System & method of table building for a process-based security system using intrusion detection
First Claim
1. A method of building a resource access table in a system for controlling access to resources comprising the steps of:
- identifying a resource call in a process;
identifying a resource accessed by the resource call;
analyzing the resource call by an intrusion detection module;
assigning permission to the resource;
writing a resource access table entry in a resource access table including data identifying the process, the resource and the permission;
such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data entry in the resource access table entry of the resource access table.
1 Assignment
0 Petitions
Accused Products
Abstract
A method to build a resource access table in a system for controlling access to resources is disclosed. The protocol identifies a resource call in a process. Each of the resources accessed by resource calls are identified and routed to intrusion detection software for analysis. Permission is assigned to the resource, with regard to the process. A resource access table is written, with each entry identifying the process, the resource and the permission. When the process is executed and the process makes a resource call to the resource, access to the resource is controlled by the permission data entry in the resource access table entry of the resource access table.
59 Citations
20 Claims
-
1. A method of building a resource access table in a system for controlling access to resources comprising the steps of:
-
identifying a resource call in a process;
identifying a resource accessed by the resource call;
analyzing the resource call by an intrusion detection module;
assigning permission to the resource;
writing a resource access table entry in a resource access table including data identifying the process, the resource and the permission;
such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data entry in the resource access table entry of the resource access table. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of building a resource access table in a system for controlling access to resources comprising the steps of:
-
identifying a resource call in a process;
identifying a resource accessed by the resource call;
analyzing the resource call by an intrusion detection module. assigning permission to the resource call;
writing a resource access table entry in a resource access table including data identifying the process, the resource call, the resource and the permission;
such that when the process is executed and the process makes a resource call to the resource, access to the resource may be controlled by the permission data in the resource access table entry of the resource access table. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of controlling access to resources comprising the steps of:
-
identifying a resource call from a process;
identifying a resource accessed by the resource call;
determining if the process is associated with a resource access table;
checking process permissions and granting access to the resource in accordance with said process permissions when the process is associated with a resource access table; and
checking user permissions and granting access to the resource in accordance with said user permissions when the process is not associated with a resource access table. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification