Stack-based access control using code and executor identifiers

US 6,138,238 A
Filed: 03/20/1998
Issued: 10/24/2000
Est. Priority Date: 12/11/1997
Status: Expired due to Term

First Claim

Patent Images

1. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:

a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code;

a call stack that stores the functions and executors as frames in an order of invocation by the operation, wherein each of the frames includes a code identifier that identifies the source of the code for a corresponding one of the functions and an executor identifier that identifies the executor on whose behalf the code is being executed; and

an execution unit that grants access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system regulates access to resources requested by an operation executing on a computer. The operation invokes a plurality of methods that operate upon code during execution. The system includes a policy file, a call stack, and an execution unit. The policy file stores permissions for each of the resources. The permissions authorize particular types of access to the resource based on a source of the code and an executor of the code. The call stack stores representations of the methods and executors in an order of invocation by the operation. The execution unit grants access to the resource when the types of access authorized by the permissions of all of the methods and executors on the call stack encompass the access requested by the operation.

98 Citations

View as Search Results

13 Claims

1. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:
- a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code;
  
  a call stack that stores the functions and executors as frames in an order of invocation by the operation, wherein each of the frames includes a code identifier that identifies the source of the code for a corresponding one of the functions and an executor identifier that identifies the executor on whose behalf the code is being executed; and
  
  an execution unit that grants access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the policy file includesa plurality of protection domain objects, corresponding to each of the frames on the call stack, that set the access permissions for each of the functions by mapping the code identifier and the executor identifier.
  - 3. The system of claim 1, wherein the execution unit includes an access controller that determines whether the operation is authorized to perform a requested type of access on the resource, the access controller includingmeans for determining whether permissions associated with each of the frames on the call stack encompass the type of access requested,means for denying the requested access when any of the permissions fair to encompass the type of access requested, andmeans for granting access to the resource when all of the permissions encompass the type of access requested.
  - 4. The system of claim 1, wherein each of the frames include a privilege flag that indicates whether a corresponding function is a privileged function.
  - 5. The system of claim 4, wherein the execution unit includes an access controller that determines whether the operation is authorized to perform a requested type of access on the resource, the access controller includingmeans for determining that one of the frames has a set privilege flag,means for determining whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested,means for denying the requested access when any of the permissions fail to encompass the type of access requested, andmeans for granting access to the resource when all of the permissions encompass the type of access requested.

6. A method that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the method comprising the steps of:
- storing permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code;
  
  storing, as frames in a call stack, the functions and executors in an order of invocation by the operation;
  
  determining whether the types of access authorized by the permissions of each of the functions and executors on the call stack encompass the access requested by the operation, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, wherein the determining step includes the substeps of;
  
  finding that one of the frames has a set privilege flag; and
  
  deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested; and
  
  granting access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation.
- View Dependent Claims (7)
- - 7. The method of claim 6, wherein the granting step includes the substeps of:
    - denying the requested access when any of the permissions fail to encompass the type of access requested, andpermitting access to the resource when all of the permissions encompass the type of access requested.

8. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:
- means for storing permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code;
  
  means for storing, as frames in a call stack, the functions and executors in an order of invocation by the operation;
  
  means for determining whether the types of access authorized by the permissions of each of the functions and executors on the call stack encompass the access requested by the operation, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function,wherein the determining means includes;
  
  means for finding that one of the frames has a set privilege flag; and
  
  means for deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested; and
  
  means for granting access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation.
- View Dependent Claims (9)
- - 9. The system of claim 8, wherein the granting means includesmeans for denying the requested access when any of the permissions fail to encompass the type of access requested, andmeans for permitting access to the resource when all of the permissions encompass the type of access requested.

10. In a system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system including a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code, a call stack that stores the functions and executors as frames in an order of invocation by the operation, and an execution unit, a method for regulating the requested access to the resource comprising steps, performed by the execution unit, of:
- determining whether permissions associated with each of the frames on the call stack encompass a type of access requested wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, and wherein the determining step includes the substeps of;
  
  finding that one of the frames has a set privilege flag; and
  
  deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type or access requested;
  
  denying the requested access when any of the permissions fail to encompass the type of access requested; and
  
  permitting access to the resource when all of the permissions encompass the type of access requested.
- View Dependent Claims (11)
- - 11. The method of claim 10, wherein the denying step includes the substep of:
    - denying the requested access when any of the permissions associated with the frames subsequent to the frame having the set privilege flag fail to encompass the type of access requested; and
      
      wherein the permitting step includes the substep of;
      
      granting access to the resource when all of the permissions associated with the frames subsequent to the frame having the set privilege flag encompass the type of access requested.

12. A computer-readable medium containing instructions for controlling a computer to perform an action requested by a program executing on the computer, the program invoking a plurality of functions that operate upon code during execution, the computer including a policy file that stores permissions for each of the functions, the permissions authorizing types of actions based on a source of the code and an executor of the code, a call stack that stores the functions and executors as frames in an order of invocation by the program, and an execution unit, the instructions causing the execution unit to perform the steps of:
- determining whether permissions associated with each of the frames on the call stack encompass a type of the requested action, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, and wherein the determining step includes the substeps of;
  
  finding that one of the frames has a set privilege flag; and
  
  deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested;
  
  denying the requested action when any of the permissions fail to encompass the type of requested action; and
  
  performing the requested action when all of the permissions encompass the type of requested action.
- View Dependent Claims (13)
- - 13. The computer-readable medium of claim 12, wherein the denying step includes the substep of:
    - denying the requested access when any of the permissions associated with the frames subsequent to the frame having the set privilege flag fail to encompass the type of access requested; and
      
      wherein the performing step includes the substep of;
      
      granting access to the resource when all of the permissions associated with the frames subsequent to the frame having the set privilege flag encompass the type of access requested.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Scheifler, Robert W., Gong, Li
Primary Examiner(s)
Etienne, Ario

Application Number

US09/044,915
Time in Patent Office

949 Days
Field of Search

710/200, 710/240, 710/107, 710/108, 710/36, 709/210, 709/304, 709/300, 709/225, 709/229, 713/200, 713/201, 713/202
US Class Current

726/17
CPC Class Codes

G06F 12/0261   using reference counting

G06F 16/289   Object oriented databases

G06F 21/52   during program execution, e...

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

G06F 21/6281   at program execution time, ...

G06F 9/4411   Configuring for operating w...

G06F 9/468   Specific access rights for ...

G06F 9/5011   the resources being hardwar...

G06F 9/52   Program synchronisation; Mu...

G06F 9/547   Remote procedure calls [RPC...

H04L 67/133   Protocols for remote proced...

H04L 69/24   Negotiation of communicatio...

H04L 9/40   Network security protocols

Stack-based access control using code and executor identifiers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

98 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Stack-based access control using code and executor identifiers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links