System and method for securing computer-executable program code using task gates

US 5,940,590 A
Filed: 05/31/1997
Issued: 08/17/1999
Est. Priority Date: 05/31/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method of providing computer-related security, the method comprising the steps of:

embedding within a body of computer application code, at a location defining a computer-executable task, security-related computer-executable information denominated as a task gate defining user-related security criteria that must be satisfied in order to execute the computer-executable task;

invoking the task gate responsive to encountering it during execution of the computer application program code; and

responsive to invoking the task gate determining whether the predetermined security conditions have been met before allowing execution of the computer-executable task.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and apparatus including a security-related computer-executable module, preferably embodied as software that operates in combination with a computer to secure arbitrarily located application program code. The system is capable of performing the method of inserting or placing at a location in a computer program defining a computer-executed task, security-related computer-executable information denominated as a task gate defining predetermined security conditions that must be meet to proceed past the task gate. The task gate is invoked when encountered during execution of the computer program. The gate is used to determine whether the predetermined security conditions have been met before allowing any further computer execution of the program.

Citations

19 Claims

1. A method of providing computer-related security, the method comprising the steps of:
- embedding within a body of computer application code, at a location defining a computer-executable task, security-related computer-executable information denominated as a task gate defining user-related security criteria that must be satisfied in order to execute the computer-executable task;
  
  invoking the task gate responsive to encountering it during execution of the computer application program code; and
  
  responsive to invoking the task gate determining whether the predetermined security conditions have been met before allowing execution of the computer-executable task.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the computer application program code executes in an object-oriented environment and the security-related computer-executable information is encapsulated within the method of an object.
  - 3. The method of claim 2, wherein the task gate secures access to an object that may be involved with the execution of the computer-executable task.
  - 4. The method of claim 1, wherein the task gate secures access to a resource that may be involved with execution of the computer-executable task.
  - 5. The method of claim 1, further comprising the step of scanning the computer application program code prior to the step of invoking the task gate to determine the location of the task gate.
  - 6. The method of claim 5, wherein the location and a description of the task gate in computer application program code is added to a database stored in storage following the step of scanning the code.
  - 7. The method of claim 1, wherein the location of the task gate in computer application program code is added to a database stored in storage.
  - 8. The method of claim 1, wherein the security-related information of the task gate contains information that allows a user having security-related authority that satisfies the user-related security criteria to receive additional security-related authority based on the computer-executable task that expires when the computer-executable task is complete.

9. A system comprising:
- a computer having a processing unit coupled with main memory and further coupled with storage;
  
  a security-related module in main memory and configured for communicating with the processing unit to perform the computer-executed steps of;
  
  responsive to encountering security-related computer-executable information denominated as a task gate embedded within a computer application program in main-memory, at a location defining a computer-executable task, invoking the task gate, wherein the task gate defines security-related criteria that must be satisfied in order to execute the computer-executable task; and
  
  responsive to invoking the task gate, determining whether the predetermined security conditions have been met before allowing execution of the computer-executable task.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the computer application program code executes in an object-oriented environment and the security-related computer-executable information is encapsulated within an object.
  - 11. The system of claim 10, wherein the task gate secures access to an object that may be involved with the execution of the computer-executable task.
  - 12. The system of claim 9, wherein the task gate secures access to a resource that may be involved with execution of the computer-executable task.
  - 13. The system of claim 9, further including a computer application program code scanner for scanning the computer application program code prior to the step of invoking the task gate to determine the location and description of the task gate.
  - 14. The system of claim 13, further including a database stored in fixed storage and wherein the location and description of the task gate in computer application program code is added to a database stored in storage by the code scanner.
  - 15. The system of claim 9, wherein the location and description of the task gate in computer application program code is added to a database stored in storage.
  - 16. The system of claim 9, wherein the security-related information of the task gate contains information that allows a user having security-related authority that satisfies the user-related security criteria to receive additional security-related authority based on the computer-executable task that is only valid until the computer-executable task is complete.

17. An apparatus comprising:
- a processing unit;
  
  main memory for executing a computer application program that is in communication with the processing unit;
  
  storage in communication with the processing unit and main memory; and
  
  a security-related module in communication with main memory that invokes a security-related procedure responsive to encountering computer-executable security-related information denominated as a task gate embedded within a computer application program executing in main-memory, at a location defining a computer-executable task, wherein the task gate defines security criteria that must be satisfied in order to execute the computer-executable task.
- View Dependent Claims (18)
- - 18. The apparatus of claim 17, wherein the security-related procedure invoked by the security-related module determines whether the predetermined security conditions have been met before allowing execution of the computer-executable task.

19. A program-product for use in a computer system, comprising:
- at least one computer-usable signal-bearing medium carrying thereon;
  
  a gate-invoking module that is responsive to encountering computer-executable information denominated as a task gate embedded within a computer program in main-memory at a location defining a computer-executable task by invoking the task gate when the gate-invoking module is executed in the computer system wherein the task gate defines security-related criteria that must be satisfied in order to execute the computer-executable task; and
  
  a gate-checking module that is responsive to the gate-invoking module invoking of the task gate by determining whether the predetermined security conditions have been met before allowing execution of the computer-executable task when the gate-checking module is executed in the computer system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Lynne, Kenton Jerome, Richards, Dianne Elaine
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Elisca, Pierre E.

Application Number

US08/866,956
Time in Patent Office

808 Days
Field of Search

395/186, 395/187.01, 395/188.01, 395/200.59, 380/4, 380/25, 380/30
US Class Current

726/35
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/62   Protecting access to data v...

G06F 21/629   to features or functions of...

System and method for securing computer-executable program code using task gates

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securing computer-executable program code using task gates

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links