Monitoring and controlling services
First Claim
1. A computer implemented method for monitoring and controlling services, the method comprising the steps of:
- a service manager intercepting calls to service related operations made by acting applications;
the service manager determining which acting application made a specific intercepted call;
the service manager determining a target service of the specific intercepted call made by the acting application;
the service manager identifying a characteristic common to the acting application that made the specific intercepted call and the target service of the specific intercepted call, the common characteristic comprising a hash of content;
the service manager determining whether to block the acting application from making the specific intercepted call based at least in part on the common characteristic; and
responsive at least in part to the service manager determining to block the acting application from making the specific intercepted call, the service manager blocking the acting application from making the specific intercepted call.
2 Assignments
0 Petitions
Accused Products
Abstract
A service manager (101) monitors and controls services (111), thereby providing protection against associated security vulnerabilities. The service manager (101) intercepts calls (105) to service related operations made by acting applications (103) and determines which acting application (103) made a specific intercepted call (105) to which target service (111). The service manager (101) then determines and executes an appropriate action based on a system policy (113). The appropriate action can comprise blocking the call (105), thereby preventing execution of service (111) based operations that conflict with the system policy (113).
-
Citations
13 Claims
-
1. A computer implemented method for monitoring and controlling services, the method comprising the steps of:
-
a service manager intercepting calls to service related operations made by acting applications; the service manager determining which acting application made a specific intercepted call; the service manager determining a target service of the specific intercepted call made by the acting application; the service manager identifying a characteristic common to the acting application that made the specific intercepted call and the target service of the specific intercepted call, the common characteristic comprising a hash of content; the service manager determining whether to block the acting application from making the specific intercepted call based at least in part on the common characteristic; and responsive at least in part to the service manager determining to block the acting application from making the specific intercepted call, the service manager blocking the acting application from making the specific intercepted call. - View Dependent Claims (2, 3, 4, 5, 6, 12, 13)
-
-
7. A computer implemented method for monitoring and controlling services, the method comprising the steps of:
-
a service manager intercepting calls to access system resources made by acting applications; the service manager determining that an intercepted call concerns a service; the service manager determining which service the intercepted call concerns; the service manager determining which acting application made the intercepted call; the service manager identifying a characteristic common to the acting application that made the intercepted call and the service the intercepted call concerns, the common characteristic comprising a hash of content; the service manager determining whether to block the acting application from making the intercepted call based at least in part on the common characteristic; and responsive at least in part to the service manager determining to block the acting application from making the intercepted call, the service manager blocking the acting application from making the intercepted call. - View Dependent Claims (8, 9, 10, 11)
-
Specification