WO2004015571A2 - Procede de communication entre applications destine a securiser l'acces aux donnees d'une application - Google Patents
Procede de communication entre applications destine a securiser l'acces aux donnees d'une application Download PDFInfo
- Publication number
- WO2004015571A2 WO2004015571A2 PCT/FR2003/002466 FR0302466W WO2004015571A2 WO 2004015571 A2 WO2004015571 A2 WO 2004015571A2 FR 0302466 W FR0302466 W FR 0302466W WO 2004015571 A2 WO2004015571 A2 WO 2004015571A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- value
- request
- applications
- variable
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/468—Specific access rights for resources, e.g. using capability register
Definitions
- the present invention relates to the field of communication between applications within an operating system.
- applications In fact, in standard computer operating systems (“Windows” (registered trademark), etc.), launched applications exchange messages through the system to obtain information about each other.
- Windows registered trademark
- launched applications exchange messages through the system to obtain information about each other.
- the present invention thus intends to respond to the problem of confidentiality on the Internet by prohibiting certain or all applications from having access to user data collected by a browser for example.
- a known solution consists in developing alternatives to widely used applications so as to take advantage of the ignorance of these new applications by spyware.
- the main and fundamental limitation of this solution is that when the alternative becomes known, spyware developers include it in the list of applications with which they can communicate.
- the present invention intends to remedy the drawbacks of the prior art by proposing a system using the standard inter-application messages of the operating system to control access to its data by an application.
- the present invention is of the type described above and it is remarkable in its broadest acceptance, in that it relates to a method of communication between at least two applications A and B in an operating system intended to prevent the application B to access the content of the information of a window of the application A characterized in that it comprises the following steps: a step of creating at least one variable by the application A;
- the two applications A and B are the same, that is to say that A is equal to B.
- the method then comprises an additional step consisting in modifying the value of the variable so that said request is considered valid.
- the verification step is carried out by an overloaded operating system function.
- the operating system is “Microsoft Windows” (registered trademark) but it can be any other operating system capable of using / managing messages between applications.
- said value verified by the application A is different from a predefined value and the response step consists in not satisfying said request.
- said value verified by the application A is equal to a predefined value and the response step consists in satisfying said request.
- FIG. 1 illustrates the standard communication process between two applications
- FIG. 2 illustrates the communication process between two applications according to the invention.
- an application A which can be instant messaging software equipped with spyware, seeks to retrieve the value of the URL field of a window of an application B which can for example be a browser Internet.
- the applications communicate according to the method described below and illustrated in FIG. 1.
- step (1) an application A sends a message to an application B in order to obtain information on elements of the application B.
- Step (2) consists of application B or one of its internal functions processing the message.
- Step (3) is the response from application B to application A by providing the requested information.
- FIG. 2 In a system comprising an application B provided with the method according to the invention, the communications between another application A and said application B are illustrated in FIG. 2.
- step (4) an application A sends a message to an application B in order to obtain information on elements of the application B.
- Step (5) consists for application B or one of its internal functions in processing the message according to the value of a variable internal to application B at the time of processing the message. If the value authorizes the response to the message, the application B responds to the application A in the same way as in the standard method (step 6).
- application B does not respond to application A but indicates to the operating system that the message has been processed (step 7).
- An application A wishing to obtain information from an application B generates a “send_message” command with the message type and the identity of the recipient as parameters. If the target application B is a browser and the application seeks to obtain the content of the URL field of application B, the type of message will be CB_GETLBTEXT and the identity of the recipient will be the window identifier of the target application B. This command induces the creation of a variable in the registers of application A intended to collect the response of the targeted application as well as the sending of a message to the operating system containing the address of the registry variable and the identity of the recipient.
- the operating system receives the message from application A and sends the address of the registry variable to the window of application B concerned.
- the processing function For each message in the stack, the processing function reads the message and responds to it by filling in blank fields in the register of application A created when the message is sent by the latter. In some versions of “Microsoft Windows” (registered trademark), these fields are called “wparam” and “lparam”, and contain on the one hand the length of the response and on the other hand the response. In “Microsoft Windows” (registered trademark), if the request consisted in obtaining the value of the URL field from the browser, the window processing function would read the value contained for the variable "ComboBoxEx" (corresponding to said URL field) to give the reply. The application A reads the response recorded in its registers and then deletes the variable created for this message.
- the method according to the invention consists in carrying out the following operations.
- the provenance variable is set to 1. In all cases, a message intended for the window of application B is transmitted first to the new processing function.
- the new processing function When a message is received, the new processing function first scans the register containing the provenance variable and reads its value. If this value is equal to 1, the message is transmitted to the standard processing function of the window which ends the processing according to the method described above. If the source variable is 0, the message is not processed and application B sends a message to the operating system to tell it that the message has been processed.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2003274227A AU2003274227A1 (en) | 2002-08-06 | 2003-08-05 | Method of communicating between applications which is intended to secure access to application data |
US10/523,037 US20060010319A1 (en) | 2002-08-06 | 2003-08-05 | Method of communicating between applications which is intended to secure access to application data |
EP03758210A EP1527391A2 (fr) | 2002-08-06 | 2003-08-05 | Procede de communication entre applications destine a securiser l'acces aux donnees d'une application |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR02/10000 | 2002-08-06 | ||
FR0210000A FR2843465B1 (fr) | 2002-08-06 | 2002-08-06 | Procede de communication entre applications destine a securiser l'acces aux donnees d'une application |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2004015571A2 true WO2004015571A2 (fr) | 2004-02-19 |
WO2004015571A3 WO2004015571A3 (fr) | 2004-05-13 |
Family
ID=30470964
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR2003/002466 WO2004015571A2 (fr) | 2002-08-06 | 2003-08-05 | Procede de communication entre applications destine a securiser l'acces aux donnees d'une application |
Country Status (5)
Country | Link |
---|---|
US (1) | US20060010319A1 (fr) |
EP (1) | EP1527391A2 (fr) |
AU (1) | AU2003274227A1 (fr) |
FR (1) | FR2843465B1 (fr) |
WO (1) | WO2004015571A2 (fr) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7627219B2 (en) | 2007-11-01 | 2009-12-01 | Ofs Fitel Llc | Large mode area fiber amplifiers with reduced stimulated brillouin scattering |
US11240044B2 (en) * | 2018-11-22 | 2022-02-01 | International Business Machines Corporation | Verifying purpose of data usage at sub-application granularity |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0456386A2 (fr) * | 1990-05-11 | 1991-11-13 | International Computers Limited | Commande d'accès dans un système informatique réparti |
EP0770957A2 (fr) * | 1995-10-26 | 1997-05-02 | Sun Microsystems, Inc. | Système et méthode pour protéger l'utilisation de modules exécutables liés dynamiquement |
WO1997038375A1 (fr) * | 1996-04-04 | 1997-10-16 | British Telecommunications Public Limited Company | Serveur internet et procede de commande d'un serveur internet |
WO2001009703A1 (fr) * | 1999-08-02 | 2001-02-08 | Harris Interactive, Inc. | Systeme de protection d'informations sur internet |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5781633A (en) * | 1996-07-01 | 1998-07-14 | Sun Microsystems, Inc. | Capability security for transparent distributed object systems |
IL123512A0 (en) * | 1998-03-02 | 1999-03-12 | Security 7 Software Ltd | Method and agent for the protection against hostile resource use access |
EP1216587B1 (fr) * | 1999-10-01 | 2006-06-21 | Swisscom Mobile AG | Méthode pour vérifier dans un appareil mobile l'authenticité de certificats électroniques émis par une instance de certification, et module d'identification correspondant |
US6889378B2 (en) * | 2000-07-24 | 2005-05-03 | Sony Corporation | Information processing method, inter-task communication method, and computer-executable program for the same |
DE10105284A1 (de) * | 2001-02-06 | 2002-08-29 | Infineon Technologies Ag | Mikroprozessorschaltung für Datenträger und Verfahren zum Organisieren des Zugriffs auf in einem Speicher abgelegten Daten |
JP4099320B2 (ja) * | 2001-04-25 | 2008-06-11 | 株式会社日立製作所 | ストレージシステム |
JP2003085147A (ja) * | 2001-09-14 | 2003-03-20 | Fujitsu Ltd | 情報処理システム |
-
2002
- 2002-08-06 FR FR0210000A patent/FR2843465B1/fr not_active Expired - Fee Related
-
2003
- 2003-08-05 WO PCT/FR2003/002466 patent/WO2004015571A2/fr not_active Application Discontinuation
- 2003-08-05 EP EP03758210A patent/EP1527391A2/fr not_active Withdrawn
- 2003-08-05 US US10/523,037 patent/US20060010319A1/en not_active Abandoned
- 2003-08-05 AU AU2003274227A patent/AU2003274227A1/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0456386A2 (fr) * | 1990-05-11 | 1991-11-13 | International Computers Limited | Commande d'accès dans un système informatique réparti |
EP0770957A2 (fr) * | 1995-10-26 | 1997-05-02 | Sun Microsystems, Inc. | Système et méthode pour protéger l'utilisation de modules exécutables liés dynamiquement |
WO1997038375A1 (fr) * | 1996-04-04 | 1997-10-16 | British Telecommunications Public Limited Company | Serveur internet et procede de commande d'un serveur internet |
WO2001009703A1 (fr) * | 1999-08-02 | 2001-02-08 | Harris Interactive, Inc. | Systeme de protection d'informations sur internet |
Non-Patent Citations (2)
Title |
---|
JOHN BERRY: "C++ Programming" 1989 , THE WAITE GROUP INC , U.S.A XP002249008 page 149, ligne 1 -page 153, ligne 6 * |
THEIMER M M ET AL: "DELEGATION THROUGH ACCESS CONTROL PROGRAMS" PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS. YOKOHAMA, JUNE 9 - 12, 1992, LOS ALAMITOS, IEEE COMP. SOC. PRESS, US, vol. CONF. 12, 9 juin 1992 (1992-06-09), pages 529-536, XP000341049 ISBN: 0-8186-2865-0 * |
Also Published As
Publication number | Publication date |
---|---|
AU2003274227A1 (en) | 2004-02-25 |
US20060010319A1 (en) | 2006-01-12 |
FR2843465B1 (fr) | 2005-07-01 |
EP1527391A2 (fr) | 2005-05-04 |
FR2843465A1 (fr) | 2004-02-13 |
WO2004015571A3 (fr) | 2004-05-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9842230B1 (en) | System and method for automatically detecting and then self-repairing corrupt, modified or non-existent files via a communication medium | |
US8010612B2 (en) | Secure transactional communication | |
EP2371096B1 (fr) | Procédé d'envoi de fichier électronique | |
EP2614458B1 (fr) | Procede d'authentification pour l'acces a un site web | |
EP1670208A1 (fr) | Identification du terminal et securité | |
US9965600B2 (en) | Increased security using dynamic watermarking | |
EP2249543B1 (fr) | Procédé pour autoriser une connexion entre un terminal informatique et un serveur source | |
FR2973626A1 (fr) | Mecanisme de redirection entrante sur un proxy inverse | |
FR2895611A1 (fr) | Architecture et procede pour controler le transfert d'informations entre utilisateurs | |
US20020129239A1 (en) | System for secure communication between domains | |
FR2747208A1 (fr) | Procede de dissimulation d'un code secret dans un dispositif d'authentification informatique | |
EP1637989A1 (fr) | Procédé et système de séparation de comptes de données personnelles | |
US20020129273A1 (en) | Secure content server apparatus and method | |
WO2002084512A1 (fr) | Procede et systeme de controle d'acces depuis l'exterieur | |
CA2306677A1 (fr) | Systeme de traitement de l'information permettant la securisation des communications entre composants logiciels | |
WO2004015571A2 (fr) | Procede de communication entre applications destine a securiser l'acces aux donnees d'une application | |
EP3549330B1 (fr) | Procédé et système pour réaliser une operation sensible au cours d'une session de communication | |
EP1091276A1 (fr) | Dispositif et procédé d'authentification de ressources hypertextes par protocole de signature numérique | |
EP3644146B1 (fr) | Dispositif d'enregistrement d'intrusion informatique | |
EP0928445A1 (fr) | Procede d'acces conditionnel a une ressource internet depuis un terminal pourvu d'un lecteur de carte a microcircuit | |
EP3476107B1 (fr) | Procédé et dispositif de contrôle de flux de données transmis selon le protocole dns (domain name system) | |
CA2450488C (fr) | Systeme et methode de suppression de courriels non sollicites | |
FR3138541A1 (fr) | Procédé de création d’un avatar d’un utilisateur | |
CN115941349A (zh) | 社交通信方法、装置、设备及计算机可读存储介质 | |
FR3007929A1 (fr) | Procede d'authentification d'un utilisateur d'un terminal mobile |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2003758210 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10523037 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 2003758210 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2006010319 Country of ref document: US Kind code of ref document: A1 |
|
WWP | Wipo information: published in national office |
Ref document number: 10523037 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2003758210 Country of ref document: EP |