Secure handle for intra- and inter-processor communications

US 20070299970A1
Filed: 06/12/2007
Published: 12/27/2007
Est. Priority Date: 06/19/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for enabling communication of data from a kernel of an operating system to a client, comprising the steps of:

providing a context object that includes the data to be accessible to the client;

providing the kernel with a secure object handle, the secure object handle including an address of the context object;

sending the secure object handle from the kernel to the client over a bidirectional interface;

receiving, from the client, the secure object handle from the client over the bidirectional interface, indicating that the client requires access to the data in the context object, and checking an integrity of the secure object handle in the kernel and allowing access to the data by the client if the integrity check is successful and disallowing access to the data by the client if the integrity check is unsuccessful.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A protocol element referred to as a secure handle is described which provides an efficient and reliable method for application-to-application signaling in multi-process and multi-computer environments. The secure handle includes an absolute memory reference which allows the kernel to more quickly and efficiently associate a network data packet with an application'"'"'s communication context in the kernel.

105 Citations

View as Search Results

45 Claims

1. A computer-implemented method for enabling communication of data from a kernel of an operating system to a client, comprising the steps of:
- providing a context object that includes the data to be accessible to the client;
  
  providing the kernel with a secure object handle, the secure object handle including an address of the context object;
  
  sending the secure object handle from the kernel to the client over a bidirectional interface;
  
  receiving, from the client, the secure object handle from the client over the bidirectional interface, indicating that the client requires access to the data in the context object, and checking an integrity of the secure object handle in the kernel and allowing access to the data by the client if the integrity check is successful and disallowing access to the data by the client if the integrity check is unsuccessful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the context object providing step is carried out with the context object including a unique allocation stamp and wherein the secure object handle includes a field configured to store a value of the allocation stamp.
  - 3. The method of claim 1, wherein the secure object handle includes a signature and wherein the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 4. The method of claim 1, wherein the context object providing step is carried out with the context object including a unique allocation stamp and the secure object handle includes a field configured to store a value of the allocation stamp and wherein the secure object handle includes a signature and the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 5. The method of claim 4, wherein the secure object handle providing step includes generating the signature as a predetermined function of a value of the unique allocation stamp and the address of the context object.
  - 6. The method of claim 1 wherein, when the integrity check is successful, the method further includes a step of the client accessing the data at the address of the context object in the received secure object handle.
  - 7. The method of claim 3, wherein the signature integrity checking step includes a step of the kernel computing a temporary variable and comparing the computed temporary variable to the signature in the secure object handle received from the client and disallowing access to the data by the client if the computed temporary variable does not match the signature.
  - 8. The method of claim 2, wherein the integrity checking step includes a step of disallowing access to the data by the client when the value of the allocation stamp in the secure object handle received from the client does not match the unique allocation stamp in the context object.
  - 9. The method of claim 2, further including a step of making the data unavailable to the client by changing the unique allocation stamp.
  - 10. The method of claim 3, wherein the secure object handle providing step is carried out by incorporating at least the address of the context object and the signature in a header of a packet configured according to a predetermined communication protocol.
  - 11. The method of claim 1, wherein the integrity checking step includes at least one Boolean Exclusive OR (XOR) operation.
  - 12. The method of claim 1, wherein the integrity checking step includes a Cyclic Redundancy Check (CRC).
  - 13. The method of claim 1, wherein only the kernel carries out the integrity checking step.
  - 14. The method of claim 10, wherein the communication protocol is a connection-oriented protocol.
  - 15. The method of claim 10, wherein the communication protocol includes TCP.

16. A machine-readable medium having data stored thereon representing sequences of instructions which, when executed by a kernel of an operating system, causes the kernel to enable communication of data from the kernel to a client, by performing the steps of:
- providing a context object that includes the data to be accessible to the client;
  
  providing the kernel with a secure object handle, the secure object handle including an address of the context object;
  
  sending the secure object handle from the kernel to the client over a bidirectional interface;
  
  receiving, from the client, the secure object handle from the client over the bidirectional interface, indicating that the client requires access to the data in the context object, and checking an integrity of the secure object handle in the kernel and allowing access to the data by the client if the integrity check is successful and disallowing access to the data by the client if the integrity check is unsuccessful.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The machine-readable medium of claim 16, wherein the context object providing step is carried out with the context object including a unique allocation stamp and wherein the secure object handle includes a field configured to store a value of the allocation stamp.
  - 18. The machine-readable medium of claim 16, wherein the secure object handle includes a signature and wherein the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 19. The machine-readable medium of claim 16, wherein the context object providing step is carried out with the context object including a unique allocation stamp and the secure object handle includes a field configured to store a value of the allocation stamp and wherein the secure object handle includes a signature and the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 20. The machine-readable medium of claim 19, wherein the secure object handle providing step includes generating the signature as a predetermined function of a value of the unique allocation stamp and the address of the context object.
  - 21. The machine-readable medium of claim 17 wherein, when the integrity check is successful, the method further includes a step of the client accessing the data at the address of the context object in the received secure object handle.
  - 22. The machine-readable medium of claim 18, wherein the signature integrity checking step includes a step of the kernel computing a temporary variable and comparing the computed temporary variable to the signature in the secure object handle received from the client and disallowing access to the data by the client if the computed temporary variable does not match the signature.
  - 23. The machine-readable medium of claim 17, wherein the integrity checking step includes a step of disallowing access to the data by the client when the value of the allocation stamp in the secure object handle received from the client does not match the unique allocation stamp in the context object.
  - 24. The machine-readable medium of claim 18, further including a step of making the data unavailable to the client by changing the unique allocation stamp.
  - 25. The machine-readable medium of claim 16, wherein the secure object handle providing step is carried out by incorporating at least the address of the context object and the signature in a header of a packet configured according to a predetermined communication protocol.
  - 26. The machine-readable medium of claim 16, wherein the signature integrity checking step includes at least one Boolean Exclusive OR (XOR) operation.
  - 27. The machine-readable medium of claim 16, wherein the signature integrity checking step includes a Cyclic Redundancy Check (CRC).
  - 28. The machine-readable medium of claim 16, wherein only the kernel carries out the signature integrity checking step.
  - 29. The machine-readable medium of claim 25, wherein the protocol is a connection oriented protocol.
  - 30. The machine-readable medium of claim 25, wherein the protocol includes TCP.

31. A computer system configured to securely enable communication of data from a kernel of an operating system to a client, the computer system comprising:
- at least one processor;
  
  at least one data storage device coupled to the at least one processor;
  
  a plurality of processes spawned by the at least one processor, the processes including processing logic for;
  
  providing a context object that includes the data to be accessible to the client;
  
  providing the kernel with a secure object handle, the secure object handle including an address of the context object;
  
  sending the secure object handle from the kernel to the client over a bidirectional interface;
  
  receiving, from the client, the secure object handle from the client over the bidirectional interface, indicating that the client requires access to the data in the context object, and checking an integrity of the secure object handle in the kernel and allowing access to the data by the client if the integrity check is successful and disallowing access to the data by the client if the integrity check is unsuccessful.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 32. The computer system of claim 31, wherein the context object providing step is carried out with the context object including a unique allocation stamp and wherein the secure object handle includes a field configured to store a value of the allocation stamp.
  - 33. The computer system of claim 31, wherein the secure object handle includes a signature and wherein the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 34. The computer system of claim 31, wherein the context object providing step is carried out with the context object including a unique allocation stamp and the secure object handle includes a field configured to store a value of the allocation stamp and wherein the secure object handle includes a signature and the secure handle integrity check includes a step of verifying an integrity of the signature.
  - 35. The computer system of claim 34, wherein the secure object handle providing step includes generating the signature as a predetermined function of a value of the unique allocation stamp and the address of the context object.
  - 36. The computer system of claim 31 wherein, when the integrity check is successful, the method further includes a step of the client accessing the data at the address of the context object in the received secure object handle.
  - 37. The computer system of claim 33, wherein the signature integrity checking step includes a step of the kernel computing a temporary variable and comparing the computed temporary variable to the signature in the secure object handle received from the client and disallowing access to the data by the client if the computed temporary variable does not match the signature.
  - 38. The computer system of claim 32, wherein the integrity checking step includes a step of disallowing access to the data by the client when the value of the allocation stamp in the secure object handle received from the client does not match the unique allocation stamp in the context object.
  - 39. The computer system of claim 32, further including a step of making the data unavailable to the client by changing the unique allocation stamp.
  - 40. The computer system of claim 32, wherein the secure object handle providing step is carried out by incorporating at least the address of the context object and the signature in a header of a packet configured according to a predetermined communication protocol.
  - 41. The computer system of claim 32, wherein the signature integrity checking step includes at least one Boolean Exclusive OR (XOR) operation.
  - 42. The computer system of claim 32, wherein the signature integrity checking step includes a Cyclic Redundancy Check (CRC).
  - 43. The computer system of claim 32, wherein only the kernel carries out the signature integrity checking step.
  - 44. The computer system of claim 40, wherein the protocol is a connection oriented protocol.
  - 45. The computer system of claim 40, wherein the protocol includes TCP.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liquid Computing Corporation, Seagate Technology LLC (Seagate Technology Holdings Plc)
Original Assignee
Liquid Computing Corporation
Inventors
Munter, Ernst, HUANG, Kaiyuan, Kemp, Michael

Granted Patent

US 8,631,106 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

G06F 15/173   using an interconnection ne...

H04L 1/1614   using bitmaps

H04L 1/1685   the supervisory signal bein...

H04L 47/20   Traffic policing

H04L 47/2441   relying on flow classificat...

H04L 47/35   by embedding flow control i...

H04L 47/746   Reaction triggered by a fai...

Secure handle for intra- and inter-processor communications

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

Secure handle for intra- and inter-processor communications

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links