Efficient security kernel for the 80960 extended architecture
First Claim
1. A security kernel for a computer system having resources organized into objects, the security kernel comprising:
- electrical storage means for electrically storing in electrical form an access control table that sets forth access rights of a plurality of predetermined programs relative to predetermined objects;
electrical storage means for electrically storing in electrical form an object table;
electrical processor means responsive to a computer program requesting setup for access to a requested one of the predetermined objects for checking the access control table for access rights of the requesting program, said processor means performing the following if the requesting program has the appropriate access rights;
(a) producing an entry in the object table for the requested object, said entry identifying the nature and location of the requested object, (b) generating an access descriptor containing (1) the location of the object table entry for the requested object and (2) an identification of the access rights of the requesting program as to the requested object as to which access is appropriate, and (c) making the access descriptor available to the requesting program such that the requesting program possess the access descriptor;
said processing means further utilizing access descriptors to check validity of access by a requesting program to a predetermined object for which the requesting program possess an access descriptor.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer security mechanism including an access control table specifying the predetermined access rights of each of a plurality of predetermined security subjects relative to predetermined security objects; a collection of mutually exclusive execution domains for each of the security subjects so that the executing processes of a security subject can only directly access code and data contained within the collection of domains of such security subject; a collection of mutually exclusive domains for a plurality of security object type managers, each of which is the sole owner of the right and ability to create and control access to security objects of a predetermined type, such that the only interaction between the execution environment of a security subject and the execution environment of another security subject is through operations on security objects performed through the services of the type managers; an object table for storing entries identifying the nature and location of security objects; and unforgeable access descriptors created by the security type managers by reference to the access control table for validation of access rights and utilized to allow access by security subjects to security objects via the object table, each access descriptor containing an index to the object table entry for the associated security object and identification of the access rights of the security subject with which the access descriptor is associated, whereby use of an access descriptor allows for efficient validation and mechanization of a requested access.
-
Citations
2 Claims
-
1. A security kernel for a computer system having resources organized into objects, the security kernel comprising:
-
electrical storage means for electrically storing in electrical form an access control table that sets forth access rights of a plurality of predetermined programs relative to predetermined objects; electrical storage means for electrically storing in electrical form an object table; electrical processor means responsive to a computer program requesting setup for access to a requested one of the predetermined objects for checking the access control table for access rights of the requesting program, said processor means performing the following if the requesting program has the appropriate access rights;
(a) producing an entry in the object table for the requested object, said entry identifying the nature and location of the requested object, (b) generating an access descriptor containing (1) the location of the object table entry for the requested object and (2) an identification of the access rights of the requesting program as to the requested object as to which access is appropriate, and (c) making the access descriptor available to the requesting program such that the requesting program possess the access descriptor;said processing means further utilizing access descriptors to check validity of access by a requesting program to a predetermined object for which the requesting program possess an access descriptor.
-
-
2. A computer system for executing a computer program, comprising:
-
an electrically represented access control table that sets forth the access rights of the program relative to predetermined security objects; an electrically represented object table that identifies predetermined security objects that the program can be validly accessed by the program; electrical processing means for providing to the program an access descriptor for each object table entry, each access descriptor containing a pointer to the associated security object table entry and an identification of the access rights of the program as to the associated object table entry, and for checking the validity of access by the program to one of the predetermined objects by checking the access descriptors of the program.
-
Specification