Apparatus and method for securing resources shared by multiple operating systems

US 6,823,458 B1
Filed: 11/18/1999
Issued: 11/23/2004
Est. Priority Date: 11/18/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of securing resources in a concurrent multiple operating system environment, comprising:

receiving a request for access to a resource;

determining if the resource is locked;

in response to a determination that the resource is not locked, generating a unique identifier for accessing the resource; and

providing the unique identifier to a requesting device that originated the request in response to generating the unique identifier, wherein the unique identifier is not stored in the requesting device prior to the unique identifier being provided to the requesting device in response to a determination that the resource is not locked.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and method for securing system resources in a concurrent multiple operating system environment wherein when a client device or application requests access to system resources the request is received by the apparatus which then determines if the resources requested are currently being used by another client or application. Based on a unique identifier sent by the client or application, the apparatus searches a resource state data structure for the resource requested and compares the unique identifier sent by the client or application with the unique identifier stored in the resource state data structure in association with the requested resource. If the two unique identifiers are the same, the client/application is provided with access to the requested resource. If the unique identifiers are different, the client/application is denied access to the requested resources.

111 Citations

45 Claims

1. A method of securing resources in a concurrent multiple operating system environment, comprising:
- receiving a request for access to a resource;
  
  determining if the resource is locked;
  
  in response to a determination that the resource is not locked, generating a unique identifier for accessing the resource; and
  
  providing the unique identifier to a requesting device that originated the request in response to generating the unique identifier, wherein the unique identifier is not stored in the requesting device prior to the unique identifier being provided to the requesting device in response to a determination that the resource is not locked.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the request includes a request identifier and wherein if the resource is locked, the method further comprises:
3. The method of claim 2, wherein if the request identifier does not match the unique identifier associated with the resource, access to the resource is denied.
4. The method of claim 1, wherein determining if the resource is locked includes retrieving information from a resource state data structure corresponding to the resource, the information including a locked flag.
5. The method of claim 2, wherein comparing the request identifier with a unique identifier associated with the resource includes retrieving information from a resource state data structure corresponding to the resource, the information including the unique identifier associated with the resource.
6. The method of claim 1, wherein the resource is at least one of a floppy disk, a floppy disk drive, a read/write CD-ROM drive, a CD-ROM disk, a hard disk, RAM, ROM, a DVD drive, a magnetic tape drive, a ZIP disk, a JAZZ drive, data, and a computer file.
7. The method of claim 1, wherein the unique identifier uniquely identifies the resource and an operating system being used by the requesting device.
8. The method of claim 1, wherein the unique identifier is a combination of a resource identifier and a virtual device identifier.
9. The method of claim 1, wherein the unique identifier is a combination of a requesting device or application identifier, a virtual device identifier, and resource identifier.
10. The method of claim 2, wherein providing access to the resource includes forwarding the request to a virtual device corresponding to the operating system of the requesting device.
11. The method of claim 1, wherein if the resource is locked, the method further comprises:
- unlocking the resource when a release message is received.
12. The method of claim 11, wherein the release message is received immediately after each individual operation performed with the resource.

13. The method of clam 11, wherein the release message is received after all operations associated with a client device and the resource are performed with the resource.

14. A computer program product in a computer readable medium for securing resources in a concurrent multiple operating system environment, comprising:
- first instructions for receiving a request for access to a resource;
  
  second instructions for determining if the resource is locked;
  
  third instructions for generating a unique identifier for accessing the resource in response to a determination that the resource is not locked; and
  
  fourth instructions for providing the unique identifier to a requesting device that originated the request in response to generating the unique identifier, wherein the unique identifier is not stored in the requesting device prior to the unique identifier being provided to the requesting device in response to a determination that the resource is not locked.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 15. The computer program product of claim 14, wherein the request includes a request identifier and wherein the second instructions include instructions for comparing the request identifier with a unique identifier associated with the resource if the resource is locked and the third instructions include instructions for providing access to the resource, if the request identifier matches the unique identifier associated with the resource.
  - 16. The computer program product of claim 15, wherein if the request identifier does not match the unique identifier associated with the resource, the third instructions include instructions for denying access to the resource.
  - 17. The computer program product of claim 14, wherein the second instructions include instructions for retrieving information from a resource state data structure corresponding to the resource, the information including a locked flag.
  - 18. The computer program product of claim 15, wherein the instructions for comparing the request identifier with a unique identifier associated with the resource includes instructions for retrieving information from a resource state data structure corresponding to the resource, the information including the unique identifier associated with the resource.
  - 19. The computer program product of claim 14, wherein the resource is at least one of a floppy disk, a floppy disk drive, a read/write CD-ROM drive, a CD-ROM disk, a hard disk, RAM, ROM, a DVD drive, a magnetic tape drive, a ZIP disk, a JAZZ drive, data, and a computer file.
  - 20. The computer program product of claim 14, wherein the unique identifier uniquely identifies the resource and an operating system being used by the requesting device.
  - 21. The computer program product of claim 14, wherein the unique identifier is a combination of a resource identifier and a virtual device identifier.
  - 22. The computer program product of claim 14, wherein the unique identifier is a combination of a requesting device or application identifier, a virtual device identifier, and resource identifier.
  - 23. The computer program product of claim 15, wherein the instructions for providing access to the resource includes instructions for forwarding the request to a virtual device corresponding to the operating system of the requesting device.

24. A concurrent multiple operating system environment apparatus, comprising:
- a controller;
  
  an interface; and
  
  a resource locking device, wherein the controller receives a request for access to a resource via the interface and instructs the resource locking device to determine if the resource is locked, and wherein in response to a determination that the resource is not locked, the resource locking device generates a unique identifier for accessing the resource and provides access the unique identifier to a requesting device that originated the request in response to the unique identifier being generated, wherein the unique identifier is not stored in the requesting device prior to the unique identifier being provided to the requesting device in response to a determination that the resource is not locked.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 25. The apparatus of claim 24, wherein the request includes a request identifier and wherein if the resource is locked, the resource locking device compares the request identifier with a unique identifier associated with the resource and if the request identifier matches the unique identifier associated with the resource, the resource locking device provides access to the resource.
  - 26. The apparatus of claim 25, wherein if the request identifier does not match the unique identifier associated with the resource, the resource locking device denies access to the resource.
  - 27. The apparatus of claim 24, wherein the resource locking device determines if the resource is locked by retrieving information from a resource state data structure corresponding to the resource, the information including a locked flag.
  - 28. The apparatus of claim 25, wherein the resource locking device compares the request identifier with a unique identifier associated with the resource by retrieving information from a resource state data structure corresponding to the resource, the information including the unique identifier associated with the resource.
  - 29. The apparatus of claim 24, wherein the resource is at least one of a floppy disk, a floppy disk drive, a read/write CD-ROM drive, a CD-ROM disk, a bard disk, RAM, ROM, a DVD drive, a magnetic tape drive, a ZIP disk, a JAZZ drive, data, and a computer file.
  - 30. The apparatus of claim 24, wherein the unique identifier uniquely identifies the resource and an operating system being used by the requesting device.
  - 31. The apparatus of claim 24, wherein the unique identifier is a combination of a resource identifier and a virtual device identifier.
  - 32. The apparatus of claim 24, wherein the unique identifier is a combination of a requesting device or application identifier, a virtual device identifier, and resource identifier.
  - 33. The apparatus of claim 25, wherein the resource locking device provides access to the resource by forwarding the request to a virtual device corresponding to the operating system of the requesting device.
  - 34. The apparatus of claim 24, wherein if the resource is locked, the resource locking device unlocks the resource when a release message is received.
  - 35. The apparatus of claim 34, wherein the release message is received immediately after each individual operation is performed with the resource.
  - 36. The apparatus of claim 34, wherein the release message is received after all operations associated with a client device and the resource are performed with the resource.

37. A method of reserving resources in a concurrent multiple operating system environment, comprising:
- receiving a request for access to a resource from a device;
  
  determining if the resource is reserved by another device;
  
  in response to a determination that the resource is not reserved by another device, generating a unique identifier for accessing the resource; and
  
  provideing the unique identifier to a requesting device that originated the request in response to generating the unique identifier, wherein the unique identifier is not stored in the requesting device prior to the unique identifier being provided to the requesting device in response to a determination that the resource is not locked.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45)
- - 38. The method of claim 37, wherein the request includes a request identifier and wherein if the resource is reserved by another device, the method further comprises:
39. The method of claim 38, wherein if the request identifier does not match the unique identifier associated with the resource, access to the resource is denied.
40. The method of claim 37, wherein determining if the resource is reserved by another device includes retrieving information from a resource state data structure corresponding to the resource, the information including a reservation flag.
41. The method of claim 38, wherein comparing the request identifier with a unique identifier associated with the resource includes retrieving information from a resource state data structure corresponding to the resource, the information including the unique identifier associated with the resource.
42. The method of claim 37, wherein the unique identifier uniquely identifies the resource and an operating system being used by the device.
43. The method of claim 37, wherein the unique identifier is a combination of a resource identifier and a virtual device identifier.
44. The method of claim 37, wherein the unique identifier is a combination of a device identifier, a virtual device identifier, and a resource identifier.
45. The method of claim 38, wherein providing access to the resource includes forwarding the request to a virtual device corresponding to the operating system of the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Lee, Wing Hung, Lee, Kam Cheung
Primary Examiner(s)
Vu, Kim
Assistant Examiner(s)
TRUONG, THANHNGA B

Application Number

US09/442,696
Time in Patent Office

1,832 Days
Field of Search

713/200, 713/201, 707/1, 707/2, 707/9, 707/10, 709/216, 709/223, 709/200, 709/224, 709/226, 711/202, 714/4, 370/399, 345/349
US Class Current

726/16
CPC Class Codes

G06F 21/6236 between heterogeneous systems

Y10S 707/99939 Privileged access

Apparatus and method for securing resources shared by multiple operating systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

111 Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for securing resources shared by multiple operating systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

111 Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links