusieurs processeurs aux configurations des ressources
WO1998004971A1 (fr) * 1996-07-25 1998-02-05 Tradewave Corporation Procede et systeme de mise en application d'un protocole generalise sur des connexions de communications client/serveur

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
EMMS J: "A DEFINITION OF AN ACCESS CONTROL SYSTEMS LANGUAGE", COMPUTER STANDARDS AND INTERFACES, vol. 6, no. 4, 1 January 1987 (1987-01-01), pages 443 - 454, XP000005362, ISSN: 0920-5489 *

Also Published As

Publication number Publication date
JP2002505477A (ja) 2002-02-19
CN1298511A (zh) 2001-06-06
KR20010040981A (ko) 2001-05-15
AU2686699A (en) 1999-09-15
WO1999044138A2 (fr) 1999-09-02
EP1057110A2 (fr) 2000-12-06

Similar Documents

Publication Publication Date Title
GB2330503B (en) Server-side asynchronous form management
WO1999044115A3 (fr) Designation par procede des exigences de securite
AU2001243628A1 (en) Real-time scheduling of virtual machines
GB2319102B (en) A security system for a transaction processing system
CA2228014A1 (fr) Procede et appareil pour gerer des ressources sous la commande d'un module protege ou d'un autre processeur protege
WO2001037081A3 (fr) Procede et dispositif de controle d'acces simultane dans un systeme de gestion comportant des politiques
TW371742B (en) A computer operation management system for a computer operating system capable of simultaneously executing plural application programs
WO1999044137A3 (fr) Commande d'acces a base de piles
CA2456840A1 (fr) Procedes et systemes pour ordonnancement de ressources multi-strategie
EP0917057A3 (fr) Architecture d' ordinateur multiprocesseur avec multiples instantiations de système d' exploitation et allocation de ressources commandée par logiciel
EP0953911A3 (fr) Procédé et dispositif pour fournir les niveaux échelonnables de la disponibilité d'application
EP1271327A3 (fr) Table de protection de système
AU8021200A (en) Method and apparatus for entering and exiting multiple threads within a multithreaded processor
CA2367982A1 (fr) Planification des ressources
CA2298593A1 (fr) Architecture destinee a un systeme hybride de commande en temps reel, et procede de fonctionnement associe
CA2297028A1 (fr) Procede et systeme de realisation de flux de donnees heterogenes entre paves d'algorithmes d'un systeme de commande distribue
EP0366581A3 (fr) Méthode pour l'exécution simultanée de programmes d'application distribués par un ordinateur hôte et un poste de travail intelligent sur un réseau SNA
WO2005043335A3 (fr) Systeme d'appel de fonction privilegiee dans un dispositif.
CA2391783A1 (fr) Communication entre un ordinateur client et un ordinateur serveur via http, procede associe, produit programme d'ordinateur et systeme informatique
AU2417901A (en) A system, a device, a computer program product and a method for allocating resources to users
WO1998027478B1 (fr) Ressources complementaires
WO1999044138A3 (fr) Exigences de securite dans des systemes a empilement
JP2000029726A5 (fr)
EP1120712A4 (fr) Systeme d'application web comprenant une fonction de gestion de session/gestion repartie, et mecanisme de commande de ce systeme
EP0910017A3 (fr) Appèl des objets à distance dans un système distribué

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 99805488.7

Country of ref document: CN

AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 1020007008972

Country of ref document: KR

ENP Entry into the national phase

Ref document number: 2000 533821

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 1999907134

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1999907134

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 1020007008972

Country of ref document: KR

WWW Wipo information: withdrawn in national office

Ref document number: 1999907134

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1020007008972

Country of ref document: KR