Using limits on address translation to control access to an addressable entity

US 20030200412A1
Filed: 11/01/2002
Published: 10/23/2003
Est. Priority Date: 04/17/2002
Status: Active Grant

First Claim

Patent Images

1. A method of controlling access to one or more resources in accordance with a policy, the method comprising:

receiving a request to allow a source to access one of the resources; and

if the request is allowable under the policy, and if execution of the request will not result in a circumstance under which the source can use a virtual address to address a resource to which access is unallowable under the policy, then allowing the request.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.

Citations

79 Claims

1. A method of controlling access to one or more resources in accordance with a policy, the method comprising:
- receiving a request to allow a source to access one of the resources; and
  
  if the request is allowable under the policy, and if execution of the request will not result in a circumstance under which the source can use a virtual address to address a resource to which access is unallowable under the policy, then allowing the request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising:
    - initializing the resources to a state in which none of the resources to which access is unallowable under the policy has a virtual address usable by the source.
  - 3. The method of claim 1, wherein the resources comprise individually-addressable units of a random access memory.
  - 4. The method of claim 1, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where the source can use a virtual address to address a resource that the source is not allowed to write under the policy.
  - 5. The method of claim 1, wherein information that affects which of the resources corresponds to a given virtual address is stored in a set of the resources, and wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where access to any of the resources in the set is disallowed under the policy.
  - 6. The method of claim 1, wherein information that affects which of the resources corresponds to a given virtual address is stored in a set of the resources, wherein each virtual address is associated with an attribute indicating whether a resource associated with the virtual address is not writeable, and wherein the act of allowing the request is further conditional upon execution of the request not resulting in the set including any resource having virtual addresses whose attributes are indicative of being writeable by the source.
  - 7. The method of claim 6, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where access to any of the resources in the set is disallowed under the policy.
  - 8. The method of claim 7, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where the source can use a virtual address to address a resource that the source is not allowed to write under the policy, and is further conditional upon execution of the request not resulting in a circumstance where the set includes any resources that the source is not allowed to write under the policy.
  - 9. The method of claim 1, wherein execution of the request will cause one or more of the resources to acquire virtual addresses, and wherein the method further comprises determining that the policy allows access to each of the resources that will acquire a virtual address as a result of executing the request.
  - 10. The method of claim 1, wherein execution of the request will result in a change to the policy, and wherein the method further comprises determining that the policy, as affected by the change, allows the source to access all of the resources that the source can address using virtual addresses.
  - 11. The method of claim 10, wherein the change to the policy comprises allowing access to at least a first of the resources to which access had been disallowed, and wherein the method further comprises obscuring a value that had been stored in said first resource prior to the change to the policy.
  - 12. The method of claim 10, wherein the change in the policy comprises granting unrestricted access to all resources.
  - 13. The method of claim 1, wherein the request comprises a request to write said one of the resources, and wherein the method further comprises:
    - waiting a duration of time before said one of the resources is written in accordance with the request.
  - 14. The method of claim 13, further comprising:
    - subsequent to receiving the write request, receiving a request to read said one of the resources; and
      
      processing the read request by either;
      
      executing the write request that is the object of said waiting act and retrieving a stored value from the resource;
      
      or retrieving the value that the resource would store if the write request had been executed.
  - 15. The method of claim 1, further comprising:
    - if the request is allowable under the policy and if a condition is true, then allowing the request; and
      
      ensuring that the condition is never true unless execution of the request will not result in a circumstance under which the source can use a virtual address to address a resource to which access is unallowable under the policy.
  - 16. The method of claim 1, wherein execution of the request will result in a first change to the policy and will also result in a second change affecting which resources have virtual addresses, and wherein the method further comprises determining that execution of the request will not result in an intersection between the resources to which the policy, as affected by the first change, disallows access and the resources, as affected by the second change, that have virtual addresses.

17. A computer-readable medium encoded with computer-executable instructions to perform a method of controlling access to one or more resources in accordance with a policy, the method comprising:
- receiving a request to allow a source to access one of the resources; and
  
  if the request is allowable under the policy, and if execution of the request will not result in a circumstance under which the source can use a virtual address to address a resource to which access is unallowable under the policy, then allowing the request.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 18. The computer-readable medium of claim 17, the method further comprising:
    - initializing the resources to a state in which none of the resources to which access is unallowable under the policy has a virtual address usable by the source.
  - 19. The computer-readable medium of claim 17, wherein the resources comprise individually-addressable units of a random access memory.
  - 20. The computer-readable medium of claim 17, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where the source can use a virtual address to address a resource that the source is not allowed to write under the policy.
  - 21. The computer-readable medium of claim 17, wherein information that affects which of the resources corresponds to a given virtual address is stored in a set of the resources, and wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where access to any of the resources in the set is disallowed under the policy.
  - 22. The computer-readable medium of claim 17, wherein information that affects which of the resources corresponds to a given virtual address is stored in a set of the resources, wherein each virtual address is associated with an attribute indicating whether a resource associated with the virtual address is not writeable, and wherein the act of allowing the request is further conditional upon execution of the request not resulting in the set including any resource having virtual addresses whose attributes are indicative of being writeable by the source.
  - 23. The computer-readable medium of claim 22, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where access to any of the resources in the set is disallowed under the policy.
  - 24. The computer-readable medium of claim 23, wherein the act of allowing the request is further conditional upon execution of the request not resulting in a circumstance where the source can use a virtual address to address a resource that the source is not allowed to write under the policy, and is further conditional upon execution of the request not resulting in a circumstance where the set includes any resources that the source is not allowed to write under the policy.
  - 25. The computer-readable medium of claim 17, wherein the request comprises a request to write said one of the resources, and wherein the method further comprises:
    - waiting a duration of time before said one of the resources is written in accordance with the request.
  - 26. The computer-readable medium of claim 25, wherein the method further comprises:
    - subsequent to receiving the write request, receiving a request to read said one of the resources; and
      
      processing the read request by either;
      
      executing the write request that is the object of said waiting act and retrieving a stored value from the resource;
      
      or retrieving the value that the resource would store if the write request had been executed.
  - 27. The computer-readable medium of claim 17, wherein the method further comprises:
    - if the request is allowable under the policy and if a condition is true, then allowing the request; and
      
      ensuring that the condition is never true unless execution of the request will not result in a circumstance under which the source can use a virtual address to address a resource to which access is unallowable under the policy.

28. A method of controlling access to a plurality of resources in accordance with a policy, each of the resources being addressable by a set of first identifiers, at least some of the resources being addressable by a set of second identifiers, the method comprising:
- initializing the resources to a state in which none of the resources that a source is not allowed to access under the policy is addressable by the source with any of the second identifiers;
  
  receiving a request to read one of the resources, the request identifying said one of the resources by one of the second identifiers; and
  
  allowing the request.
- View Dependent Claims (29, 30, 31, 32, 33, 34)
- - 29. The method of claim 28, wherein the first identifiers are physical addresses of the resources, wherein the second identifiers are virtual addresses, and wherein a modifiable mapping maps at least some of the virtual addresses to at least some of the physical addresses.
  - 30. The method of claim 29, wherein said mapping is based at least in part on the identity of a source that issues said request.
  - 31. The method of claim 30, wherein said mapping is further based on information other than the second identifiers and the identity of the source that issues said request.
  - 32. The method of claim 28, wherein the act of initializing the resources comprises:
    - initializing the resource to a state in which none of the resources that the source is not allowed to write under the policy is addressable by the source with any of the second identifiers.
  - 33. The method of claim 28, wherein information that affects which of the resources corresponds to a given virtual address is stored in a first set of the resources, and wherein the act of initializing the resources comprises:
    - initializing the resources to a state in which none of the resources that the source is not allowed to access under the policy are in the first set.
  - 34. The method of claim 28, wherein information that affects which of the resources corresponds to a given virtual address is stored in a first set of the resources, and wherein the act of initializing the resources comprises:
    - initializing the resources to a state in which none of the resources that a source is not allowed to write under the policy is addressable by the source with any of the second identifiers, and in which none of the resources that the source is not allowed to write under the policy are in the first set.

35. A computer-readable medium encoded with computer-executable instructions to perform a method of controlling access to a plurality of resources in accordance with a policy, each of the resources being addressable by a set of first identifiers, at least some of the resources being addressable by a set of second identifiers, the method comprising:
- initializing the resources to a state in which none of the resources that a source is not allowed to access under the policy is addressable by the source with any of the second identifiers;
  
  receiving a request to read one of the resources, the request identifying said one of the resources by one of the second identifiers; and
  
  allowing the request.
- View Dependent Claims (36, 37, 38)
- - 36. The computer-readable medium of claim 35, wherein the act of initializing the resources comprises:
    - initializing the resource to a state in which none of the resources that the source is not allowed to write under the policy is addressable by the source with any of the second identifiers.
  - 37. The computer-readable medium of claim 35, wherein information that affects which of the resources corresponds to a given virtual address is stored in a first set of the resources, and wherein the act of initializing the resources comprises:
    - initializing the resources to a state in which none of the resources that the source is not allowed to access under the policy are in the first set.
  - 38. The computer-readable medium of claim 35, wherein information that affects which of the resources corresponds to a given virtual address is stored in a first set of the resources, and wherein the act of initializing the resources comprises:
    - initializing the resources to a state in which none of the resources that a source is not allowed to write under the policy is addressable by the source with any of the second identifiers, and in which none of the resources that the source is not allowed to write under the policy are in the first set.

39. A method of controlling access to a plurality of resources according to a policy in a system comprising a first set of resources, each of the set of resources being addressable by a set of first identifiers, at least some of the resources being addressable by a set of second identifiers, each of the second identifiers having an attribute associated therewith indicating whether a resource identified by a second identifier is read-only, information affecting which of the resources corresponds to a given virtual address being stored in a set of the resources, the method comprising:
- initializing the resources to a state in which none of the resources that a source is not allowed to access under the policy is addressable by the source with any of the second identifiers, and in which the set of resources does not include any resource whose second identifier is associated with an attribute indicative of being only readable by the source;
  
  receiving a request to write one of the resources, the request identifying said one of the resources by one of the second identifiers; and
  
  allowing the request.
- View Dependent Claims (40, 41, 42, 43)
- - 40. The method of claim 39, further comprising:
    - initializing the resources to a state in which none of the resources that a source is not allowed to write under the policy is addressable by the source with any of the second identifiers.
  - 41. The method of claim 39, wherein the first identifiers are physical addresses of the resources, wherein the second identifiers are virtual addresses, and wherein a modifiable mapping maps at least some of the virtual addresses to at least some of the physical addresses.
  - 42. The method of claim 41, wherein said mapping is based at least in part on the identity of a source that issues said request.
  - 43. The method of claim 42, wherein said mapping is further based on information other than the second identifiers and the identity of the source that issues said request.

44. A computer-readable medium encoded with computer-executable instructions to perform a method of controlling access to a plurality of resources according to a policy in a system comprising a first set of resources, each of the set of resources being addressable by a set of first identifiers, at least some of the resources being addressable by a set of second identifiers, each of the second identifiers having an attribute associated therewith indicating whether a resource identified by a second identifier is read-only, information affecting which of the resources corresponds to a given virtual address being stored in a set of the resources, the method comprising:
- initializing the resources to a state in which none of the resources that a source is not allowed to access under the policy is addressable by the source with any of the second identifiers, and in which the set of resources does not include any resource whose second identifier is associated with an attribute indicative of being only readable by the source;
  
  receiving a request to write one of the resources, the request identifying said one of the resources by one of the second identifiers; and
  
  allowing the request.
- View Dependent Claims (45)
- - 45. The computer-readable medium of claim 44, wherein the method further comprises:
    - initializing the resources to a state in which none of the resources that a source is not allowed to write under the policy is addressable by the source with any of the second identifiers.

46. In a system that comprises a plurality of resources and a virtual memory manager, each of the resources being addressable by a physical address, the virtual memory manager enabling at least some of the resources to be addressable by virtual addresses, the improvement comprising:
- a guard that evaluates a request to allow a source to access at least one of the resources, the guard allowing access to said one of the resources if a group of one or more conditions is true, the guard otherwise denying the request, the conditions comprising;
  
  the request being allowable under a policy; and
  
  execution of the request will not result in a circumstance in which any of the resources that the source is not allowed to access under the policy are addressable by the source with a virtual address.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
- - 47. The improvement of claim 46, wherein the resources comprise individually-addressable units of random access memory.
  - 48. The improvement of claim 46, wherein the system has been initialized to a state in which none of the resources that the source is allowed to access under the policy are addressable by the source with virtual addresses, and wherein the guard allows all read requests that use a virtual address to identify the resource to which access is requested.
  - 49. The improvement of claim 46, wherein information affecting which of the resources are associated with virtual addresses is stored in a set of the resources, and wherein the conditions further comprise:
    - execution of the request not resulting in a circumstance in which the set includes resources that the source is not allowed to access under the policy.
  - 50. The improvement of claim 46, wherein the conditions further comprise:
    - execution of the request not resulting in a circumstance in which any of the resources that the source is not allowed to write under the policy are addressable by the source with a virtual address.
  - 51. The improvement of claim 50, wherein information affecting which of the resources are associated with virtual addresses is stored in a set of the resources, and wherein the conditions further comprise:
    - execution of the request not resulting in a circumstance in which the set includes resources that the source is not allowed to write under the policy.
  - 52. The improvement of claim 46, wherein the system further comprises a processor, and wherein the guard comprises executable instructions that execute on the processor.
  - 53. The improvement of claim 46, wherein the guard comprises at least one of:
    - hardware logic, and firmware.
  - 54. The improvement of claim 46, wherein the virtual memory manager associates an attribute with a resource that has been requested by a virtual address, the attribute indicating whether the resource may be only written or read and written, the virtual memory manager being configured to invoke said guard when a request is received to write to a resource whose corresponding attribute indicates that the resource is only readable.
  - 55. The improvement of claim 54, wherein the virtual memory manager raises an exception whenever a request is received to write to a resource whose corresponding attribute indicates that the resource is only readable, and wherein the guard comprises, or is invoked by, a handler for said exception.
  - 56. The improvement of claim 54, wherein information affecting which of the resources are associated with virtual addresses is stored in a set of the resources, each of the resources in the set being associated with an attribute indicating that the resource is only readable when requested by said source.
  - 57. The improvement of claim 46, wherein the virtual memory manager indicates, for each resource requestable by virtual address, whether the resource is present or not present, the virtual memory manager being configured to invoke said guard when a request is received to access a resource that is indicated as not present, and wherein the virtual memory manager is configured to invoke said guard when a request is received to access a resource whose corresponding attribute indicates that the resource is not present.

58. A method of controlling access to one or more resources in accordance with a first policy, the method comprising:
- receiving a request to access a resource;
  
  determining whether the request is allowable or deniable based on a first criterion under which no request that is unallowable under the first policy is deemed allowable, and under which at least one request that is allowable under the first policy is not deemed allowable;
  
  if the request is deemed allowable or deniable as a result of the determining step, then allowing or denying the request according to the result of the determining step.
- View Dependent Claims (59, 60, 61, 62, 63)
- - 59. The method of claim 58, wherein the determining step results in a determination that the request is neither allowable nor deniable based on the first criterion, the method further comprising:
    - deciding the request based on either the first policy or based on a second criterion different from the first criterion.
  - 60. The method of claim 58, further comprising:
    - if the request is not deemed allowable or deniable as a result of the determining step, evaluating the request under one or more second criteria, each of the second criteria being different from the first criterion and being different from each other, no request that is unallowable under the first policy being deemed allowable under any of the second criteria, each of the second criteria being adapted not to deem allowable at least one request that is allowable under the first policy; and
      
      if the request is deemed allowable or deniable under any of the second criteria, then allowing or denying the request accordingly.
  - 61. The method of claim 58, further comprising:
    - if the request is not deemed allowable as a result of the determining step, evaluating the request under the first policy; and
      
      allowing or blocking the request depending on whether the request is allowable or unallowable under the first policy.
  - 62. The method of claim 58, wherein the method is performed in a system that is adapted to assign virtual addresses to at least some of the resources, wherein the first policy defines as unallowable all access requests that are unallowable under a second policy and also defines as unallowable all access requests that, if executed, would result in a virtual address being assigned to a resource to which access is unallowable under the second policy.
  - 63. The method of claim 58, wherein the method is performed in a system that comprises a virtual memory manager that associates a virtual address and an attribute with each of the resources, the particular resource and attribute associated with a virtual address being based on at least one factor other than the virtual address, the attribute indicating whether the resource is a read-only or read/write resource, and wherein the first criterion comprises whether the request is consistent with the attribute, the request being deemed allowable as a result of the determining step if the request is consistent with the attribute, the request not being deemed either allowable or deniable as a result of the determining step if the request is not consistent with the attribute.

64. A computer-readable medium encoded with computer-executable instructions to perform a method of controlling access to one or more resources in accordance with a first policy, the method comprising:
- receiving a request to access a resource;
  
  determining whether the request is allowable or deniable based on a first criterion under which no request that is unallowable under the first policy is deemed allowable, and under which at least one request that is allowable under the first policy is not deemed allowable;
  
  if the request is deemed allowable or deniable as a result of the determining step, then allowing or denying the request according to the result of the determining step.
- View Dependent Claims (65, 66)
- - 65. The computer-readable medium of claim 64, the method further comprising:
    - if the request is not deemed allowable or deniable as a result of the determining step, evaluating the request under one or more second criteria, each of the second criteria being different from the first criterion and being different from each other, no request that is unallowable under the first policy being deemed allowable under any of the second criteria, each of the second criteria being adapted not to deem allowable at least one request that is allowable under the first policy; and
      
      if the request is deemed allowable or deniable under any of the second criteria, then allowing or denying the request accordingly.
  - 66. The computer-readable medium of claim 64, wherein the method is performed in a system that comprises a virtual memory manager that associates a virtual address and an attribute with each of the resources, the particular resource and attribute associated with a virtual address being based on at least one factor other than the virtual address, the attribute indicating whether the resource is a read-only or read/write resource, and wherein the first criterion comprises whether the request is consistent with the attribute, the request being deemed allowable as a result of the determining step if the request is consistent with the attribute, the request not being deemed either allowable or deniable as a result of the determining step if the request is not consistent with the attribute.

67. A system for controlling access to an addressable entity in accordance with a policy, P, the addressable entity defining a first mapping from a first set, A, to a second set, M, there being a second mapping from a third set, V, to the first set, the function f:
- A→
  
  M denoting the first mapping, the function g;
  
  S×
  
  V→
  
  A denoting the second mapping, wherein S is a set of sources that can request access to the addressable entity, the system comprising;
  
  a guard that evaluates a request from a source, s, to evaluate or modify the first mapping, where sε
  
  S, the guard conditionally allowing the request based on the constraints that the request is allowable under the policy, P, and that carrying out the request will not cause a statement concerning MP(s) to be false, wherein MP(s) consists of all members of the first set, A, that will be solutions to g(s,v) for any vε
  
  V.
- View Dependent Claims (68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79)
- - 68. The system of claim 67, wherein the statement comprises:
    - MP(s)∩
      
      NA(P,s)=φ
      
      where NA(P,s) consists of all members of the first set, A, at which the policy, P, disallows the source, s, from evaluating or modifying the first mapping.
  - 69. The system of claim 68, wherein the statement comprisesMP(s)∩
    - NW(P,s)=φ
      
      wherein NW(P,s) consists of all members of the first set, A, at which the policy, P, disallows the source, s, from modifying the first mapping.
  - 70. The system of claim 69, wherein a portion of the first mapping located at a subset of the first set, A, affects the second mapping, and wherein the statement comprises(MP(s)∪
    - PMS)∩
      
      NW(P,s)=φ
      
      wherein PMS denotes said subset.
  - 71. The system of claim 68, wherein a portion of the first mapping located at a subset of the first set, A, affects the second mapping, and wherein the statement comprises(MP(s)∪
    - PMS)∩
      
      NA(P,s)=φ
      
      wherein PMS denotes said subset.
  - 72. The system of claim 68, wherein the function g associates an attribute with each member of the first set, A, that is a solution to g(s,v) for vε
    - V, the attribute indicating whether the first mapping may be modified at said member, wherein a portion of the first mapping located at a subset of the first set, A, affects the second mapping, and wherein the statement comprisesMP(s)∩
      
      NA(P,s)=φ
      
      {circumflex over (
      
      )}MPRW(s)∩
      
      PMS=φ
      
      ,wherein MPRW(s) consists of the members of A whose attributes are indicative of being modifiable by the source, s, and wherein PMS denotes said subset.
  - 73. The system of claim 68, wherein the function g associates an attribute with each member of the first set, A, that is a solution to g(s,v) for vε
    - V, the attribute indicating whether the first mapping may be modified at said member, wherein a portion of the first mapping located at a subset of the first set, A, affects the second mapping, and wherein the statement comprisesMP(s)∩
      
      NW(P,s)=φ
      
      {circumflex over (
      
      )}MPRW(s)∩
      
      PMS=φ
      
      wherein NW(P,s) consists of all members of the first set, A, at which the policy, P, disallows the source, s, from modifying the first mapping, wherein MPRW(s) consists of the members of A whose attributes are indicative of being modifiable by the source, s, and wherein PMS denotes said subset.
  - 74. The system of claim 68, wherein the function g associates an attribute with each member of the first set, A, that is a solution to g(s,v) for vε
    - V, the attribute indicating whether the first mapping may be modified at said member, wherein a portion of the first mapping located at a subset of the first set, A, affects the second mapping, and wherein the statement comprisesMP(s)∩
      
      NR(P,s)=φ
      
      {circumflex over (
      
      )}MPRW(s)∩
      
      PMS=φ
      
      wherein NR(P,s) consists of all members of the first set, A, at which the policy, P, disallows the source, s, from evaluating the first mapping, wherein MPRW(s) consists of the members of A whose attributes are indicative of being modifiable by the source, s, and wherein PMS denotes said subset.
  - 75. The system of claim 68, wherein the function g is further based on arbitrary information, E, such that g:
    - S×
      
      V×
      
      E→
      
      A.
  - 76. The system of claim 68, further comprising:
    - a random access memory that implements the first mapping; and
      
      a memory management unit that implements the second mapping.
  - 77. The system of claim 68, wherein there is a set of values, CORE, such that CORE⊂
    - A, and such f(a) affects the functioning of the guard for all aε
      
      CORE, and wherein P prohibits at least one of the sources from modifying the first mapping at any of the elements in CORE.
  - 78. The system of claim 67, wherein the conditional allowance of the request comprises executing a new request in place of said request, such that executing the new request does not cause the statement to be false.
  - 79. The system of claim 67, wherein the guard is configured to conditionally allow the request if the statement is false but X is true, where X is an arbitrary condition, and wherein the guard is further configured to ensure that X is not true unless the statement is true.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Peinado, Marcus, Willman, Bryan Mark

Granted Patent

US 7,565,509 B2
Time in Patent Office

Days
Field of Search
US Class Current

711/202
CPC Class Codes

G06F 12/145 the protection being virtua...

Using limits on address translation to control access to an addressable entity

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

79 Claims

Specification

Solutions

Use Cases

Quick Links

Using limits on address translation to control access to an addressable entity

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

79 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links