System & method of table building for a process-based security system using intrusion detection

US 20050044381A1
Filed: 10/27/2003
Published: 02/24/2005
Est. Priority Date: 02/01/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of building a resource access table in a system for controlling access to resources comprising the steps of:

identifying a resource call in a process;

identifying a resource accessed by the resource call;

analyzing the resource call by an intrusion detection module;

assigning permission to the resource;

writing a resource access table entry in a resource access table including data identifying the process, the resource and the permission;

such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data entry in the resource access table entry of the resource access table.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method to build a resource access table in a system for controlling access to resources is disclosed. The protocol identifies a resource call in a process. Each of the resources accessed by resource calls are identified and routed to intrusion detection software for analysis. Permission is assigned to the resource, with regard to the process. A resource access table is written, with each entry identifying the process, the resource and the permission. When the process is executed and the process makes a resource call to the resource, access to the resource is controlled by the permission data entry in the resource access table entry of the resource access table.

59 Citations

View as Search Results

20 Claims

1. A method of building a resource access table in a system for controlling access to resources comprising the steps of:
- identifying a resource call in a process;
  
  identifying a resource accessed by the resource call;
  
  analyzing the resource call by an intrusion detection module;
  
  assigning permission to the resource;
  
  writing a resource access table entry in a resource access table including data identifying the process, the resource and the permission;
  
  such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data entry in the resource access table entry of the resource access table.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of building a resource access table of claim 1, wherein the step of identifying a resource call in a process is automated.
  - 3. The method of building a resource access table of claim 1, wherein the step of identifying a resource accessed by the resource call is performed by a computer.
  - 4. The method of building a resource access table of claim 1, wherein the step of assigning permission data to the resource is performed by software.
  - 5. The method of building a resource access table of claim 1, further including the step of writing a resource access table entry to a process resource access table.
  - 6. The method of building a resource access table of claim 5, wherein said process resource access table is compiled to generate a resource access table.

7. A method of building a resource access table in a system for controlling access to resources comprising the steps of:
- identifying a resource call in a process;
  
  identifying a resource accessed by the resource call;
  
  analyzing the resource call by an intrusion detection module. assigning permission to the resource call;
  
  writing a resource access table entry in a resource access table including data identifying the process, the resource call, the resource and the permission;
  
  such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data in the resource access table entry of the resource access table.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of building a resource access table of claim 7, wherein the step of identifying a resource call in a process is automated.
  - 9. The method of building a resource access table of claim 7, wherein the step of identifying a resource accessed by the resource call is performed by a computer.
  - 10. The method of building a resource access table of claim 7, wherein the step of assigning permission data to the resource is performed by software.
  - 11. The method of building a resource access table of claim 7, further including the step of writing a resource access table entry to a process resource access table.
  - 12. The method of building a resource access table of claim 11, wherein said process resource access table is compiled to generate a resource access table.

13. A method of controlling access to resources comprising the steps of:
- identifying a resource call from a process;
  
  identifying a resource accessed by the resource call;
  
  determining if the process is associated with a resource access table;
  
  checking process permissions and granting access to the resource in accordance with said process permissions when the process is associated with a resource access table; and
  
  checking user permissions and granting access to the resource in accordance with said user permissions when the process is not associated with a resource access table.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of controlling access of claim 13, wherein said user permissions are UNIX permissions.
  - 15. The method of controlling access of claim 13, wherein said step of identifying a resource call is performed by an operating system.
  - 16. The method of controlling access of claim 13, further comprising the step of analyzing the resource call to generate a resource access table.
  - 17. The method of controlling access of claim 16, wherein said analyzing the resource call is performed by intrusion detection methods.
  - 18. The method of controlling access of claim 13, wherein said resource is a process.
  - 19. The method of controlling access of claim 13, wherein said process permissions define resources that can be accessed by the process.
  - 20. The method of controlling access of claim 13, wherein said process permissions define resources that can be accessed by a process resource call.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Systems Advisory Group Enterprises Incorporated
Original Assignee
Systems Advisory Group Enterprises Incorporated
Inventors
Meinel, Carolyn, Larsen, Vincent Alan

Application Number

US10/694,071
Publication Number

US 20050044381A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 2221/2141 Access rights, e.g. capabil...

System & method of table building for a process-based security system using intrusion detection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

59 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System & method of table building for a process-based security system using intrusion detection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others