Generic privilege escalation prevention
First Claim
Patent Images
1. An apparatus for managing an application, comprising:
- a memory element coupled to a processing element; and
a protection module, wherein the protection module is configured to;
identify an access token of the application;
determine if the access token is a system token;
responsive to the access token failing to be a system token, enable a runtime module coupled to the processing element;
determine whether the runtime module is enabled, wherein the runtime module is to determine whether the application has the system token;
responsive to determining the application has the system token, terminate the application; and
responsive to determining the application fails to have the system token, allow the application to execute.
10 Assignments
0 Petitions
Accused Products
Abstract
An apparatus, method, computer readable storage medium are provided in one or more examples and comprise accessing an application, identifying an access token of the application, determining if the access token is a system token, and responsive to the access token failing to be a system token, enabling a runtime module.
-
Citations
16 Claims
-
1. An apparatus for managing an application, comprising:
-
a memory element coupled to a processing element; and a protection module, wherein the protection module is configured to; identify an access token of the application; determine if the access token is a system token; responsive to the access token failing to be a system token, enable a runtime module coupled to the processing element; determine whether the runtime module is enabled, wherein the runtime module is to determine whether the application has the system token; responsive to determining the application has the system token, terminate the application; and responsive to determining the application fails to have the system token, allow the application to execute. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. At least one non-transitory computer readable storage medium that includes code for execution for managing an application, and when executed by a processing element is operable to:
-
identify an access token of the application; determine if the access token is a system token; responsive to the access token failing to be a system token, enable a runtime module; determine whether the runtime module is enabled, wherein the runtime module is to determine whether the application has the system token; responsive to determining the application has the system token, terminate the application; and responsive to determining the application fails to have the system token, allow the application to execute. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method for managing an application, comprising:
-
identifying an access token of the application; determining if the access token is a system token; and responsive to the access token failing to be a system token, enabling a runtime module coupled to a processing element; determining whether the runtime module is enabled, wherein the runtime module is to determine whether the application has the system token; responsive to determining the application has the system token, terminating the application; and responsive to determining the application fails to have the system token, allowing the application to execute. - View Dependent Claims (13, 14, 15, 16)
-
Specification