Isolation of communication contexts to facilitate communication of data

US 7,159,111 B1
Filed: 01/29/2001
Issued: 01/02/2007
Est. Priority Date: 01/29/2001
Status: Active Grant

First Claim

Patent Images

1. A system to facilitate secure communication of data from a user-level process, comprising:

at least a first queue associated with a first process, such that the process is operative to directly communicate a message relative to the first queue; and

a first communication context operative to communicate the message between the first queue and a second communication context;

wherein communication between the first queue and the first communications context is controlled based on whether an appropriate association exists between the first queue and the first communications context, the association between the first queue and the first communications context being provided through a privileged operation not adjustable by the first process, the association between the first queue and the first communication context requires membership to a common domain.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method facilitate communication of data depending on whether communicating elements are properly associated with each other. An endpoint communication context is associated with a queue component, which queue component may communicate directly with a process. Each of the queue component and the endpoint communication context is associated with a domain in a privileged operation (e.g., by the operating system). The queue component may communicate with the endpoint communication context provided that the queue component and communication context have a valid association, such that their respective domains match.

Citations

34 Claims

1. A system to facilitate secure communication of data from a user-level process, comprising:
- at least a first queue associated with a first process, such that the process is operative to directly communicate a message relative to the first queue; and
  
  a first communication context operative to communicate the message between the first queue and a second communication context;
  
  wherein communication between the first queue and the first communications context is controlled based on whether an appropriate association exists between the first queue and the first communications context, the association between the first queue and the first communications context being provided through a privileged operation not adjustable by the first process, the association between the first queue and the first communication context requires membership to a common domain.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1, wherein the first queue and the first communication context reside at a first node that is different from that of the second communication context.
  - 3. The system of claim 2, further comprising an interface at the first node operative to validate messages communicated from the first queue to the first communication context.
  - 4. The system of claim 3, wherein the interface is operative to prevent messages from being communicated from the first queue to the first communication context if an association mismatch exists between the first queue and the first communication context.
  - 5. The system of claim 2, further comprising a second queue associated with a second process at the first node, such that the second process is operative to directly communicate a message to the second queue.
  - 6. The system of claim 5, wherein the second queue is associated with the common domain through a privileged operation, such that the first and second queues can share the first communication context to communicate messages through a channel defined by the first communication context and the second communication context, each of the first and second queues being operative to communicate messages with at least one process at a node where the second communication context resides.
  - 7. The system of claim 6, wherein the first process further comprises a process operating in a user mode and the second process comprises a process operating in a user mode.
  - 8. The system of claim 5, further including a third communication context associated with the second queue through a privileged operation at the first node, the third communication context enabling communication between the third communication context and a fourth communication context that resides a node different from the first node.
  - 9. The system of claim 8, wherein the common domain is a first domain, the association between the second queue and the third communication context corresponding to a second domain that is different from the first domain, wherein each communication channel established in the second domain is isolated from each channel established in the first domain.
  - 10. The system of claim 1, wherein the first queue and the first communication context reside at a first node that is different from a second node at which the second communication context resides, the system further comprising a third communication context at the first node to enable communication of messages between the third communication context and a fourth communication context that resides at a third node that is different from the first node.
  - 11. The system of claim 10, wherein the first queue is associated with the third communication context through a privileged operation, such that the first process is operative to communicate the message over a communication channel established between the third communication context and a fourth communication context that resides at the third node, which is different from the second node.
  - 12. The system of claim 10, wherein the first queue and the first communication context are associated so as to be part of a first domain, the system further comprising a second queue is associated with a second process, the second queue being associated with a third communication context so as to be part of second domain that is isolated relative to the first domain.

13. A system to facilitate communication of data, comprising:
- a virtual hardware component at a first node operable to communicate a message received directly from an associated process; and
  
  a first channel endpoint established at the first node, the first channel endpoint being operative to communicate messages to a second channel endpoint residing at a second node;
  
  wherein each of the hardware component and the first channel endpoint is associated with a respective domain through a privileged operation at the first node, communication of messages between the virtual hardware component and the first channel endpoint being controlled based on validation of the respective domains for the virtual hardware component and the first channel endpoint being a common domain.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein hardware at the first node is operative to prevent messages from being sent between the virtual component and the first channel endpoint in response to detecting an invalid association between the virtual hardware component and the first channel endpoint.
  - 15. The system of claim 13, wherein the virtual hardware component is a first virtual component, the system further comprising a second virtual hardware component operative to communicate a message directly with an associated process at the first node.
  - 16. The system of claim 15, wherein the second virtual hardware component and the first virtual hardware component are members of a common domain, domain membership being assigned through a privileged operation not adjustable by the first or second process, wherein the first and second virtual hardware components are operative to share the first channel endpoint of the first node, such that each of the first and second processes can communicate messages with at least one process at the second node.
  - 17. The system of claim 13, further including a third channel endpoint at the first node, the third channel endpoint being operative to communicate messages with a fourth channel endpoint that resides at a node different from the first node.
  - 18. The system of claim 17, wherein the virtual hardware component is a first virtual hardware component, the system further comprising a second virtual hardware component at the first node that is associated with the third channel endpoint through a privileged operation at the first node.
  - 19. The system of claim 18, wherein each of the first and third channel endpoints belongs to different domains, such that each communication channel established between associated channel endpoints in one of the domains is isolated from each communication channel established between associated channel endpoints in each other of the domains.
  - 20. The system of claim 18, wherein each of the first and third channel endpoints belongs to a common domain, such that each of the first and second processes at the first node is operative to share first and third channel endpoints to respectively communicate a message with at least one process at the second and third nodes based on data in the respective message.

21. A system to facilitate communication of data, comprising:
- storage means for receiving a message provided directly from a user-level process;
  
  communication means associated with the storage means for, upon validation of a common domain association between the storage means and the communication means, sending the stored request to a corresponding communication means at another node in the system; and
  
  validation means for validating the association between the storage means and the communication means, the storage means and the communication means being associated in a privileged operation not adjustable by user-level processes.

22. A system to facilitate communication of data, comprising:
- virtual storage means at a first node for storing a message for direct communication relative to a user-level process;
  
  endpoint communication means at the first node for means for, upon determining a common domain membership for the storage means and the endpoint communication means, enabling communication between the virtual storage means and the endpoint communication means; and
  
  control means for independently controlling domain membership for each of the virtual storage means and the endpoint communication means.
- View Dependent Claims (23, 24)
- - 23. The system of claim 22, wherein the endpoint communication means further includes means for preventing communication of messages between the virtual storage means and the endpoint communication means in the absence of a common domain membership among virtual storage means and the endpoint communication means.
  - 24. The system of claim 22, wherein the endpoint communication means further includes means for permitting communication of messages between the virtual storage means and the endpoint communication means when common domain membership exists among virtual storage means and the endpoint communication means.

25. A computer-readable medium having computer-executable instructions for:
- in a privileged mode, setting domain membership for a queue of a first node and setting domain membership for a communication component of the first node, the communication component of the first node being operable to communicate messages with a corresponding communication component at a second node, the domain membership being inaccessible by user-level processes, the queue being mapped into memory of an associated user-level process at the first node, such that the user-level process can communicate directly with the queue; and
  
  controlling communication of message between the queue and the communication component based on the domain membership set for each of the queue and the communication component being the same.
- View Dependent Claims (26, 27)
- - 26. The computer-readable medium of claim 25 having further computer-executable instructions for providing an error message to the associated user-level process if the domain membership between the queue and the communication component is invalid.
  - 27. The computer-readable medium of claim 25 having further computer-executable instructions for analyzing the message to identify which of a plurality of communication contexts is designated and validating domain membership between the queue and the designated communication context to control communication of the message between the queue and the designated communication context.

28. A method to facilitate communication in a system architecture in which a process is operative to communicate a message directly with a storage component coupled to at least one local communications component in a node for communicating the message for receipt by a second communications component, the method comprising:
- associating the storage component with a domain for temporarily storing the message;
  
  associating the local communications component with a domain; and
  
  controlling communication of a message between the storage component and the local communications component based on the domain of the storage component and the domain of the local communications component being identical.
- View Dependent Claims (29, 30, 31, 32, 33, 34)
- - 29. The method of claim 28, wherein the domain for the storage component and the domain for the association of the local communications component are implemented independently in privileged operation not adjustable by the user-level process.
  - 30. The method of claim 29, wherein the controlling further comprises validating the domain of the storage component relative the domain of the local communication component.
  - 31. The method of claim 30, further comprising preventing communication of the message from the storage component to the communication component in the absence of a match between the domain of the storage component and the domain of the communication component.
  - 32. The method of claim 31, further comprising generating an error message in the absence of a match between the domain of the at least part of the storage component and the domain of the communication component.
  - 33. The method of claim 31, further comprising sending the message from the storage component to the communication component in response to a valid association existing between the domain of the storage component and the domain of the communication component.
  - 34. The method of claim 29, further comprising discerning from the message which of at least one of a plurality of communication components is designated and validating association between the storage component and each designated communication component to control communication of the message between the storage component and each designated communication component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ganapathy, Narayanan
Primary Examiner(s)
Barrón, Jr.; Gilberto
Assistant Examiner(s)
HOFFMAN, BRANDON S

Application Number

US09/772,231
Time in Patent Office

2,164 Days
Field of Search

713/201, 713/170
US Class Current

713/167
CPC Class Codes

G06F 21/606 by securing the transmissio...

Isolation of communication contexts to facilitate communication of data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Isolation of communication contexts to facilitate communication of data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links