Framework for providing a configurable firewall for computing systems
First Claim
1. A computing environment, comprising:
- an operating system;
a virtual machine operating on said operating system;
a first application operating on said virtual machine;
a second application operating on said virtual machine; and
a first firewall control block, wherein said first firewall control block defines access privileges of said first application with respect to said second application, and further defines the access privileges of said second application with respect to said first application.
3 Assignments
0 Petitions
Accused Products
Abstract
A configurable firewall for computing systems is disclosed. The configurable firewall provides a firewall control block that can be used as a mechanism to implement and control access privileges between various components of the computing environment. As such, the firewall control block can be used to determine whether one component (e.g., applet) can access another component in the computing environment. This allows a flexible environment where firewall boundaries can be configured in such a way that each applet can allow access to a desired set of other applets. In addition, the control block can be implemented using a variety of techniques that may be suitable for different system requirements (e.g., processing speed, memory). As such, the configurable firewall is useful for implementing security for various computing systems, especially those that operate with relatively limited processing power and/or provide highly specialized functionality (e.g., smart cards).
-
Citations
22 Claims
-
1. A computing environment, comprising:
-
an operating system;
a virtual machine operating on said operating system;
a first application operating on said virtual machine;
a second application operating on said virtual machine; and
a first firewall control block, wherein said first firewall control block defines access privileges of said first application with respect to said second application, and further defines the access privileges of said second application with respect to said first application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile computing device, comprising:
-
an operating system;
a Java™
compliant virtual machine operating on said operating system;
a first Java™
compliant applet operating on said Java™
compliant virtual machine;
a Java™
compliant applet operating on said virtual machine Java™
compliant virtual machine; and
a first firewall control block, wherein said first firewall control block defines access privileges of said first Java™
compliant applet with respect to at least one other Java™
compliant applet operating on said Java™
compliant virtual machine, and further defines the access privileges of said at least one other Java™
compliant applet Java™
compliant applet with respect to said first Java™
compliant applet. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method of providing security for a Java™
- compliant computing environment that includes a Java™
virtual machine and a plurality of Java™
compliant applets that operate on said Java™
virtual machine, said method comprising;
receiving a request from a first Java™
compliant applet operating on Java™
virtual machine to access a second Java™
compliant applet;
reading a firewall control block associated with said second Java™
compliant applet;
determining, based on said firewall control block, whether said first Java™
compliant applet should be allowed to access said second Java™
compliant applet; and
allowing said first Java™
compliant applet to access said second Java™
compliant applet when said determining determines that access should be allowed. - View Dependent Claims (17, 18, 19, 20, 21)
- compliant computing environment that includes a Java™
-
22. A computer readable media including computer program code for providing security for a computing environment, said computer readable media comprising:
-
computer program code for receiving a request from a first application to access a second application;
computer program code for reading a firewall control block associated with said second application;
determining, based on said firewall control block, whether said first application should be allowed to access said second application; and
allowing said first application to access said second application when said determining determines that access should be allowed.
-
Specification