Special-use heaps
First Claim
1. A system for managing at least two different classes of data comprising:
- one or more memory management components that create plural heaps, there being different sets of rules regarding use of data on each of the heaps, said one or more memory management components exposing functions for use by a program, said functions being configured to store and/or consume data, said functions further being configured to;
(1) determine which of said heaps to store data in based on the nature or intended use of the data; and
(2) determine whether a requested use of data is consistent with the rules applicable to the data based on which heap the data is located on; and
wherein said functions take one or more measures to prevent violation of the rules applicable to each of the heaps.
3 Assignments
0 Petitions
Accused Products
Abstract
Special purpose heaps are created to store different classes of data to which different rules apply. A library of functions is provided which is designed to respect the different classes of rules that apply to the different heaps, by storing data only on a heap that is designated for use with the proper class of data, and by resisting the performance of actions on data in a heap that is inconsistent with the rules that apply to the heap. The use of plural heaps in this manner discourages programmer error in which an operation is performed on data that is inconsistent with the data, since the programmer would explicitly have to copy data from one heap to the other in order to perform the action. In one example, one heap is designated for the storage of secret data, and another heap is designated for general-purpose (non-secret) data.
-
Citations
26 Claims
-
1. A system for managing at least two different classes of data comprising:
one or more memory management components that create plural heaps, there being different sets of rules regarding use of data on each of the heaps, said one or more memory management components exposing functions for use by a program, said functions being configured to store and/or consume data, said functions further being configured to;
(1) determine which of said heaps to store data in based on the nature or intended use of the data; and
(2) determine whether a requested use of data is consistent with the rules applicable to the data based on which heap the data is located on; and
wherein said functions take one or more measures to prevent violation of the rules applicable to each of the heaps.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A computer-readable medium encoded with computer-executable instructions to perform a method comprising:
-
creating a plurality of heaps, each of the heaps corresponding to a different class of data;
receiving a first request to perform a first function that involves the storage of first data belonging to a first class;
allocating a first portion of memory from a first of said heaps;
storing said first data in said first portion of memory;
receiving a second request to perform a second function that involves a usage of data stored in said first portion of memory;
either allowing the second request to proceed, or performing at least one action in resistance of said second request proceeding, according to whether said usage of data is permissible for data belonging to said first class. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method of protecting data from misuse comprising:
-
providing a first set of functions that handles first data that belongs to a first class, the function storing said first data on a first heap;
providing a second set of functions that handle second data in a manner that is inconsistent with a set of rules that applies to said first class, said second set of functions storing said second data on a second heap, said second set of functions being configured to take at least one measure to prevent the copying of said data on said first heap to said second heap, and further being configured to take at least one measure to resist the use of data on said first heap in a manner that is inconsistent with the set of rules that applies to said first class. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A computer-readable medium encoded with computer-executable instructions to perform a method comprising:
-
creating a plurality of heaps, each of the heaps corresponding to a different class of data;
receiving a request to perform a function that involves a usage of a portion of memory, said portion of memory being located in a first of said plurality of heaps;
either allowing the request to proceed, or performing at least one action in resistance of said request proceeding, according to whether said usage is consistent with rules governing said first heap. - View Dependent Claims (25, 26)
-
Specification