Protection of data in an information multiprocessing system by implementing a concept of rings to represent the different levels of privileges among processes
First Claim
1. In an automatic data processing apparatus for processing information, including a virtual memory having stored therein a plurality of different types of groups of information, each information group-type associated with an address space in said virtual memory bounded by a segment having adjustable bounds, said information being protected against unauthorized uses by a hierarchy of concentric ring levels (i.e. levels of privilege) wherein each group-type of information is associated with a predetermined ring number indicative of a level of privilege, said level of privilege decreasing as the associated ring number increases, an apparatus for generating a write-violation-exception signal comprising:
- (a) first means for storing first information indicating the maximum ring number RD (i.e. minimum level of privilege) required to read invormation from said selected group;
(b) second means for storing second information indicating the maximum ring number WR (i.e. minimum level of privilege) required to write information into said selected group;
(c) third means for storing third information indicating the maximum ring number MAXR (i.e. minimum level of privilege) required to process information from said selected group;
(d) fourth means interconnecting said first, second and third means, for determining the maximum of the contents of said first, second and third means, whereby an effective address ring number EAR is generated;
(e) fifth means connected with said second means, for comparing the effective address ring number EAR with the write ring number WR; and
,(f) sixth means connected with said fifth means for generating a write-violation-exception signal when EAR is greater than WR.
0 Assignments
0 Petitions
Accused Products
Abstract
Computer data and procedure protection by preventing processes from intering with each other or sharing each other'"'"'s address space in an unauthorized manner is accomplished in hardware/firmware by restricting addressability to a segmented memory and by a ring protection mechanism.
To protect information in segments shared by several processes from misuse by one of these processes a ring protection hardware system is utilized. There are four ring classes numbered 0 through 3. Each ring represents a level of system privilege with level 0 (the innermost ring) having the most privilege and level 3 (the outermost ring) the least. Every procedure in the system has a minimum and a maximum execute ring number assigned to it which specifies who may legally call the procedure. Also maximum write and read ring numbers specify the maximum ring numbers for which a write and/or read operation is permitted.
Processes use a segmented address during execution wherein segment tables isolate the address space of the various processes in the system. Hardware checks that the address used by a process is part of the address space assigned to the process, and if the address is outside the prescribed address space, an exception occurs. A process cannot refer to data within the address space of another process because the hardware uses the segment table of the referencing process.
164 Citations
11 Claims
-
1. In an automatic data processing apparatus for processing information, including a virtual memory having stored therein a plurality of different types of groups of information, each information group-type associated with an address space in said virtual memory bounded by a segment having adjustable bounds, said information being protected against unauthorized uses by a hierarchy of concentric ring levels (i.e. levels of privilege) wherein each group-type of information is associated with a predetermined ring number indicative of a level of privilege, said level of privilege decreasing as the associated ring number increases, an apparatus for generating a write-violation-exception signal comprising:
-
(a) first means for storing first information indicating the maximum ring number RD (i.e. minimum level of privilege) required to read invormation from said selected group; (b) second means for storing second information indicating the maximum ring number WR (i.e. minimum level of privilege) required to write information into said selected group; (c) third means for storing third information indicating the maximum ring number MAXR (i.e. minimum level of privilege) required to process information from said selected group; (d) fourth means interconnecting said first, second and third means, for determining the maximum of the contents of said first, second and third means, whereby an effective address ring number EAR is generated; (e) fifth means connected with said second means, for comparing the effective address ring number EAR with the write ring number WR; and
,(f) sixth means connected with said fifth means for generating a write-violation-exception signal when EAR is greater than WR.
-
-
2. In an automatic data processing apparatus for processing information, including a virtual memory having stored therein a plurality of different types of groups of information, each information group-type associated with an address space in said virtual memory bounded by a segment having adjustable bounds, said information being protected against unauthorized uses by a hierarchy of concentric ring levels (i.e. levels of privilege) wherein each group-type of information is associated with a predetermined ring number indicative of a level of privilege, said level of privilege decreasing as the associated ring number increases, an apparatus for generating a read-violation-exception signal comprising:
-
(a) first means for storing first information indicating the maximum ring number RD (i.e. minimum level of privilege) required to read information from said selected group; (b) second means for storing second information indicating the maximum ring number WR (i.e. minimum level of privilege) required to write information into said selected group; (c) third means for storing third information indicating the maximum ring number MAXR (i.e. minimum level of privilege) required to process information from said selected group; (d) fourth means interconnected with said first, second and third means, for determining the maximum of the contents of said first, second and third means, whereby an effective address ring number EAR is generated; (e) fifth means connected with said first means, for comparing the effective address ring number EAR with the read ring number RD; and
,(f) sixth means, connected with said fifth means, for generating a read-violation-exception signal when EAR is greater than RD. - View Dependent Claims (3)
-
-
4. In an automatic data processing apparatus for processing information, including a virtual memory having stored therein a plurality of different types of groups of information, each information group-type associated with an address space in said virtual memory bounded by a segment having adjustable bounds, said information being protected against unauthorized uses by a hierarchy of concentric ring levels (i.e. levels of privilege) wherein each group-type of information is associated with a predetermined ring number indicative of a level of privilege, said level of privilege decreasing as the associated ring number increases, an apparatus for generating an execute-violation-exception signal comprising:
-
(a) first means for storing first information indicating the maximum ring number RD (i.e. minimum level of privilege) required to read information from said selected group; (b) second means for storing second information indicating the maximum ring number WR (i.e. minimum level of privilege) required to write information into said selected group; (c) third means for storing third information indicating the maximum ring number MAXR (i.e. minimum level of privilege) required to process information from said selected group; (d) fourth means interconnecting with said first, second and third means, for determining the maximum of the contents of said first, second and third means, whereby an effective address ring number EAR is generated; (e) fifth means connected with said second and third means, for comparing the maximum ring number MAXR and the write ring number WR with the effective-address-ring number EAR; and
,(f) sixth means connected with said fifth means for generating an execute-violation-exception signal when the MAXR is not equal or greater than EAR which in turn is not equal or greater than WR.
-
-
5. In an automatic data processing apparatus for processing information, including a virtual memory having stored therein a plurality of different types of groups of information, each information group-type associated with an address space in said virtual memory bounded by a segment having adjustable bounds, said information being protected against unauthorized uses by a hierarchy of concentric ring levels (i.e. levels of privilege) wherein each group-type of information is associated with a predetermined ring number indicative of a level of privilege, said level of privilege decreasing as the associated ring number increases, an apparatus for determining the maximum effective address ring number EAR (i.e. minimum level of privilege) of a selected process to access a selected group of information comprising:
-
(a) first means for storing first information indicating the maximum ring number RD (i.e. minimum level of privilege) required to read information from said selected group; (b) second means for storing second information indicating the maximum ring number WR (i.e. minimum level of privilege) required to write information into said selected group; (c) third means for storing third information indicating the maximum ring number MAXR (i.e. minimum level of privilege) required to process information from said selected group; and
,(d) fourth means interconnecting said first, second and third means, for determining the maximum of the contents of said first, second and third means, whereby the effective address ring number EAR is generated. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. The combination as recited in 10 including eleventh means for storing a process ring number PRN of a currently executing process, and also including twelfth means for connected with said eleventh means, and further including thirteenth means connected with said twelfth means for overriding said read-violation-exception signal when the effective address ring number EAR is equal to the process ring number PRN of the currently executing process.
Specification