Implementing security control practice omission decisions from service emulation indications

US 20080235000A1
Filed: 03/22/2007
Published: 09/25/2008
Est. Priority Date: 03/22/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

obtaining an indication of an emulation of a service in a first environment with a first security control practice; and

signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, computer program product, and carrier are described for obtaining an indication of an emulation of a service in a first environment with a first security control practice or obtaining one or more gradational norms of software performance in an emulation environment; and signaling a decision whether to allow a software object to execute in another environment at least partly as a result of whether the software object apparently performed in conformity with the one or more gradational norms of software performance in the emulation environment or signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice.

97 Citations

View as Search Results

60 Claims

1. A method comprising:
- obtaining an indication of an emulation of a service in a first environment with a first security control practice; and
  
  signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 9, 10, 11, 12, 13, 15)
- - 2. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - emulating the service with an instruction sequence and with the first security control practice in response to an insufficient trust level relating to the instruction sequence.
  - 3. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - causing the first environment to emulate a first portion of the service and to execute a second portion of the service natively.
  - 4. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - implementing the first security control practice as one or more of a data integrity policy or a transaction integrity policy.
  - 5. The method of claim 1 in which signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - causing the second environment to use the first security control practice in response to the indication relating to the first security control practice.
  - 6. The method of claim 1 in which signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - requesting the decision whether to use the second environment without the first security control practice.
  - 7. The method of claim 1 in which signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - obtaining status information about the second environment.
  - 9. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - including at least state information from the emulation in the indication of the emulation of the service in the first environment.
  - 10. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - obtaining status information about the first environment.
  - 11. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - obtaining current status information about the service.
  - 12. The method of claim 1 in which obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - receiving an indication that a transaction protocol has been circumvented.
  - 13. The method of claim 1 in which signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - deciding not to host the service in the second environment without a second security control practice at least partly in response to the indication signaling an incorrect outcome from the performance of the service in the emulation environment with the first security control practice.
  - 15. The method of claim 1 in which signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - deciding to configure the second environment with a second security control practice in response to the indication signaling an anomaly from the performance of the service in the emulation environment with the first security control practice.

8. (canceled)

14. (canceled)

16. A system comprising:
- circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice; and
  
  circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice.
- View Dependent Claims (17, 18, 20, 21, 22, 23, 24, 25, 26, 27, 29, 30)
- - 17. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for emulating the service with an instruction sequence and with the first security control practice in response to an insufficient trust level relating to the instruction sequence.
  - 18. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for causing the first environment to emulate a first portion of the service and to execute a second portion of the service natively.
  - 20. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for causing the second environment to use the first security control practice in response to the indication relating to the first security control practice.
  - 21. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for requesting the decision whether to use the second environment without the first security control practice.
  - 22. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for obtaining status information about the second environment.
  - 23. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for deciding whether to perform any of the service.
  - 24. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for including at least state information from the emulation in the indication of the emulation of the service in the first environment.
  - 25. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for obtaining status information about the first environment.
  - 26. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for obtaining current status information about the service.
  - 27. The system of claim 16 in which the circuitry for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - circuitry for receiving an indication that a transaction protocol has been circumvented.
  - 29. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for configuring the second environment without the first security control practice.
  - 30. The system of claim 16 in which the circuitry for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - circuitry for deciding to configure the second environment with a second security control practice in response to the indication signaling an anomaly from the performance of the service in the emulation environment with the first security control practice.

19. (canceled)

28. (canceled)

31. A system comprising:
- means for obtaining an indication of an emulation of a service in a first environment with a first security control practice; and
  
  means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 32. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for emulating the service with an instruction sequence and with the first security control practice in response to an insufficient trust level relating to the instruction sequence.
  - 33. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for causing the first environment to emulate a first portion of the service and to execute a second portion of the service natively.
  - 34. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for implementing the first security control practice as one or more of a data integrity policy or a transaction integrity policy.
  - 35. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for causing the second environment to use the first security control practice in response to the indication relating to the first security control practice.
  - 36. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for requesting the decision whether to use the second environment without the first security control practice.
  - 37. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for obtaining status information about the second environment.
  - 38. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for deciding whether to perform any of the service.
  - 39. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for including at least state information from the emulation in the indication of the emulation of the service in the first environment.
  - 40. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for obtaining status information about the first environment.
  - 41. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for obtaining current status information about the service.
  - 42. The system of claim 31 in which the means for obtaining an indication of an emulation of a service in a first environment with a first security control practice comprises:
    - means for receiving an indication that a transaction protocol has been circumvented.
  - 43. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for deciding not to host the service in the second environment without a second security control practice at least partly in response to the indication signaling an incorrect outcome from the performance of the service in the emulation environment with the first security control practice.
  - 44. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for configuring the second environment without the first security control practice.
  - 45. The system of claim 31 in which the means for signaling a decision whether to use a second environment without the first security control practice in performing at least a portion of the service as a result of the indication of the emulation of the service in the first environment with the first security control practice comprises:
    - means for deciding to configure the second environment with a second security control practice in response to the indication signaling an anomaly from the performance of the service in the emulation environment with the first security control practice.

46. A method comprising:
- obtaining one or more gradational norms of software performance in an emulation environment; and
  
  signaling a decision whether to allow a software object to execute in another environment at least partly as a result of whether the software object apparently performed in conformity with the one or more gradational norms of software performance in the emulation environment.

47-54. -54. (canceled)

55. A system comprising:
- circuitry for obtaining one or more gradational norms of software performance in an emulation environment; and
  
  circuitry for signaling a decision whether to allow a software object to execute in another environment at least partly as a result of whether the software object apparently performed in conformity with the one or more gradational norms of software performance in the emulation environment.
- View Dependent Claims (59)
- - 59. The system of claim 55 in which the circuitry for signaling a decision whether to allow a software object to execute in another environment at least partly as a result of whether the software object apparently performed in conformity with the one or more gradational norms of software performance in the emulation environment comprises:
    - circuitry for deciding whether to allow the software object to execute in the other environment as a result of whether a leakage larger than a threshold occurred in the emulation environment while hosting the software object.

56-58. -58. (canceled)

60-72. -72. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MEC Management, LLC (Three Affiliated Tribes of the Fort Berthold Reservation, North Dakota)
Original Assignee
Searete LLC (Intellectual Ventures LLC)
Inventors
Cohen, Alexander J., Lord, Robert W., Jung, Edward K.Y., Levien, Royce A., Malamud, Mark A., Rinaldo, John D., Wood, Lowell L.

Application Number

US11/728,312
Publication Number

US 20080235000A1
Time in Patent Office

Days
Field of Search
US Class Current

703/26
CPC Class Codes

G06F 21/53 by executing in a restricte...

Implementing security control practice omission decisions from service emulation indications

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

97 Citations

60 Claims

Specification

Use Cases

Quick Links

Others

Implementing security control practice omission decisions from service emulation indications

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

60 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others