System for reverse sandboxing
First Claim
1. A system including a processor, and a collection of resources interacting with said processor, said resources including at least a memory and a library of executable modules that are supported by an operating system, the improvement comprising:
- a plurality of processing stacks for dividing the system'"'"'s computing environment into an unprotected portion and a protected portion, where the protected portion is protected from interloping processes in accord with an administratively specified schema, by mediating interactions between executing processes within said system and said resources, each of said stacks including a predefined set of at least one mediation module that processes a request by at least one of said executing processes, which request is to be applied a resource of said collection of resources to form a signal, if appropriate pursuant to and in accord with such schema, that is applied to said resource of said collection of resources; and
a service director module that intercepts requests of different types that are directed to said resources, classifies said requests in accordance with said types of said requests, each different one of said resources being responsive to requests of a different type, and directs said requests to different ones of said processing stacks, based on said classifying.
1 Assignment
0 Petitions
Accused Products
Abstract
A reverse sandbox extends a private computing environment onto a standalone host in a public environment. The reverse sandbox includes a service director that receives service requests, classifies the service requests in accordance with security policies, selects a processing stack based on the classification and communicates the service request to the selected processing stack. A reverse sandbox embodiment may also include a compliance supervisor that constructs processing stacks with mediation modules based upon security policies. The mediation modules of the selected processing stack modify the service request and provide the modified service request to the resources of the standalone host.
-
Citations
34 Claims
-
1. A system including a processor, and a collection of resources interacting with said processor, said resources including at least a memory and a library of executable modules that are supported by an operating system, the improvement comprising:
-
a plurality of processing stacks for dividing the system'"'"'s computing environment into an unprotected portion and a protected portion, where the protected portion is protected from interloping processes in accord with an administratively specified schema, by mediating interactions between executing processes within said system and said resources, each of said stacks including a predefined set of at least one mediation module that processes a request by at least one of said executing processes, which request is to be applied a resource of said collection of resources to form a signal, if appropriate pursuant to and in accord with such schema, that is applied to said resource of said collection of resources; and
a service director module that intercepts requests of different types that are directed to said resources, classifies said requests in accordance with said types of said requests, each different one of said resources being responsive to requests of a different type, and directs said requests to different ones of said processing stacks, based on said classifying. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
a service request classifier that classifies a received service request; and
a processing stack selector that selects a processing stack based upon said classification, and communicates said service request to said selected processing stack.
-
-
13. The system of claim 1, wherein said service director includes a service request classifier that classifies a service request based upon the type of service request and arguments of the service request.
-
14. The system of claim 1 further comprising a connection to a network.
-
15. The system of claim 14 wherein said connection is secure.
-
16. The system of claim 14, wherein said network is a virtual private network.
-
17. The system of claim 16 wherein said connection is secured.
-
18. The system of claim 17 wherein said connection is secured through encryption.
-
19. The system of claim 1 further comprising a compliance supervisor that is coupled to said processing stacks, and to said service director, and is adapted for receiving security policy information from outside said system.
-
20. The system of claim 19, wherein said compliance supervisor receives said security policy information from a virtual private network.
-
21. The system of claim 19, wherein said compliance supervisor includes a processing stack modifier that modifies said processing stack based upon a received security policy.
-
22. The system of claim 19, wherein said compliance supervisor includes a processing stack creator that creates a processing stack based upon said security policy.
-
23. The system of claim 1, wherein said at least one mediation module includes at least one authentication code retriever that retrieves an authentication code and a validation system that validates said service request against said authentication code.
-
24. The system of claim 1 wherein said operating system includes means to prevent implication of an operating system breach from an administrative user breach.
-
25. The system of claim 1 wherein said service director and said processing stacks are embedded in a loadable library of C language executable modules.
-
26. The system of claim 1 further comprising a read-only program store that is read by said system upon boot-up.
-
27. A system including a processor, and a collection of resources interacting with said processor, said resources including at least a memory and a library of executable modules that are supported by an operating system, the improvement comprising:
-
a plurality of processing stacks, each including a predefined set of at least one mediation module that processes an applied signal to form a signals that is applied to said at least one resource of said collection of resources;
a service director module that intercepts requests of different types that are directed to said resources, classifies said requests in accordance with said types of said requests, each different one of said resources being responsive to requests of a different type, and directs said requests to different ones of said processing stacks, based on said classifying; and
a read-only program store that is read by said system upon boot-up;
wherein said system includes an operating system, and said read-only program store contains a program module for verifying the operating system, and authentication program modules for authenticating software present in said memory of said system. - View Dependent Claims (28, 29)
-
-
30. A storage medium that stores a control routine for use by a system to assure security of said system, the control routine including instructions that, when said storage medium is coupled to said system, the instructions are adapted to:
-
boot said system with an authenticated operating system (AOS) located on said storage medium;
verifying an operating system of said system that is resident on said system (VOS);
transferring control of said system from said AOS to said VOS when said VOS is verified, said transfer being sufficiently effective to allow intended operation of said system with said storage medium being decoupled from said system. - View Dependent Claims (31, 32, 33, 34)
verifying software that implements a reverse sandbox on said system; and
transferring control of said standalone host to said reverse sandboxing software.
-
-
33. The storage medium of claim 30 further comprising reverse sandbox software to be installed in said system.
-
34. The storage medium of claim 33 wherein said reverse sandbox software includes a service director, a compliance supervisor, and a processing stack including at least one mediation module.
Specification