Inter-Process Message Security
First Claim
1. A method for providing inter-process messaging security, the method comprising:
- receiving a message from a first process associated with a first process chamber;
determining a destination process for the message;
determining whether the destination process is associated with a second process chamber;
in response to determining that the destination process is associated with the second process chamber, determining whether at least one security policy permits interaction between the first and second process chambers;
in response to determining that the at least one security policy permits interaction between the first and second process chambers, sending the message to the destination process.
2 Assignments
0 Petitions
Accused Products
Abstract
An inter-process messaging security management may be provided. A message comprising an operation to be performed may be sent from a process operating in a process chamber to a second process operating in another chamber. Before the message is allowed to be delivered, the validity of the operation contained in the message may be verified and a security policy may be examined to determine whether the message is permitted to be sent from the first process to the second process. If the security policy permits the second process to execute the operation requested by the first process, the message may be delivered to the second process. If the operation is not permitted, the message may not be delivered and an error message may be returned to the first process.
-
Citations
20 Claims
-
1. A method for providing inter-process messaging security, the method comprising:
-
receiving a message from a first process associated with a first process chamber; determining a destination process for the message; determining whether the destination process is associated with a second process chamber; in response to determining that the destination process is associated with the second process chamber, determining whether at least one security policy permits interaction between the first and second process chambers; in response to determining that the at least one security policy permits interaction between the first and second process chambers, sending the message to the destination process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-readable medium which stores a set of instructions which when executed performs a method for providing inter-process message security, the method executed by the set of instructions comprising:
-
receiving a message from a first process associated with a first process chamber for a second process; determining whether the second process is associated with a second process chamber; in response to determining that the second process is associated with the second process chamber, determining whether at least one security policy is associated with the first and second process chambers; in response to determining that the at least one security policy is associated with the first and second process chambers, determining whether the at least one security policy associated with the first and second process chambers permits the message to be sent from the first process chamber to the second process chamber; and in response to determining that the at least one security policy associated with the first and second process chambers permits the message to be sent from the first process chamber to the second process chamber, sending the message to the second process. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for providing inter-process message security, the system comprising:
-
a memory storage; and a processing unit coupled to the memory storage, wherein the processing unit is operative to; receive a message comprising an operation request from a first process; determine a process chamber associated with the first process; determine a process chamber associated with at least one destination process; if the process chamber associated with the first process is the same as the process chamber associated with the at least one destination process, send the message to the at least one destination process; if the process chamber associated with the first process is not the same as the process chamber associated with the at least one destination process and the operation request is unable to be performed unless the first process and the destination process are associated with the same process chamber, discard the message; determine whether at least one security policy is associated with the process chamber associated with the first process and the process chamber associated with the at least one destination process; in response to determining that the at least one security policy is associated with the process chamber associated with the first process and the process chamber associated with the at least one destination process, determine whether the at least one security policy associated with the process chamber associated with the first process and the process chamber associated with the at least one destination process permits the message to be sent from the first process to the destination process; and in response to determining whether the at least one security policy associated with the process chamber associated with the first process and the process chamber associated with the at least one destination process permits the message to be sent from the first process to the destination process, send the message to the destination process.
-
Specification