Method and apparatus for enforcing security policies in Java applications
First Claim
Patent Images
1. A method in a data processing system for enforcing security policies, the method comprising:
- responsive to loading a class, determining whether a security policy exists for the class; and
responsive to a determination that a security policy exists for the class, inserting code into the class, wherein the code inserted is based on the security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus, and computer implemented instructions for enforcing security policies in a data processing system. In response to loading a class, a determination is made as to whether a security policy exists for the class. In the depicted examples, the class is a Java. Code is inserted into the class, wherein the code inserted is based on the policy in response to a determination that a security policy exists for the class.
63 Citations
40 Claims
-
1. A method in a data processing system for enforcing security policies, the method comprising:
-
responsive to loading a class, determining whether a security policy exists for the class; and
responsive to a determination that a security policy exists for the class, inserting code into the class, wherein the code inserted is based on the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method in a data processing system for enforcing security policies, the method comprising:
-
analyzing a set of bytecodes for a class loaded into memory to form an analysis; and
selectively inserting bytecodes for a security check into the set of bytecodes based on the analysis. - View Dependent Claims (9, 10)
-
-
11. A data processing system comprising:
-
a bus system;
a communications unit connected to the bus system;
a memory connected to the bus system, wherein the memory includes a set of instructions; and
a processing unit connected to the bus system, wherein the processing unit executes the set of instructions to determine whether a security policy exists for a class in response to loading the class; and
insert code into the class, wherein the code inserted is based on the policy in response to a determination that a security policy exists for the class. - View Dependent Claims (12, 13, 14, 15, 17, 18, 19, 20)
-
-
16. A data processing system comprising:
-
a bus system;
a communications unit connected to the bus system;
a memory connected to the bus system, wherein the memory includes a set of instructions; and
a processing unit connected to the bus system, wherein the processing unit executes the set of instructions to analyze a set of bytecodes for a class loaded into memory to form an analysis; and
selectively insert bytecodes for a security check into the set of bytecodes based on the analysis.
-
-
21. A data processing system for enforcing security policies, the data processing system comprising:
-
determining means, responsive to loading a class, for determining whether a security policy exists for the class; and
inserting means, responsive to a determination that a security policy exists for the class, for inserting code into the class, wherein the code inserted is based on the security policy. - View Dependent Claims (22, 23, 24, 25, 26, 27, 29, 30)
-
-
28. A data processing system for enforcing security policies, the data processing system comprising:
-
analyzing means for analyzing a set of bytecodes for a class loaded into memory to form an analysis; and
inserting means for selectively inserting bytecodes for a security check into the set of bytecodes based on the analysis.
-
-
31. A computer program product in a computer readable medium for enforcing security policies, the computer program product comprising:
-
first instructions, responsive to loading a class, for determining whether a security policy exists for the class; and
second instructions, responsive to a determination that a security policy exists for the class, for inserting code into the class, wherein the code inserted is based on the security policy. - View Dependent Claims (32, 33, 34, 35, 36, 37, 39, 40)
-
-
38. A computer program product in a computer readable medium for enforcing security policies, the computer program product comprising:
-
first instructions for analyzing a set of bytecodes for a class loaded into memory to form an analysis; and
second instructions for selectively inserting bytecodes for a security check into the set of bytecodes based on the analysis.
-
Specification