Securing inter-process communication

US 8,863,151 B2
Filed: 08/15/2007
Issued: 10/14/2014
Est. Priority Date: 08/15/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

intercepting, by a processing device, a request from a requesting process to post a message to a destination process in an operating environment in which processes communicate via message queues, wherein each destination process in the operating environment communicates via a corresponding message queue;

determining whether the requesting process is a same as the destination process in view of the message;

in response to a determination that the requesting process is not the same as the destination process,evaluating message content and requestor information associated with the request to determine whether the message is to be posted;

posting the message to a message queue of the destination process if the message is to be posted; and

if the message is not to be posted, and the message satisfies additional criteria, causing the requesting process to be terminated, wherein the additional criteria comprise posting an undocumented message; and

in response to a determination that the requesting process is the same as the destination process, posting the message to the message queue of the destination process.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A request to post a message to a destination is intercepted in an operating environment in which processes communicate via message queues. Message content and requester information associated with the request is evaluated to determine whether the message is to be posted. The message is posted to a message queue of the destination if the message is to be posted.

Citations

18 Claims

1. A method, comprising:
- intercepting, by a processing device, a request from a requesting process to post a message to a destination process in an operating environment in which processes communicate via message queues, wherein each destination process in the operating environment communicates via a corresponding message queue;
  
  determining whether the requesting process is a same as the destination process in view of the message;
  
  in response to a determination that the requesting process is not the same as the destination process,evaluating message content and requestor information associated with the request to determine whether the message is to be posted;
  
  posting the message to a message queue of the destination process if the message is to be posted; and
  
  if the message is not to be posted, and the message satisfies additional criteria, causing the requesting process to be terminated, wherein the additional criteria comprise posting an undocumented message; and
  
  in response to a determination that the requesting process is the same as the destination process, posting the message to the message queue of the destination process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 17)
- - 2. The method of claim 1, wherein the evaluating is performed by a kernel component of the operating environment, wherein the requesting process and the destination process reside on a same computing device, and wherein the destination process receives the message directly from the message queue of the destination process.
  - 3. The method of claim 1, wherein the request to post the message is made by a method invoked on a first window object, and wherein the destination process comprises a second window object.
  - 4. The method of claim 1, further comprising:
    - evaluating a security context of the destination process to determine whether the message is to be posted.
  - 5. The method of claim 1, further comprising:
    - if the message is to not be posted, notifying the requesting process that the requesting process does not have access to post the message to the destination process.
  - 6. The method of claim 1, further comprising:
    - if the message is not to be posted, storing the message and the requestor information in a log.
  - 7. The method of claim 1, wherein the additional criteria comprise at least one of, posting the message with impossible parameters, or posting the message in an inappropriate context.
  - 17. The computing device of claim 5, further comprising:
    - a first window object having a method to post the message; and
      
      a second window object that corresponds to the destination process, the second window object to receive the message and to place the message on the message queue.

8. A non-transitory machine-accessible medium comprising instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
- intercepting, by the processing device, a request from a requesting process to post a message to a destination process in an operating environment in which processes communicate via message queues, wherein each destination process in the operating environment communicates via a corresponding message queue;
  
  determining whether the requesting process is a same as the destination process in view of the message;
  
  in response to a determination that the requesting process is not the same as the destination process,evaluating message content and requestor information associated with the request to determine whether the message is to be posted;
  
  posting the message to a message queue of the destination process if the message is to be posted; and
  
  if the message is not to be posted, and the message satisfies additional criteria, causing the requesting process to be terminated, wherein the additional criteria compriseposting the message with impossible parameters; and
  
  in response to a determination that the requesting process is the same as the destination process, posting the message to the message queue of the destination process.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory machine-accessible medium of claim 8, wherein the evaluating is performed by a kernel component of the operating environment, wherein the requesting process and the destination process reside on a same computing device, and wherein the destination process receives the message directly from the message queue of the destination process.
  - 10. The non-transitory machine-accessible medium of claim 8, wherein the request to post the message is made by a method invoked on a first window object, and wherein the destination process comprises a second window object.
  - 11. The non-transitory machine-accessible medium of claim 8, the operations further comprising:
    - evaluating a security context of the destination process to determine whether the message is to be posted.
  - 12. The non-transitory machine-accessible medium of claim 8, the operations further comprising:
    - if the message is to not be posted, notifying the requesting process that the requesting process does not have access to post the message to the destination.
  - 13. The non-transitory machine-accessible medium of claim 8, the operations further comprising:
    - if the message is not to be posted, storing the message and the requestor information in a log.
  - 14. The non-transitory machine-accessible medium of claim 8, wherein the additional criteria comprise at least one of posting an undocumented message, or posting the message in an inappropriate context.

15. A computing device, comprising:
- a memory to store message queues;
  
  a processing device coupled to the memory;
  
  a message interceptor, executable by the processing device, to intercept a request from a requesting process to post a message to a destination process in an operating environment in which processes communicate via the message queues, wherein each destination process in the operating environment communicates via a corresponding message queue; and
  
  a message evaluator, coupled with the message interceptor and executable by the processing device to;
  
  determine whether the requesting process is a same as the destination process in view of the message;
  
  in response to a determination that the requesting process is not the same as the destination process,evaluate message content and requestor information associated with the request to determine whether the message is to be posted,permit the message to be posted to a message queue of the destination process if the message is to be posted, andif the message is not to be posted, and the message satisfies additional criteria, cause the requesting process to be terminated, wherein the additional criteria comprise posting the message in an inappropriate context; and
  
  in response to a determination that the requesting process is the same as the destination process, post the message to the message queue of the destination process.
- View Dependent Claims (16, 18)
- - 16. The computing device of claim 15, wherein the message evaluator is a kernel component of the operating environment, and wherein the requesting process and the destination process reside on a same computing device.
  - 18. The computing device of claim 15, wherein the message evaluator is to evaluate a security context of the destination process to determine whether the message is to be posted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Schneider, James P.
Primary Examiner(s)
DAO, TUAN C.

Application Number

US11/893,444
Publication Number

US 20090049454A1
Time in Patent Office

2,617 Days
Field of Search
US Class Current

719/314
CPC Class Codes

G06F 9/546 Message passing systems or ...

Securing inter-process communication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Securing inter-process communication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links