System and method for providing application services with controlled access into privileged processes
First Claim
Patent Images
1. A system for providing application services in a computing environment having both user-mode processes and privileged-mode processes, the system comprising:
- a processor;
a user-mode component having an interface configured to access an exposed privileged-mode interface;
a configuration component specifying a list of installable code components that are authorized for installation, wherein privileged-mode functions will only be executed in response to accesses by the user-mode code component when the installable code component is represented on the list;
wherein the user-mode component comprises an application software installation wizard;
wherein specifications are included within the configuration component specifying instructions for installing program components into an operating system;
wherein the configuration component includes a definition of an application software installation wizard to be created and an initialization file embedded within a cabinet file, the initialization file represented in a plain text format and comprising a plurality of sections each including attribute specifications, the initialization file including an AutoRegister section, an AutoUnregister section, and an allowAdmin section.
13 Assignments
0 Petitions
Accused Products
Abstract
A system for providing application services in a computing environment having both user-mode processes and privileged-mode processes. A user-mode component is provided with an interface configured to access an exposed privileged-mode interface. A configuration component specifies a list of installable code components that are authorized for installation, wherein privileged-mode functions will only be executed in response to accesses by the user-mode code component when the installable code component is represented on the list.
-
Citations
26 Claims
-
1. A system for providing application services in a computing environment having both user-mode processes and privileged-mode processes, the system comprising:
-
a processor; a user-mode component having an interface configured to access an exposed privileged-mode interface; a configuration component specifying a list of installable code components that are authorized for installation, wherein privileged-mode functions will only be executed in response to accesses by the user-mode code component when the installable code component is represented on the list; wherein the user-mode component comprises an application software installation wizard; wherein specifications are included within the configuration component specifying instructions for installing program components into an operating system; wherein the configuration component includes a definition of an application software installation wizard to be created and an initialization file embedded within a cabinet file, the initialization file represented in a plain text format and comprising a plurality of sections each including attribute specifications, the initialization file including an AutoRegister section, an AutoUnregister section, and an allowAdmin section. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for managing privileges in a computing environment having both user-mode processes and privileged-mode processes, the method comprising:
-
exposing a privileged-mode interface to user-mode processes; accessing the exposed interface using a user-mode component; specifying a list of authorized code components in a configuration file; authenticating that the configuration file comes from a trusted source; and executing privileged-mode processes specified by the configuration file in response to access by the user-mode code component only when the configuration file is authenticated as coming from a trusted source; wherein the user-mode component comprises an application software installation wizard; wherein specifications are included within the configuration file specifying instructions for installing program components into an operating system; wherein an instance of the application software installation wizard is creatable in accordance with a definition supplied in the configuration file; and wherein the configuration file includes an initialization file embedded within a cabinet file, the initialization file represented in a plain text format and comprising a plurality of sections each including attribute specifications, the initialization file including an AutoRegister section, an AutoUnregister section, and an allowAdmin section. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for providing application services in a computing environment having both user-mode processes and privileged-mode processes, the system comprising:
-
a processor; a user-mode component having an interface configured to access an exposed privileged-mode interface; and a configuration component specifying a list of installable code components that are authorized for installation, wherein privileged-mode functions will only be executed in response to accesses by the user-mode code component when the installable code component is represented on the list; wherein the configuration component includes an initialization file embedded within a cabinet file, the initialization file represented in a plain text format and comprising a plurality of sections each including attribute specifications, the initialization file including an AutoRegister section, an AutoUnregister section, and an allowAdmin section. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification