Conditional security response using taint vector monitoring
First Claim
Patent Images
1. A computing system comprising:
- one or more input interfaces configured to receive information from a plurality of computing resources;
one or more processors configured to monitor one or more taints associated with the information received from at least one of the plurality of computing resources, the one or more processors including at least;
at least one taint vector including a plurality of vector fields operated upon by one or more instructions in parallel to monitor and respond to at least one of a plurality of taints indicative of potential security risk originating from at least one of the plurality of computing resources, the at least one of the plurality of taints independently associated with the at least one of the plurality of computing resources, wherein the plurality of vector fields of one or more of the at least one taint vector include at least;
at least one vector field identifying at least one of the plurality of computing resources; and
at least one vector field corresponding to at least one of sources, events, conditions, or suspicious activities associated with the identified at least one of the plurality of computing resources;
at least one taint bias vector; and
response logic operable to monitor the at least one taint vector and respond to a predetermined taint condition in a predetermined manner, wherein the response logic is configured to respond to one or more predetermined instructions in parallel by recursively adding the at least one taint bias vector to the at least one taint vector;
wherein the predetermined manner includes one or more of ignoring a security risk event, logging the at least one security risk event, displaying a notification, displaying a warning message, generating an alarm, raising an exception, preventing writing by or to one or more of the plurality of computing resources, trapping one or more operations attempted by one or more of the plurality of computing resources, modifying operating frequency, modifying operating voltage, modifying an operating parameter, performing a system call, terminating a particular process, or ending one or more operations of one or more of the plurality of computing resources.
7 Assignments
0 Petitions
Accused Products
Abstract
An embodiment or embodiments of a computing system can conditionally trap based on a taint vector. A computing system can comprise at least one taint vector operable to list at least one of a plurality of taints indicative of potential security risk originating from at least one of a plurality of resources, and response logic operable to monitor the at least one taint vector and respond to a predetermined taint condition.
216 Citations
47 Claims
-
1. A computing system comprising:
-
one or more input interfaces configured to receive information from a plurality of computing resources; one or more processors configured to monitor one or more taints associated with the information received from at least one of the plurality of computing resources, the one or more processors including at least; at least one taint vector including a plurality of vector fields operated upon by one or more instructions in parallel to monitor and respond to at least one of a plurality of taints indicative of potential security risk originating from at least one of the plurality of computing resources, the at least one of the plurality of taints independently associated with the at least one of the plurality of computing resources, wherein the plurality of vector fields of one or more of the at least one taint vector include at least; at least one vector field identifying at least one of the plurality of computing resources; and at least one vector field corresponding to at least one of sources, events, conditions, or suspicious activities associated with the identified at least one of the plurality of computing resources; at least one taint bias vector; and response logic operable to monitor the at least one taint vector and respond to a predetermined taint condition in a predetermined manner, wherein the response logic is configured to respond to one or more predetermined instructions in parallel by recursively adding the at least one taint bias vector to the at least one taint vector; wherein the predetermined manner includes one or more of ignoring a security risk event, logging the at least one security risk event, displaying a notification, displaying a warning message, generating an alarm, raising an exception, preventing writing by or to one or more of the plurality of computing resources, trapping one or more operations attempted by one or more of the plurality of computing resources, modifying operating frequency, modifying operating voltage, modifying an operating parameter, performing a system call, terminating a particular process, or ending one or more operations of one or more of the plurality of computing resources. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method operable in a computing device configured at least partially in hardware for handling security risk comprising:
-
receiving information from a plurality of computing resources; monitoring one or more taints associated with the information received from at least one the plurality of computing resources; providing at least one taint vector including a plurality of vector fields operated upon by one or more instructions; executing the one or more instructions in parallel to monitor and respond to the at least one taint vector including a plurality of vector fields associated with at least one of a plurality of taints indicative of potential security risk originating from at least one of the plurality of computing resources, wherein the plurality of vector fields of one or more of the at least one taint vector including a plurality of vector fields include at least; at least one vector field identifying at least one of the plurality of computing resources; and at least one vector field corresponding to at least one of sources, events, conditions, or suspicious activities associated with the identified at least one of the plurality of computing resources; independently associating the at least one of the plurality of taints with the at least one of the plurality of computing resources; monitoring the at least one taint vector; and responding to a predetermined taint condition including at least responding to one or more predetermined instructions in a predetermined manner in parallel by recursively adding at least one taint bias vector to the at least one taint vector; wherein the predetermined manner includes one or more of ignoring a security risk event, logging the at least one security risk event, displaying a notification, displaying a warning message, generating an alarm, raising an exception, preventing writing by or to one or more of the plurality of computing resources, trapping one or more operations attempted by one or more of the plurality of computing resources, modifying operating frequency, modifying operating voltage, modifying an operating parameter, performing a system call, terminating a particular process, or ending one or more operations of one or more of the plurality of computing resources. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
46. A computing system comprising:
-
one or more input interfaces configured to receive information from a plurality of computing resources; one or more processors configured to monitor one or more taints associated with the information received from at least one of the plurality of computing resources, the one or more processors including at least; at least one taint vector including a plurality of vector fields operated upon by one or more instructions; means for executing the one or more instructions in parallel to monitor and respond to the at least one taint vector including a plurality of vector fields associated with at least one of a plurality of taints indicative of potential security risk originating from at least one of the plurality of computing resources, wherein the plurality of vector fields of one or more of the at least one taint vector include at least; at least one vector field identifying at least one of the plurality of computing resources; and at least one vector field corresponding to at least one of sources, events, conditions, or suspicious activities associated with the identified at least one of the plurality of computing resources; means for independently associating the at least one of the plurality of taints with the at least one of the plurality of computing resources; means for monitoring the at least one taint vector; and means for responding to a predetermined taint condition in a predetermined manner including at least responding to one or more predetermined instructions in parallel by recursively adding at least one taint bias vector to the at least one taint vector; wherein the predetermined manner includes one or more of ignoring a security risk event, logging the at least one security risk event, displaying a notification, displaying a warning message, generating an alarm, raising an exception, preventing writing by or to one or more of the plurality of computing resources, trapping one or more operations attempted by one or more of the plurality of computing resources, modifying operating frequency, modifying operating voltage, modifying an operating parameter, performing a system call, terminating a particular process, or ending one or more operations of one or more of the plurality of computing resources. - View Dependent Claims (47)
-
Specification