CONTROL OF APPLICATION ACCESS TO SYSTEM RESOURCES

US 20070199072A1
Filed: 10/16/2006
Published: 08/23/2007
Est. Priority Date: 10/14/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of transferring a computer program product from at least one first computer to at least one second computer connected to the at least one first computer through a communication medium, the method comprising the steps of:

(a) accessing, on the at least one first computer, computer-executable instructions that, when executed in a system having a security mechanism that determines access by an application to system resources based on a security context in which the application is run, perform at least the steps of;

(1) running a first application subject to a first security context providing access to a first set of the system resources;

(2) receiving a request to run the first application subject to a second security context providing access to a second set of the system resources different from the first set; and

(2) running the first application subject to the second security context, wherein the application runs subject to the second security context without re-launching the application; and

(b) transferring the computer-executable instructions from the at least one first computer to the at least one second computer through the communications medium.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method executable in a system having a security mechanism that determines access by an application to system resources based on a security context in which the application is run includes receiving definitions of a plurality of security contexts. Each security context provides access to a respective set of the system resources. An association of each application of a plurality of applications with a respective one of the security contexts is received from the user. A first one of the applications is run subject to a first associated security context.

63 Citations

View as Search Results

20 Claims

1. A method of transferring a computer program product from at least one first computer to at least one second computer connected to the at least one first computer through a communication medium, the method comprising the steps of:
- (a) accessing, on the at least one first computer, computer-executable instructions that, when executed in a system having a security mechanism that determines access by an application to system resources based on a security context in which the application is run, perform at least the steps of;
  
  (1) running a first application subject to a first security context providing access to a first set of the system resources;
  
  (2) receiving a request to run the first application subject to a second security context providing access to a second set of the system resources different from the first set; and
  
  (2) running the first application subject to the second security context, wherein the application runs subject to the second security context without re-launching the application; and
  
  (b) transferring the computer-executable instructions from the at least one first computer to the at least one second computer through the communications medium.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the first security context, with respect to the second security context, provides access to fewer of the system resources.
  - 3. The method of claim 1 wherein the second security context, with respect to the first security context, provides access to at least the same system resources.
  - 4. The method of claim 1 wherein at least one of the security contexts is defined by at least one privilege.
  - 5. The method of claim 1 wherein at least one of the security contexts is defined by at least one group identifier.
  - 6. The method of claim 1 wherein:
    - the first application includes a user interface; and
      
      the computer-executable instructions further perform the step of displaying within the user interface a user-selectable field operable to enable the user to provide the request to run the first application subject to the second security context.

7. A computer-readable medium having computer-executable instructions that, when executed in a system having a security mechanism that determines access by an application to system resources based on a security context in which the application is run, perform at least the steps of:
- (a) providing a user interface that;
  
  (1) enables a user to define a plurality of security contexts, each security context providing access to a respective set of the system resources; and
  
  (2) enables the user to associate each application of a plurality of applications with a respective one of the security contexts; and
  
  (b) running a first one of the applications subject to a first associated security context.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The medium of claim 7 wherein the user interface further enables the user to define each set of the system resources.
  - 9. The medium of claim 7 wherein the computer-executable instructions further perform the step of running the first one of the applications subject to a second security context without re-launching the application.
  - 10. The medium of claim 7 wherein the user interface further enables the user to assign a processing priority to at least one of the security contexts.
  - 11. The medium of claim 7 wherein the user interface further enables the user to assign a memory allocation to at least one of the security contexts.
  - 12. The medium of claim 7 wherein the user interface further enables the user to apply a set of predetermined rules to at least one of the security contexts.
  - 13. The medium of claim 7 wherein the user interface further enables the user to apply a set of predetermined rules to at least one of the applications.
  - 14. The medium of claim 7 wherein the user interface further provides a representation of each security context in a respective portion of a display-device screen.
  - 15. The medium of claim 14 wherein the user interface further enables the user to associate an application with a security context by placing a graphical representation of the application in a screen portion associated with the security context.
  - 16. The medium of claim 15 wherein the user interface further enables the user to change the security context of an application by dragging a graphical representation of the application from a screen portion associated with a first security context and dropping the graphical representation in a screen portion associated with a second security context.

17. A computer-readable medium having computer-executable instructions that, when executed in a system having a security mechanism that determines access by an application to system resources based on a security context in which the application is run, perform at least the steps of:
- receiving definitions of a plurality of security contexts, each security context providing access to a respective set of the system resources;
  
  receiving from the user an association of each application of a plurality of applications with a respective one of the security contexts; and
  
  running a first one of the applications subject to a first associated security context.
- View Dependent Claims (18, 19, 20)
- - 18. The medium of claim 17 wherein the computer-executable instructions further perform the step of running the first one of the applications subject to a second security context without re-launching the application.
  - 19. The medium of claim 17 wherein the computer-executable instructions further perform the step of enabling the user to apply a set of predetermined rules to at least one of the security contexts.
  - 20. The medium of claim 17 wherein the computer-executable instructions further perform the step of enabling the user to apply a set of predetermined rules to at least one of the applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SDC Software, Inc.
Original Assignee
Softwareonline LLC
Inventors
Plummer, David

Application Number

US11/549,804
Publication Number

US 20070199072A1
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 9/468 Specific access rights for ...

CONTROL OF APPLICATION ACCESS TO SYSTEM RESOURCES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

CONTROL OF APPLICATION ACCESS TO SYSTEM RESOURCES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others