By-pass and tampering protection for application wrappers
First Claim
1. A computer system including an operating system and software applications, the system comprising:
- a central processing unit;
means for storing and retrieving programs and data connected with said central processing unit;
an operating system stored in said means for storing and retrieving programs and data;
a plurality of software applications stored in said means for storing and retrieving programs and data;
a plurality of application threads, wherein each of said threads is associated with a single one of said software applications;
a plurality of bypass protocols that interface with said software applications, wherein each of said bypass protocols is associated with a single one of said software applications;
a bypass driver that interfaces with said bypass protocols, wherein the specific state of trust of each of said application threads of said software applications associated with said bypass protocols is obtained by said bypass driver from said bypass protocols;
a thread trust datastore that interfaces with said bypass driver, wherein the state of trust of said software applications is communicated from said bypass driver to said thread trust datastore and stored in memory; and
a system service dispatch tap that interfaces with said operating system, wherein invocations of services from said operating system by said software applications are intercepted by said system service dispatch tap, the state of trust of said software application is obtained from said thread trust datastore, and said invocation of service is routed in said operating system based upon said state of trust.
1 Assignment
0 Petitions
Accused Products
Abstract
In a computer system with an operating system that supports multiple levels of interfaces (APIs) that application programs (i.e. programs executing outside the operating system kernel in user mode) can invoke to obtain services from the operating system, and the employment of a hooking or mediation technology within a user-mode process (i.e. an instantiation of an application program) to intercept/mediate invocations of selected interfaces of some of those levels, the Tampering Protection protects the code and statically or heap allocated data of the mediators from corruption by the code of the user-mode process being mediated that resides and operates in the same address space as the code and data of the mediators (as such corruption would compromise the integrity of the mediator and could prevent it from accomplishing its intended mediation purpose). It does so by providing memory protection services that allow mediators to define data areas (both static segments and dynamic heaps) to be protected and to temporarily unprotect them during the execution of a mediator so that they can be modified during that execution, thus ensuring that the mediate application does not directly use the operating system services to override Tampering Protection management of these protected segments or protected.
124 Citations
8 Claims
-
1. A computer system including an operating system and software applications, the system comprising:
-
a central processing unit;
means for storing and retrieving programs and data connected with said central processing unit;
an operating system stored in said means for storing and retrieving programs and data;
a plurality of software applications stored in said means for storing and retrieving programs and data;
a plurality of application threads, wherein each of said threads is associated with a single one of said software applications;
a plurality of bypass protocols that interface with said software applications, wherein each of said bypass protocols is associated with a single one of said software applications;
a bypass driver that interfaces with said bypass protocols, wherein the specific state of trust of each of said application threads of said software applications associated with said bypass protocols is obtained by said bypass driver from said bypass protocols;
a thread trust datastore that interfaces with said bypass driver, wherein the state of trust of said software applications is communicated from said bypass driver to said thread trust datastore and stored in memory; and
a system service dispatch tap that interfaces with said operating system, wherein invocations of services from said operating system by said software applications are intercepted by said system service dispatch tap, the state of trust of said software application is obtained from said thread trust datastore, and said invocation of service is routed in said operating system based upon said state of trust. - View Dependent Claims (2, 3, 4)
-
-
5. A computer system including an operating system and software applications, the system comprising:
-
a central processing unit;
means for storing and retrieving programs and data connected with said central processing unit;
an operating system stored in said means for storing and retrieving programs and data;
a plurality of privilege levels associated with said central processing unit;
a plurality of software applications stored in said means for storing and retrieving programs and data, wherein each of said applications is associated with a single one of said privilege levels;
a plurality of application threads, wherein each of said application threads is associated with a single one of said software applications;
a plurality of driver modules stored in said means for storing and retrieving programs and data, wherein each of said driver modules are associated with a single one of said privilege levels;
a plurality of return addresses, wherein each of said return addresses are associated with a single one of said software applications;
a plurality of driver requests, wherein each of said driver requests is associated with a single one of said software applications and a single one of said return addresses, and said software application associated with each of said driver requests is associated with a lower privilege level than the privilege level associated with the driver to which said request is directed;
a plurality of bypass protocols that interface with said software applications, wherein each of said bypass protocols is associated with a single one of said software applications and a single one of said driver modules;
a thread trust datastore that interfaces with said driver modules, wherein the return addresses of said software applications are obtained by said driver modules and stored in said trust datastore, and one of said return addresses associated with one of said software applications may subsequently be retrieved by said driver modules, compared with one of said return addresses associated with one of said driver requests from one of said software applications, and said driver request is routed differentially based on whether said return address associated with said driver request is associated in said driver module'"'"'s thread trust datastore with the requesting thread'"'"'s application. - View Dependent Claims (6, 7, 8)
-
Specification