Stack-based access control using code and executor identifiers
First Claim
1. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:
- a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code;
a call stack that stores the functions and executors as frames in an order of invocation by the operation, wherein each of the frames includes a code identifier that identifies the source of the code for a corresponding one of the functions and an executor identifier that identifies the executor on whose behalf the code is being executed; and
an execution unit that grants access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation.
2 Assignments
0 Petitions
Accused Products
Abstract
A system regulates access to resources requested by an operation executing on a computer. The operation invokes a plurality of methods that operate upon code during execution. The system includes a policy file, a call stack, and an execution unit. The policy file stores permissions for each of the resources. The permissions authorize particular types of access to the resource based on a source of the code and an executor of the code. The call stack stores representations of the methods and executors in an order of invocation by the operation. The execution unit grants access to the resource when the types of access authorized by the permissions of all of the methods and executors on the call stack encompass the access requested by the operation.
98 Citations
13 Claims
-
1. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:
-
a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code; a call stack that stores the functions and executors as frames in an order of invocation by the operation, wherein each of the frames includes a code identifier that identifies the source of the code for a corresponding one of the functions and an executor identifier that identifies the executor on whose behalf the code is being executed; and an execution unit that grants access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the method comprising the steps of:
-
storing permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code; storing, as frames in a call stack, the functions and executors in an order of invocation by the operation; determining whether the types of access authorized by the permissions of each of the functions and executors on the call stack encompass the access requested by the operation, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, wherein the determining step includes the substeps of; finding that one of the frames has a set privilege flag; and deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested; and granting access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation. - View Dependent Claims (7)
-
-
8. A system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system comprising:
-
means for storing permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code; means for storing, as frames in a call stack, the functions and executors in an order of invocation by the operation; means for determining whether the types of access authorized by the permissions of each of the functions and executors on the call stack encompass the access requested by the operation, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, wherein the determining means includes; means for finding that one of the frames has a set privilege flag; and means for deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested; and means for granting access to the resource when the types of access authorized by the permissions of all of the functions and executors on the call stack encompass the access requested by the operation. - View Dependent Claims (9)
-
-
10. In a system that regulates access to a resource requested by an operation executing on a computer, the operation invoking a plurality of functions that operate upon code during execution, the system including a policy file that stores permissions for each of the functions, the permissions authorizing types of access to the resource based on a source of the code and an executor of the code, a call stack that stores the functions and executors as frames in an order of invocation by the operation, and an execution unit, a method for regulating the requested access to the resource comprising steps, performed by the execution unit, of:
determining whether permissions associated with each of the frames on the call stack encompass a type of access requested wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, and wherein the determining step includes the substeps of; finding that one of the frames has a set privilege flag; and deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type or access requested; denying the requested access when any of the permissions fail to encompass the type of access requested; and permitting access to the resource when all of the permissions encompass the type of access requested. - View Dependent Claims (11)
-
12. A computer-readable medium containing instructions for controlling a computer to perform an action requested by a program executing on the computer, the program invoking a plurality of functions that operate upon code during execution, the computer including a policy file that stores permissions for each of the functions, the permissions authorizing types of actions based on a source of the code and an executor of the code, a call stack that stores the functions and executors as frames in an order of invocation by the program, and an execution unit, the instructions causing the execution unit to perform the steps of:
-
determining whether permissions associated with each of the frames on the call stack encompass a type of the requested action, wherein each of the frames includes a privilege flag that indicates whether a corresponding function is a privileged function, and wherein the determining step includes the substeps of; finding that one of the frames has a set privilege flag; and deciding whether permissions associated with each of the frames on the call stack subsequent to the frame having the set privilege flag encompass the type of access requested; denying the requested action when any of the permissions fail to encompass the type of requested action; and performing the requested action when all of the permissions encompass the type of requested action. - View Dependent Claims (13)
-
Specification