Security critical data containers

US 7,600,256 B2
Filed: 02/04/2005
Issued: 10/06/2009
Est. Priority Date: 02/04/2005
Status: Active Grant

First Claim

Patent Images

1. At a computer system, a computer implemented method for configuring platform code to simplify checks for security problems, the computer implemented method comprising:

a programming language class providing a container for security critical data, the programming language class also including a plurality of methods for interacting with security critical data in the container,a processor selectively controlling whether the security critical data is treated as security critical depending on what interaction with the security critical data is being requested by distinguishing some methods of the set container as being security critical, such that the security critical data can only be accessed via the methods with elevated permissions, including;

marking methods that access the security critical data through a property on the class as security critical methods, andindicating that methods that access an actual field pointing to the programming language class are not security critical methods such that the existence or initialization of the security critical data can be checked in a non-critical manner without actually accessing the security critical data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are security critical data containers for platform code, comprising a Get container and Set container that allow data to be marked as security critical for critical usage of that data, but left unmarked for non-critical usage. The number of critical methods in the code is reduced, facilitating better code analysis. A container'"'"'s method may be marked as security critical, with the only access to the data via the method. By using a generic class for a Get container, access to the critical data only occurs through the property on the class, which is marked as critical. The field pointing to the generic class instance need not be critical, whereby initialization or existence checking may remain non-critical. The Set container handles security critical situations such as data that controls whether code can elevate permissions; a set method is marked as critical, while other methods can be accessed by non-critical code.

Citations

19 Claims

1. At a computer system, a computer implemented method for configuring platform code to simplify checks for security problems, the computer implemented method comprising:
- a programming language class providing a container for security critical data, the programming language class also including a plurality of methods for interacting with security critical data in the container,a processor selectively controlling whether the security critical data is treated as security critical depending on what interaction with the security critical data is being requested by distinguishing some methods of the set container as being security critical, such that the security critical data can only be accessed via the methods with elevated permissions, including;
  
  marking methods that access the security critical data through a property on the class as security critical methods, andindicating that methods that access an actual field pointing to the programming language class are not security critical methods such that the existence or initialization of the security critical data can be checked in a non-critical manner without actually accessing the security critical data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein the container comprises a get container and wherein the security critical data only can be read via a get method that is marked with elevated permissions, and existence/initialization checks may be performed by code without elevated permissions.
  - 3. The method of claim 2 wherein the data comprises a value that provides access to a critical resource.
  - 4. The method of claim 1 wherein the container comprises a set container and wherein the security critical data only can be set via a set method that is marked with elevated permissions.
  - 5. The method of claim 4 further comprising a get method, and wherein the data can be read via the get method by code without elevated permissions.
  - 6. The method of claim 5 wherein the data comprises a value that provides access to a critical resource.
  - 7. The method of claim 5 wherein the data comprises a value indicative of whether privileges can be elevated by other code.
  - 8. The method of claim 1 wherein the container is implemented in platform code that allows downloaded code to be executed, and further comprising analyzing the platform code via an analysis tool.

9. A computer program product for use at a computer system, the computer program product for implementing a method for configuring platform code to simplify checks for security problems, the computer program product including one or more computer storage medium having stored there on computer-executable instructions, which when executed at a processor, cause the computer system to perform the method, including the following:
- a programming language class providing a container for security critical data, the programming language class also including a plurality methods for interacting with security critical data in the container;
  
  selectively controlling whether the security critical data is treated as security critical depending on what interaction with the security critical data is being requested by distinguishing some methods of the container as being security critical, such that the security critical data only can be accessed via the methods with elevated permissions, including;
  
  marking methods that access the security critical data through a property on the class as security critical methods; and
  
  indicating that methods that access an actual field pointing to the programming language class are not security critical methods such that the existence or initialization of the security critical data can be checked in a non-critical manner without actually accessing the security critical data.

10. A computer program product for use at a computer system, the computer program product for implementing a method for configuring platform code to simplify checks for security problems, the computer program product including one or more computer storage medium having stored thereon computer-executable instructions, that when executed at a processor, cause the computer system to perform the method, including performing the following:
- a programming language class providing a set container for security critical data, the programming language including a plurality of methods for interacting with the security critical data in the set container, the plurality of methods including a set method and a get method; and
  
  selectively controlling whether the security critical data is treated as security critical depending on what interaction with the security critical data is being requested by distinguishing some methods of the set contain as security critical such that the security critical data can only be access via methods with elevated permissions, including;
  
  marking the set method as a security critical method; and
  
  indicating that the get method is not a security critical method,such that the security critical data can be read by code without elevated permissions via the get method, and the security critical data only can be set by code with elevated permissions via the set method.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The computer program product of claim 10 wherein the security critical data comprises a value that provides access to a critical resource.
  - 12. The computer program product of claim 10 wherein the security critical data comprises a value indicative of whether privileges can be elevated by other code.
  - 13. The computer program product of claim 10 further comprising receiving a request to set the value from code with elevated permissions, and setting the value.
  - 14. The computer program product of claim 10 further comprising receiving a request to read the security critical data from code without elevated permissions, and returning the security critical data in response to the request.
  - 15. The computer program product of claim 10 wherein the set container is implemented in platform code that allows downloaded code to be executed, and further comprising analyzing the platform code via an analysis tool.

16. A computer program product for use at a computer system, the computer program product for implementing a method for configuring platform code to simplify checks for security problems, the computer program product including one or more computer storage having stored thereon computer-executable instructions, that when executed at a processor, cause the computer system to perform the method, including performing the following:
- a programming language class providing a get container for security critical data, the programming language including a plurality of methods for interacting with the security critical data in the set container, the plurality of methods including a get method; and
  
  selectively controlling whether the security critical data is treated as security critical depending on what interaction with the security critical data is being requested by distinguishing the get method as security critical such that that the security critical data can only be access via methods with elevated permissions, including;
  
  marking the get method as a security critical method; and
  
  indicating that one or more other methods that access an actual field pointing to the programming language class are not security critical methods,such that the security critical data only can be read by code with elevated permissions via the get method, and existence / initialization checks may be performed by code without elevated permissions.
- View Dependent Claims (17, 18, 19)
- - 17. The computer program product of claim 16 wherein the security critical data comprises a value that provides access to a critical resource.
  - 18. The computer program product of claim 16 further comprising receiving a request to get the value from code with elevated permissions, and returning data corresponding to the value.
  - 19. The computer program product of claim 16 wherein the get container is implemented in platform code that allows downloaded code to be executed, and further comprising analyzing the platform code via an analysis tool.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Tammana, Venkata Rama Prasad, Alcazar, Mark A.
Primary Examiner(s)
LaForgia; Christian
Assistant Examiner(s)
TURCHEN, JAMES R

Application Number

US11/051,808
Publication Number

US 20060179482A1
Time in Patent Office

1,705 Days
Field of Search

726/22, 707/9
US Class Current

726/22
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/57   Certifying or maintaining t...

G06F 21/6227   where protection concerns t...

Y10S 707/99939   Privileged access

Security critical data containers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Security critical data containers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links