Hardware implementation of process-based security protocol
First Claim
1. A memory structure storing instructions for a method of providing access for a user to resources through a process, said method comprising the steps of:
- receiving user identification information;
identifying user resource access information associated with the user identification information, wherein the user resource access information includes process resource access information associated with a process;
determining when an executing process attempts to accesses a specified resource;
checking the process resource access information associated with the process when the process attempts to access the specified resource to determine if access to the specified resource by the process is permitted;
allowing the process to access the specified resource if access permission is indicated; and
denying the process access to the specified resource if access permission is not indicated.
2 Assignments
0 Petitions
Accused Products
Abstract
A memory structure stores instructions for a method of providing access for a user to resources through a process. The process includes receiving user identification information and identifying user resource access information associated with the user identification information. The user resource access information includes process resource access information associated with a process. The process determines when an executing process attempts to accesses a specified resource and checks the process resource access information associated with the process when the process attempts to access the specified resource. The process determines if access to the specified resource by the process is permitted and allows the process to access the specified resource if access permission is indicated and denies the process access to the specified resource if access permission is not indicated.
-
Citations
20 Claims
-
1. A memory structure storing instructions for a method of providing access for a user to resources through a process, said method comprising the steps of:
-
receiving user identification information;
identifying user resource access information associated with the user identification information, wherein the user resource access information includes process resource access information associated with a process;
determining when an executing process attempts to accesses a specified resource;
checking the process resource access information associated with the process when the process attempts to access the specified resource to determine if access to the specified resource by the process is permitted;
allowing the process to access the specified resource if access permission is indicated; and
denying the process access to the specified resource if access permission is not indicated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An integrated circuit storing instructions for a method of providing access for a user to resources through a process, said method comprising the steps of:
-
identifying process resource access information associated with a process;
determining when the process attempts to accesses a specified resource;
checking the process resource access information associated with the process when the process attempts to access the specified resource to determine if access to the specified resource by the process is permitted;
allowing the process to access the specified resource if access permission is indicated; and
denying the process access to the specified resource if access permission is not indicated. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A storage medium storing instructions for a method of providing access for a user to resources through a process, said method comprising the steps of:
-
determining when the process attempts to accesses a specified resource;
checking the process resource access information associated with the process when the process attempts to access the specified resource to determine if access to the specified resource by the process is permitted. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeSystems Advisory Group Enterprises Incorporated
-
Original AssigneeSystems Advisory Group Enterprises Incorporated
-
InventorsLarsen, Vincent Alan
-
Application NumberUS10/775,900Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/201CPC Class CodesG06F 21/6218 to a system of files or obj...G06F 2221/2141 Access rights, e.g. capabil...
