EFFICIENT SECURE DATA MARSHALING THROUGH AT LEAST ONE UNTRUSTED INTERMEDIATE PROCESS
First Claim
1. A machine-implemented method for securely marshaling data between processes executing in at least one computing device, the machine-implemented method comprising:
- creating a shared memory section by a source process executing in a computing device;
populating the shared memory section by the source process;
marshaling reference information regarding the populated shared memory section from the source process to a first intermediate process of at least one intermediate process executing in the computing device, the reference information not permitting access to the populated shared memory section by the at least one intermediate process;
repeating the marshaling, only when the at least one intermediate process includes at least two intermediate processes, respective reference information from a respective intermediate process to a next respective intermediate process until the next intermediate process is a last intermediate process;
marshaling the reference information regarding the populated shared memory section from a last one of the at least one intermediate process to a target process executing in the computing device;
opening, by the target process, a new handle to the shared memory section by using at least some of the marshaled reference information; and
reading, by the target process, the populated shared memory section.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure marshaling of data via one or more intermediate processes is provided. A source process may create a named shared memory section resulting in a first handle to the shared memory section. The source process may populate the shared memory section with information. An access control list may secure the shared memory section by preventing the one or more intermediate processes from accessing content of the shared memory section, while allowing a target process to access the content. The first handle and a name of the shared memory section may be marshaled to a first intermediate process resulting in a respective new handle to the shared memory section. A last intermediate process may marshal the name to a target process, which may use the name to obtain access to the content of the shared memory section.
-
Citations
20 Claims
-
1. A machine-implemented method for securely marshaling data between processes executing in at least one computing device, the machine-implemented method comprising:
-
creating a shared memory section by a source process executing in a computing device; populating the shared memory section by the source process; marshaling reference information regarding the populated shared memory section from the source process to a first intermediate process of at least one intermediate process executing in the computing device, the reference information not permitting access to the populated shared memory section by the at least one intermediate process; repeating the marshaling, only when the at least one intermediate process includes at least two intermediate processes, respective reference information from a respective intermediate process to a next respective intermediate process until the next intermediate process is a last intermediate process; marshaling the reference information regarding the populated shared memory section from a last one of the at least one intermediate process to a target process executing in the computing device; opening, by the target process, a new handle to the shared memory section by using at least some of the marshaled reference information; and reading, by the target process, the populated shared memory section. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computing device comprising:
-
at least one processor; and a memory connected to the at least one processor, the memory having instructions recorded therein, such that when the at least one processor executes the instructions, a method is performed comprising; creating a shared memory section and opening a first handle for a source process, the first handle referencing the shared memory section, populating, by the source process, the shared memory section, creating and opening, by the source process, a new handle that references the shared memory section for a current intermediate process of at least one intermediate process, the second handle being based on the first handle to the shared memory process and having a desired access attribute that permits limited or no access to content of the shared memory section by the at least one intermediate process, closing the first handle by the source process; marshaling, by the source process, a name of the shared memory section to the intermediate process, repeating while the current intermediate process is not a last intermediate process of the at least one intermediate process; creating and opening, by the current intermediate process, a respective new handle that references the shared memory section for a next current intermediate process of the at least one intermediate process, marshaling, by the current intermediate process, the name of the shared memory section to the next current intermediate process of the at least one intermediate process, closing the respective new handle by the current intermediate process, preparing to perform processing for the next current intermediate process as the current intermediate process, creating and opening, by the last intermediate process of the at least one intermediate process, a second handle that references the shared memory section for a target process, closing the respective new handle by the last intermediate process, marshaling, by the last intermediate process, the name of the shared memory section to the target process, opening, by the target process, a third handle to the shared memory section by using the marshaled name of the shared memory section, closing the second handle by the target process, and reading, by the target process, the shared memory section. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A machine-readable storage medium having instructions recorded therein, such that when the instructions are executed by at least one processor of a computing device, the computing device performs a method comprising:
-
creating, by a source process executing on the computing device, a shared memory section and opening a first handle that references the shared memory section for the source process, populating, by the source process, the shared memory section, the populating including storing of size information in the shared memory section, the size information indicating a size of the shared memory section used, creating and opening, by the source process, a respective new handle that references the shared memory section for a current intermediate process of at least one intermediate process, the respective new handle having a desired access attribute that permits limited or no access to content of the shared memory section by the at least one intermediate process, closing the first handle by the source process; marshaling, by the source process, a name of the shared memory section to the current intermediate process, repeating while the current process is not a last intermediate process of the at least one intermediate process; creating and opening, by the current intermediate process, a respective new handle that references the shared memory section for a next current intermediate process of the at least one intermediate process, marshaling, by the current intermediate process, the name of the shared memory section to the next current intermediate process of the at least one intermediate process, closing the respective new handle by the current intermediate process, preparing to perform processing for the next current intermediate process as the current intermediate process, creating and opening, by the last intermediate process, a second handle that references the shared memory section for a target process, closing the respective new handle by the last intermediate process, marshaling, by the last intermediate process, the name of the shared memory section to the target process, opening, by the target process, a third handle to the shared memory section by using the name of the shared memory section, closing the second handle by the target process, and reading, by the target process, the shared memory section. - View Dependent Claims (17, 18, 19, 20)
-
Specification