Computer system with dual operating modes
First Claim
1. A computer system, comprising:
- an access device;
secure devices storing secure processes and secure data;
non-secure devices storing non-secure processes and non-secure data; and
a processor coupled to the secure devices, the non-secure devices and the access device, allowing access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode;
wherein said processor comprises a secure hash table having a secure hash table pointer, a non-secure hash table having a non-secure table pointer and a table pointer pointing to one of the secure and non-secure hash tables responsive to the mode and containing the secure hash table pointer when in the secure mode and containing the non-secure hash table pointer when in the non-secure mode.
10 Assignments
0 Petitions
Accused Products
Abstract
The present invention is a system that switches between non-secure and secure modes by making processes, applications and data for the non-active mode unavailable to the active mode. That is, non-secure processes, applications and data are not accessible when in the secure mode and visa versa. This is accomplished by creating dual hash tables where one table is used for secure processes and one for non-secure processes. A hash table pointer is changed to point to the table corresponding to the mode. The path-name look-up function that traverses the path name tree to obtain a device or file pointer is also restricted to allow traversal to only secure devices and file pointers when in the secure mode and only to non-secure devices and files in the non-secure mode. The process thread run queue is modified to include a state flag for each process that indicates whether the process is a secure or non-secure process. A process scheduler traverses the queue and only allocates time to processes that have a state flag that matches the current mode. Running processes are marked to be idled and are flagged as unrunnable, depending on the security mode, when the process reaches an intercept point. The switch operation validates the switch process and pauses the system for a period of time to allow all running processes to reach an intercept point and be marked as unrunnable. After all the processes are idled, the hash table pointer is changed, the look-up control is changed to allow traversal of the corresponding security mode branch of the file name path tree, and the scheduler is switched to allow only threads that have a flag that corresponds to the security mode to run. The switch process is then put to sleep and a master process, either secure or non-secure, depending on the mode, is then awakened.
-
Citations
21 Claims
-
1. A computer system, comprising:
-
an access device; secure devices storing secure processes and secure data; non-secure devices storing non-secure processes and non-secure data; and a processor coupled to the secure devices, the non-secure devices and the access device, allowing access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode; wherein said processor comprises a secure hash table having a secure hash table pointer, a non-secure hash table having a non-secure table pointer and a table pointer pointing to one of the secure and non-secure hash tables responsive to the mode and containing the secure hash table pointer when in the secure mode and containing the non-secure hash table pointer when in the non-secure mode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer system, comprising:
-
an access device; secure devices storing secure processes and secure data; non-secure devices storing non-secure processes and non-secure data; and a processor coupled to the secure devices, the non-secure devices and the access device, allowing access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode, wherein said processor comprises a secure hash table having a secure hash table pointer, a non-secure hash table having a non-secure table pointer and a table pointer pointing to one of the secure and non-secure hash tables responsive to the mode and containing the secure hash table pointer when in the secure mode and containing the non-secure hash table pointer when in the non-secure mode, and wherein said processor switches the contents of the table pointer responding to a switch between the modes.
-
-
12. A computer system, comprising:
-
an access device; secure devices storing secure processes and secure data; non-secure devices storing non-secure processes and non-secure data; and a processor coupled to the secure devices, the non-secure devices and the access device, allowing access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode; wherein said processor switches between secure and non-secure modes as requested by the user; wherein said processor, when a switch between the non-secure mode to the secure mode is requested, idles all processes, pauses for a predetermined period of time, changes a hash table pointer to point to a secure hash table, sets a path name look-up function to only return secure pointers, sets a process scheduler to allocate time to only secure threads, and awakens a secure master process. - View Dependent Claims (13, 14)
-
-
15. A computer system, comprising:
-
an access device; secure devices storing secure processes and secure data; non-secure devices storing non-secure processes and non-secure data; and a processor coupled to the secure devices, the non-secure devices and the access device, switching between secure and non-secure modes as requested by a user, allowing access to the non-secure processes and non-secure data by the user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode and allowing access to the secure processes and secure data by the user using the access device and does not allow access by the user using the access device to the non-secure processes and non-secure data when in a secure mode;
said processor comprising;a secure hash table having a secure hash table pointer, a non-secure hash table having a non-secure table pointer and a table pointer pointing to one of the secure and non-secure hash tables responsive to the mode and containing the secure hash table pointer when in the secure mode and containing the non-secure hash table pointer when in the non-secure mode and said processor switching the contents of the table pointer responsive to the switching between secure and non-secure modes; a process thread run queue storing non-secure and secure process thread entries, where the process thread entries each comprises a flag indicating whether the thread comprises a secure process; a scheduler allocating process time to only secure threads when in the secure mode and allocating process time to only non-secure threads when in the non-secure mode responsive to a process switch count; a path name look-up function returning a secure device/file pointer only when in the secure mode; a secure file system directory stored on one of the secure devices and accessible only in the secure mode, wherein said processor, when a switch between the non-secure mode to the secure mode is requested, idles all processes, pauses for a predetermined period of time that will allow all processes to reach an intercept point where the process switch count can be updated, changes the table pointer to point to the secure hash table, sets a path name look-up function to only return secure pointers, sets a process scheduler to allocate time to only secure threads, and awakens a secure master process, wherein said processor runs a secure master process during secure processing and the secure master process can be started at any time after system start-up, and wherein said processor performs page swaps with devices having a same security mode as the process.
-
-
16. A method of controlling a single computer system including a processor, an access device, secure devices storing secure processes and secure data with a security level, and non-secure devices storing non-secure processes and non-secure data, said method comprising:
-
allowing, by the processor, access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode; and allowing, by the processor, access to the secure processes and secure data by the user using the access device corresponding to a current security level and not allowing access by the user using the access device to the non-secure processes and non-secure data when in a secure mode; pointing to a secure hash table when in the secure mode and pointing to a non-secure hash table when in the non-secure mode. - View Dependent Claims (17, 18)
-
-
19. A non-transitory computer readable storage medium controlling a computer with a process stored thereon allowing, by the processor, access to the non-secure processes and non-secure data by a user using the access device and not allowing access by the user using the access device to the secure processes and secure data when in a non-secure mode;
- and allowing, by the processor, access to the secure processes and secure data by the user using the access device corresponding to a current security level and not allowing access by the user using the access device to the non-secure processes and non-secure data when in a secure mode, and providing a table pointer pointing to one of the secure and non-secure hash tables responsive to a mode, the table pointer containing the secure hash table pointer for a secure mode and containing the non-secure hash table pointer for a non-secure mode.
-
20. A non-transitory computer readable storage medium controlling a computer with a data structure, comprising:
-
a secure hash table having a secure hash table pointer; a non-secure hash table having a non-secure hash table pointer; and a table pointer pointing to one of the secure and non-secure hash tables responsive to a mode, the table pointer containing the secure hash table pointer for a secure mode and containing the non-secure hash table pointer for a non-secure mode. - View Dependent Claims (21)
-
Specification