Method for security shield implementation in computer system's software

US 5,925,126 A
Filed: 03/18/1997
Issued: 07/20/1999
Est. Priority Date: 03/18/1997
Status: Expired due to Term

First Claim

Patent Images

1. Computer software for a security implementation method for computer system software, said computer software being stored on a computer readable medium, said medium being executed on said computer system, comprising:

means for system call interception for intercepting non-interactive commands, file access commands, program access requests, and network access commands from a user of said computer system software;

means for intercepting interactive commands from said user of said computer systems software;

examination means for examining said non-interactive commands and said interactive commands from the user of said computer system software;

means for performing a rule check functions of said non-interactive commands and said interactive commands from the user of said computer system software;

means for implementing log in functions of said non-interactive and said interactive commands from the user of the computer system software; and

,means for forwarding accepted said non-interactive commands, file access commands, program access requests, network access commands, and said interactive commands to the operating system of said computer system software.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security shield implementation method comprising computer software for use with a computer system'"'"'s software which is transparent to the user of the computer system software and utilizes the steps of system call interception and interactive command interception to control access by a user of the computer system software. The system call interception for non-interactive commands, file access, programs, networks, and the interactive commands, such as access to interactive programs, are routed and examined by redirector software. Security rule checks and log event functions are then conducted on the non-interactive commands, file access requests, programs, networks, and the interactive commands. If a non-interactive command, file access request, program, network, or an interactive command is approved, the command request is then forwarded to the computer operating system.

Citations

18 Claims

1. Computer software for a security implementation method for computer system software, said computer software being stored on a computer readable medium, said medium being executed on said computer system, comprising:
- means for system call interception for intercepting non-interactive commands, file access commands, program access requests, and network access commands from a user of said computer system software;
  
  means for intercepting interactive commands from said user of said computer systems software;
  
  examination means for examining said non-interactive commands and said interactive commands from the user of said computer system software;
  
  means for performing a rule check functions of said non-interactive commands and said interactive commands from the user of said computer system software;
  
  means for implementing log in functions of said non-interactive and said interactive commands from the user of the computer system software; and
  
  ,means for forwarding accepted said non-interactive commands, file access commands, program access requests, network access commands, and said interactive commands to the operating system of said computer system software.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer software of claim 1, wherein said means for system call interception comprises a redirector means.
  - 3. The computer software of claim 1, wherein said means for intercepting interactive commands form said user of said computer system software comprises a redirector means.
  - 4. The computer software of claim 1, wherein a means for controlling access to an interactive program in said computer system software comprises interactive command interception means.
  - 5. The computer software of claim 1, wherein said method is utilized for internet software application protection by file access control means.

6. A method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user, comprising:
- step for controlling access to files of said computer system software by redirector means for intercepting a non-interactive command request from a computer system user prior to forwarding to an operating system software, performing a rule check and a log event function using operating system call interception, returning a failed rule check to said computer system user via open system call, and forwarding for continued processing succeeded rule check requests to said operating system;
  
  step for controlling access to interactive programs by redirector means for intercepting an interactive command from a user and returning failed rule check interactive commands to said user and to continue processing succeeded rule check interactive commands;
  
  forwarding accepted said interactive or said non-interactive commands for processing by the operating system software.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 7. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said step for controlling access to files of said computer system software comprises redirecting file "open" system calls to said redirector means for examination and processing.
  - 8. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said step for controlling access to files of said computer system software comprises redirecting file "exc" system calls to said redirector means for examination and processing.
  - 9. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said non-interactive command controls access to said files of said computer system software.
  - 10. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said non-interactive command controls access to a program of said computer system software.
  - 11. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said redirector means for intercepting said requests for said computer system user comprises redirecting interactive commands via a command interception and returning a failed rule check command to said user.
  - 12. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said redirector means for intercepting said requests for said computer system user comprises redirecting interactive commands via a command interception and processing said interactive command if said users access is approved by passing said rule check.
  - 13. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said step for controlling access to said interactive programs in said computer system software utilizes a small foot print of memory in said operating system.
  - 14. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein an access control list is stored in a user'"'"'s computer systems memory.
  - 15. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said step for controlling access to files of said computer system software and said means for controlling access to interactive programs in said computer system call interception means and command interception means, whereby a large number of files of said computer software system are protected.
  - 16. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said method is utilized in a UNIX operating system.
  - 17. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, wherein said method is utilized to secure and protect webscripts file access control means.
  - 18. The method for security shield implementation in computer system software for protection of the computer system software from unauthorized access by a user of claim 6, further including step for performing a rule check function for file access by restricting access through a specific application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MEMCO Software Ltd (Broadcom, Inc.)
Original Assignee
MEMCO Software Ltd (Broadcom, Inc.)
Inventors
Hsieh, Vincent
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
WRIGHT, NORMAN M

Application Number

US08/820,290
Time in Patent Office

854 Days
Field of Search

395/186, 395/187.01, 395/183.15, 380/23, 380/4
US Class Current

726/19
CPC Class Codes

G06F 21/6281 at program execution time, ...

Method for security shield implementation in computer system's software

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method for security shield implementation in computer system's software

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links