Method and system for maintaining restricted operating environments for application programs or operating systems

US 6,199,181 B1
Filed: 09/09/1998
Issued: 03/06/2001
Est. Priority Date: 09/09/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for protecting an operating environment on a processor from a first program operating on the processor, the method comprising:

allocating memory space for use only by the first program while the first program is executing;

allowing communication between the first program and the operating environment through only a single link employing a single method selected from the group consisting of a shared memory space, a dedicated interrupt, and a dedicated I/O port; and

managing a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space and the single communication link.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for protecting an operating environment on a processor from a rogue program operating on the processor comprising isolating simultaneously executing programs or operating systems is disclosed. Memory space for use only by the first program while the first program is executing is allocated. Communication between the first program and the computer'"'"'s operating environment is accomplished through a single link employing one of several methods including using shared memory space, a dedicated interrupt or a dedicated I/O port. The monitor manages a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space the single communication link.

321 Citations

21 Claims

1. A method for protecting an operating environment on a processor from a first program operating on the processor, the method comprising:
- allocating memory space for use only by the first program while the first program is executing;
  
  allowing communication between the first program and the operating environment through only a single link employing a single method selected from the group consisting of a shared memory space, a dedicated interrupt, and a dedicated I/O port; and
  
  managing a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space and the single communication link.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, comprising executing the first program within the restricted operating environment.
  - 3. The method of claim 2, comprising terminating execution of the first program upon an attempt by the first program to access a resource on the processor which is restricted by the restricted operating environment.
  - 4. The method of claim 2, comprising ignoring any request by the first program to access a resource on the processor which is restricted by the restricted operating environment and attempting to continue execution of the first program without granting access to the restricted resource.
  - 5. The method of claim 2, comprising allowing the operating environment to access the allocated memory space only prior to execution of the first program and after termination of first program execution.
  - 6. The method of claim 5, comprising the operating environment writing data to the allocated memory space for use by the first program prior to execution of the first program, and the operating environment reading data generated by the first program from the allocated memory space after termination of first program execution.
  - 7. The method of claim 1, wherein the step of allowing communication between the first program and the operating environment comprises allowing communication through only the shared memory space.
  - 8. The method of claim 7, comprising the first program and operating environment each writing data to the shared memory space and indicating the availability of the data written to the shared memory space by setting a bit in a predefined location in the shared memory space.
  - 9. The method of claim 8, comprising the operating environment and first program reading the data written to the shared memory space when the bit is set.
  - 10. The method of claim 1, wherein the step of allowing communication between the first program and the operating environment comprises allowing communication through only the dedicated interrupt.
  - 11. The method of claim 10, comprising handling the dedicated interrupt by moving data written by the first program to the allocated memory space to memory space of the operating environment or by moving data from memory space of the operating environment to the allocated memory space.
  - 12. The method of claim 1, wherein the step of allowing communication between the first program and the operating environment comprises allowing communication through only the dedicated I/O port.
  - 13. The method of claim 1, comprising, upon the occurrence of a hardware interrupt in the processor while the first program is executing, handling the hardware interrupt through an interrupt routine in the operating environment.
  - 14. The method of claim 1, wherein the first program is an operating system.

15. A method for protecting an operating environment on a processor from a first program operating on the processor, the method comprising:
- allocating memory space for use only by the first program while the first program is executing;
  
  allowing the operating environment to access the allocated memory space only prior to execution of the first program and after termination of first program execution;
  
  executing the first program; and
  
  managing a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space.
- View Dependent Claims (16)
- - 16. The method of claim 15, comprising the operating environment writing data to the allocated memory space for use by the first program prior to execution of the first program, and the operating environment reading data generated by the first program from the allocated memory space after termination of first program execution.

17. A system for protecting an operating environment on a processor coupled to a memory device from a first program operating on the processor, the system comprising:
- an allocated memory space in the memory device for use only by the first program while the first program is executing;
  
  a communication link between the first program and the operating environment employing a single method selected from the group consisting of a shared memory space, a dedicated interrupt, and a dedicated I/O port; and
  
  a mediator program for managing a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space and the single communication link.

18. A method for operating a plurality of operating systems on a single processor, the method comprising:
- allocating sets of resources on the processor, each set being available for use by only one of the plurality of operating systems;
  
  allowing each of the operating systems to operate on the processor and access the set of resources available to the respective operating system;
  
  upon an attempt by a first of the operating systems to access one or more resources outside the set of resources available to the first operating system, determining which set of resources contains the one or more resources attempted to be accessed and determining a which second operating system of the other operating systems has such set available to it; and
  
  handling such attempted access of one or more resources through the second operating system.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the one or more resource attempted to be accessed by the first operating system is a hardware interrupt issued by the first operating system.
  - 20. The method of claim 18, comprising handing a H/W interrupt invoked by a peripheral wherein the monitor determines which operating system services the interrupt.

21. A system monitor for operating a plurality of operating systems on a single processor comprising:
- means for allocating sets of resources on the processor, each set being available for use by only one of the plurality of operating systems;
  
  means allowing each of the operating systems to operate on the processor and allowing access to the set of resources available to the respective operating system;
  
  means for determining, upon an attempt by a first of the operating systems to access one or more resources outside the set of resources available to the first operating system, which set of resources contains the one or more resources attempted to be accessed and for determining which second operating system of the other operating systems has such set available to it; and
  
  means for handling such attempted access of one or more resources through the second operating system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
Perfecto Technologies Limited
Inventors
Solan, Eilon, Rechef, Eran, Raanan, Gil
Primary Examiner(s)
Iqbal, Nadeem

Application Number

US09/150,112
Time in Patent Office

909 Days
Field of Search

714/38, 714/40, 714/41, 714/47, 714/7, 714/8, 714/11, 714/12, 714/13, 714/25, 714/26, 714/35, 713/200, 713/201, 713/202
US Class Current

714/38.13
CPC Class Codes

G06F 21/53 by executing in a restricte...

H04L 63/0263 Rule management

Method and system for maintaining restricted operating environments for application programs or operating systems

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

321 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for maintaining restricted operating environments for application programs or operating systems

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

321 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links