Managing the risk of executing a software process using a capabilities assessment and a policy

US 6,088,801 A
Filed: 01/10/1997
Issued: 07/11/2000
Est. Priority Date: 01/10/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A method for managing the risk of executing a software process bya.) in response to a request from a user or a software process X to execute a software process Y on a virtual machine, such process Y having access to a plurality of resources, such resources being any item under control of a virtual machine, said process Y consisting of a series of one or more instructions to be executed by a virtual machine, reading the instructions that define process Y,b.) determining the capabilities of process Y, such capabilities being defined in the context of a virtual machine, each capability being defined by one or more instructions,c.) reading a policy P containing a list of potential capabilities available for a virtual machine and corresponding procedures to be followed for each capability,d.) comparing capabilities with policy P to determine which procedures are applicable,e.) and performing said procedures before process Y is executed,whereby enabling a user to manage the risk of executing a software process.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for managing the risk of executing a software process on a computer by programmatically determining the capabilities of the software process before it executes and determining whether these capabilities are authorized within an access control policy. The capabilities define what functions a software process can perform in the context of a virtual machine. The method comprises the steps of assessing the software process to determine what capabilities it possesses, maintaining one or more policies which list potential capabilities and corresponding authorizations for one or more contexts, and a unit for comparing the software process capabilities with a policy.

102 Citations

View as Search Results

15 Claims

1. A method for managing the risk of executing a software process bya.) in response to a request from a user or a software process X to execute a software process Y on a virtual machine, such process Y having access to a plurality of resources, such resources being any item under control of a virtual machine, said process Y consisting of a series of one or more instructions to be executed by a virtual machine, reading the instructions that define process Y,b.) determining the capabilities of process Y, such capabilities being defined in the context of a virtual machine, each capability being defined by one or more instructions,c.) reading a policy P containing a list of potential capabilities available for a virtual machine and corresponding procedures to be followed for each capability,d.) comparing capabilities with policy P to determine which procedures are applicable,e.) and performing said procedures before process Y is executed,whereby enabling a user to manage the risk of executing a software process.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 further comprisinga) a plurality of policies, each corresponding to a potential context, a context being a particular set of circumstances under which a software process may be executed,b) and a means of determining which policy should be applied to a given context,whereby enabling a user to manage the risk of executing a software process, based on a context-dependent policy and a particular context.
  - 3. The method of claim 1 wherein capabilities are determined by scanning process Y for predefined byte-code sequences representing capabilities.
  - 4. The method of claim 1 wherein capabilities are determined by reverse compiling process Y.
  - 5. The method of claim 1 further comprisingadding modification detection codes to capabilities of process Y and interpreting said modification detection codes on subsequent requests to execute process Y,whereby a determination can be made as to whether an existing list of capabilities for process Y can be relied upon as being accurate for subsequent requests to execute process Y.

6. A programmable apparatus for managing the risk of executing a software process, comprising:
- a) a data reader that in response to a request from a user or a software process X to execute a software process Y on a virtual machine, such process Y having access to a plurality of resources, such resources being any item under control of a virtual machine, said process Y consisting of a series of one or more instructions to be executed by a virtual machine, reads the instructions that define process Y,b) a capabilities assessor that determines the capabilities of process Y, such capabilities being defined in the context of a virtual machine, each capability being defined by one or more instructions,c) a communications mechanism that provides information to a user or process,d) a policy enforcer that reads a policy, such policy containing a list of potential capabilities available for a particular virtual machine and corresponding procedures to be followed for each capability, and compares said capabilities with said policy to determine which procedures are applicable, and performing said procedures before process Y is executed,whereby enabling a user to manage the risk of executing a software process.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6 further comprisinga) a plurality of policies, each corresponding to a potential context, a context being a particular set of circumstances under which a software process may be executed,b) and a policy selector that determines which policy should be applied to a given context,whereby a decision can be made, based on a context-dependent policy, whether or not to execute software process Y given a particular context.
  - 8. The apparatus of claim 6 wherein said capabilities assessor determines capabilities by scanning said process Y for predefined byte-code sequences representing capabilities.
  - 9. The apparatus of claim 6 wherein capabilities assessor determines capabilities by reverse-compiling said software process to determine the capabilities.
  - 10. The apparatus of claim 6 further comprisinga means for adding modification detection codes to capabilities of process Y, and interpreting said modification detection codes on subsequent requests to execute process Y,whereby a determination can be made as to whether an existing list of capabilities for process Y can be relied upon as being accurate for subsequent requests to execute process Y.

11. A method for managing the risk of executing a software process bya) reading the instructions that make up software process Y,b) determining the capabilities expressed by said instructions,c) reading a policy P containing a list of potential capabilities available for a virtual machine and corresponding procedures to be followed for each capability,d) comparing capabilities with policy P, to determine which procedures are applicablee) and performing said procedures before process Y is executed,whereby enabling a user to manage the risk of executing a software process.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11 further comprisinga) a plurality of policies, each corresponding to a potential context, a context being a particular set of circumstances under which a software process may be executed,b) determining which policy should be applied to a given context,whereby a decision can be made, based on a context-dependent policy, whether or not to execute software process Y given a particular context.
  - 13. The method of claim 11 wherein capabilities are determined by scanning process Y for predefined byte-code sequences representing capabilities.
  - 14. The method of claim 11 wherein capabilities are determined by reverse compiling process Y.
  - 15. The method of claim 11 further comprisinga means for adding modification detection codes to capabilities of process Y, and interpreting said modification detection codes on subsequent requests to execute process Y,whereby a determination can be made as to whether an existing list of capabilities for process Y can be relied upon as being accurate for subsequent requests to execute process Y.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Matthew T. Grecsek
Original Assignee
Matthew T. Grecsek
Inventors
Grecsek, Matthew T.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Elisca, Pierre E.

Application Number

US08/781,691
Time in Patent Office

1,278 Days
Field of Search

395/186, 395/187.01, 395/188.01, 395/200.59, 395/701, 395/702, 395/703, 395/704, 395/705, 395/706, 395/183.14, 380/4, 380/25
US Class Current

726/1
CPC Class Codes

G06F 21/51   at application loading time...

G06F 2221/2141   Access rights, e.g. capabil...

G06Q 10/06   Resources, workflows, human...

Managing the risk of executing a software process using a capabilities assessment and a policy

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Managing the risk of executing a software process using a capabilities assessment and a policy

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links