Taint vector locations and granularity

US 20150128262A1
Filed: 10/28/2011
Published: 05/07/2015
Est. Priority Date: 10/28/2011
Status: Abandoned Application

First Claim

Patent Images

1. A computing system comprising:

a plurality of resources operationally coupled into the computing system; and

at least one taint vector operable to list a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment or embodiments of a computing system can be adapted to manage security risk by accumulating and monitoring taint indications, and can respond to predetermined taint conditions detecting by the monitoring. An illustrative computing system can comprise a plurality of resources operationally coupled into the computing system, and at least one taint vector operable to list a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources.

41 Citations

View as Search Results

70 Claims

1. A computing system comprising:
- a plurality of resources operationally coupled into the computing system; and
  
  at least one taint vector operable to list a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The computing system according to claim 1 wherein:
    - the plurality of taints comprise one or more of a plurality of distinct classes comprising a plurality of distinct sources, events, activities, and/or conditions.
  - 3. The computing system according to claim 1 wherein:
    - ones of the at least one taint vector comprise a plurality of entries selectively allocated to ones of the plurality of taints.
  - 4. The computing system according to claim 1 wherein:
    - ones of the at least one taint vector are operable as an accumulator of a plurality of taint indicators indicative of potential security risk from a plurality of distinct sources at distinct times.
  - 5. The computing system according to claim 1 wherein:
    - ones of the at least one taint vector are operable as an accumulator for counting a number of tainted instructions.
  - 6. The computing system according to claim 1 wherein:
    - ones of the at least one taint vector comprise an entry that is allocated to selected ones of the plurality of resources wherein taints of the selected ones of the plurality of resources are federated to the entry.
  - 7. The computing system according to claim 1 wherein ones of the plurality of taints are selected from a group consisting of:
    - a null pointer reference;
      
      an attempt to access a secured part of a processor;
      
      an attempt to access a secured resource;
      
      a buffer overrun;
      
      an event originating in a region that raises suspicion;
      
      a fault;
      
      an integer overflow;
      
      a plurality of taint indicators that exceeds at least one predetermined threshold;
      
      a taint indicated by power law analysis;
      
      a taint indicated by a race function; and
      
      an attempt to access a key.
  - 8. The computing system according to claim 1 further comprising:
    - taint monitoring logic operable to acquire a history of the ones of the at least one taint vector.
  - 9. The computing system according to claim 1 further comprising:
    - taint monitoring logic operable to acquire and monitor a history of the ones of the at least one taint vector in a feedback loop that correlates taints with responses to the taints.
  - 10. The computing system according to claim 1 wherein:
    - ones of the at least one taint vector comprise a composite taint vector that correlates a taint source and a taint activity type.
  - 11. The computing system according to claim 1 further comprising:
    - at least one processor included in the plurality of resources;
      
      wherein;
      
      the at least one taint vector is selectively positioned within the at least one processor proximal to at least one source at which a taint originates.
  - 12. The computing system according to claim 1 further comprising:
    - at least one processor included in the plurality of resources;
      
      wherein;
      
      the at least one taint vector comprises a single taint bit corresponding to the at least one processor and operable to indicate at least one taint indicative of potential security risk of the at least one processor.
  - 13. The computing system according to claim 1 further comprising:
    - at least one processor included in the plurality of resources; and
      
      at least one register integrated into the at least one processor, wherein;
      
      the at least one taint vector is operable to indicate at least one taint indicative of potential security risk of the at least one register.
  - 14. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      the at least one taint vector is selectively positioned in a respective at least one location within the at least one memory.
  - 15. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      the plurality of taints are selectively distributed in a plurality of locations and organized distinctively for ones of the plurality of taints.
  - 16. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      the plurality of taints are associated with selected amounts of memory individually among ones of the plurality of taints.
  - 17. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      a single taint vector is allocated for an entire memory.
  - 18. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      a single taint vector is allocated for an entire memory and comprise a plurality of entries associated with different ranges in the entire memory.
  - 19. The computing system according to claim 1 further comprising:
    - at least one memory comprising at least one memory page included in the plurality of resources;
      
      wherein;
      
      ones of the plurality of taints are organized by memory page.
  - 20. The computing system according to claim 1 further comprising:
    - at least one memory comprising at least one memory page included in the plurality of resources;
      
      wherein;
      
      ones of the plurality of taints are applied to respective ones of at least one memory page.
  - 21. The computing system according to claim 1 further comprising:
    - at least one memory comprising at least one memory block included in the plurality of resources;
      
      wherein;
      
      level of taint is indicated per memory block.
  - 22. The computing system according to claim 1 further comprising:
    - at least one memory comprising a read-only page table and a read-write taint table included in the plurality of resources;
      
      wherein;
      
      size of the read-write taint table is reduced by hashing.
  - 23. The computing system according to claim 1 further comprising:
    - at least one memory included in the plurality of resources;
      
      wherein;
      
      ones of the plurality of taints are applied to the at least one memory on a per-byte basis.
  - 24. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks including a program code memory and a data memory included in the plurality of resources;
      
      wherein;
      
      tainting of program code memory and data memory are mutually distinctive.
  - 25. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      tainting of ones of the plurality of memory types are mutually distinctive.
  - 26. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks of a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      granularity of ones of the plurality of memory types are mutually distinctive wherein size of memory block per taint vector are mutually distinctive.
  - 27. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks of a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      granularity of ones of the plurality of memory types are mutually distinctive wherein size of memory block per taint vector are mutually distinctive.
  - 28. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks of a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      ones of the at least one taint vector comprise a plurality of entries are allocated distinctive numbers of bits per taint vector entry among ones of the plurality of memory types.
  - 29. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks of a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      response thresholds are set distinctively among ones of the plurality of memory types.
  - 30. The computing system according to claim 1 further comprising:
    - at least one memory comprising a plurality of memory blocks of a plurality of memory types included in the plurality of resources;
      
      wherein;
      
      taint accumulation decay rates are set distinctively among ones of the plurality of memory types.

31. A method operable in a computing device for handling security risk comprising:
- receiving at least one taint indicator from a plurality of resources operationally coupled to the computing device;
  
  tracking a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources; and
  
  listing the plurality of taints indicative of potential security risk in at least one taint vector.

32-59. -59. (canceled)

60. A computer program product comprising:
- program instructions operable to receive at least one taint indicator from a plurality of resources operationally coupled to the computing device;
  
  program instructions operable to track a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources; and
  
  program instructions operable to list the plurality of taints indicative of potential security risk in at least one taint vector.

61-68. -68. (canceled)

69. A computing system comprising:
- means for receiving at least one taint indicator from a plurality of resources operationally coupled to the computing system;
  
  means for tracking a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources; and
  
  means for listing the plurality of taints indicative of potential security risk in at least one taint vector.

70-77. -77. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
RPX Corporation
Inventors
Glew, Andrew F., Gerrity, Daniel A., Tegreene, Clarence T.

Application Number

US13/317,825
Publication Number

US 20150128262A1
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/575   Secure boot

G06F 21/577   Assessing vulnerabilities a...

G06F 21/79   in semiconductor storage me...

Taint vector locations and granularity

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

70 Claims

Specification

Solutions

Use Cases

Quick Links

Taint vector locations and granularity

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

70 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links