Debugging applications under different permissions

US 20060048099A1
Filed: 08/27/2004
Published: 03/02/2006
Est. Priority Date: 08/27/2004
Status: Active Grant

First Claim

Patent Images

1. A system for debugging an application under a restricted security context, comprising:

a project system for developing an application;

a deployment system for deploying applications to users;

a debugger that observes run-time behavior of said application and evaluates instructions within said application; and

a hosting process for running said application, wherein during development of said application, said hosting process executes said application under said restricted security context and said debugger provides an indication of an occurrence of a security exception.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method that allows developers to debug a component while it is restricted by any arbitrary set of specific permissions, or restricted by an existing permission set associated with a security “zone.” A security sandbox is mimicked within the development environment so that developers can study how applications perform inside the sandbox. Developers are able create any sandbox and debug inside it, where violating any bound of the artificial sandbox will throw a security exception and drop the user out on the exact line of code which generated the error, as well as provide helpful information about how to correct the error.

81 Citations

View as Search Results

22 Claims

1. A system for debugging an application under a restricted security context, comprising:
- a project system for developing an application;
  
  a deployment system for deploying applications to users;
  
  a debugger that observes run-time behavior of said application and evaluates instructions within said application; and
  
  a hosting process for running said application, wherein during development of said application, said hosting process executes said application under said restricted security context and said debugger provides an indication of an occurrence of a security exception.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein a manifest is created that contain information regarding said restricted security context.
  - 3. The system of claim 2, wherein said manifest comprises permissions that correspond to security zones within which said software application is to be deployed.
  - 4. The system of claim 3, wherein said permissions contain attributes that further define said permissions.
  - 5. The system of claim 2, wherein said hosting process creates a manager object that manages the execution of said application in said restricted security context in accordance with said manifest.
  - 6. The system of claim 5, further comprising a runtime environment, wherein said runtime environment receives said information in said manifest from said manager object.
  - 7. The system of claim 6, further comprising a context object that allows or disallows passes to said runtime environment in accordance with said information in said manifest.
  - 8. The system of claim 6, further comprising a security object that determines if any function calls by said application require greater permissions than specified by said information in said manifest, and wherein said security object creates said security exception.
  - 9. The system of claim 1, wherein said occurrence of said security exception results in said debugger exiting said application at an instruction that generated said security exception.
  - 10. The system of claim 1, further comprising a user interface to define said restricted security context.
  - 11. The system of claim 10, wherein predefined security zones are provided in said user interface.

12. A method for debugging a software application under a restricted security context, comprising:
- executing said software application in a debugging environment;
  
  applying said restricted security context to said software application; and
  
  providing an indication of an occurrence of a security exception.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12, further comprising generating a manifest that contains information regarding said restricted security context.
  - 14. The method of claim 13, wherein said manifest comprises permissions that correspond to security zones within which said software application is to be deployed.
  - 15. The method of claim 14, wherein said permissions contain attributes that further define said permissions.
  - 16. The method of claim 13, further comprising creating a manager object that manages the execution of said software application in said restricted security context in accordance with said manifest.
  - 17. The method of claim 16, further comprising communicating said information in said manifest to a runtime environment.
  - 18. The method of claim 17, further comprising creating a context object that allows or disallows passes to said runtime environment in accordance with said information in said manifest.
  - 19. The method of claim 17, further comprising creating a security object that determines if any function calls by said software application require greater permissions than specified by said information in said manifest, and if so, generating said security exception.
  - 20. The method of claim 12, further comprising exiting said application at an instruction that generated said security exception.
  - 21. The method of claim 12, further comprising providing a user interface to define said restricted security context.
  - 22. The method of claim 21, further comprising providing predefined security zones are provided in said user interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Eng, Michael, Draine, Sean Conway, Fee, Gregory Darrell, Gryko, Izydor, Templin, David Kehl, Saad, Stephanie Sweeny, Cantwell, James Gordon

Granted Patent

US 7,814,308 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/124
CPC Class Codes

G06F 11/321 Display for diagnostics, e....

G06F 21/53 by executing in a restricte...

Debugging applications under different permissions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Debugging applications under different permissions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others