Apparatus for configuring operating system and method therefor

US 9,684,525 B2
Filed: 07/18/2014
Issued: 06/20/2017
Est. Priority Date: 07/18/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium (CRSM) storing an operating system to be executed on a computer comprising a memory and a processor, the operating system managing the memory and other resources in the computer via the processor, the operating system comprising:

a system resource management part, in a first domain of the operating system, managing system resources by assigning control permissions for the system resources interworking with the operating system; and

a system operation part, in a second domain of the operating system which is independent from the first domain, executing an application program by utilizing the system resources managed by the system resource management part,wherein the system resource management part includes a resource allocation module allocating a system resource required for the application program, and generating identification information of the application program and information on the system resource allocated to the application program, andwherein the system resource management part includes an access control information database receiving the identification information of the application program and the information on the system resource, generating access control information by mapping the information on the system resource to the identification information of the application program, and storing the generated access control information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are an apparatus and a method for configuring an operating system. An apparatus for configuring an operating system may comprise a system resource management part managing system resources by assigning control permission for system resources which interwork with the operating system to a first domain of the operating system; and a system operation part executing an application program in a second domain of the operating system which is independent from the first domain by utilizing the system resources managed by the system resource management part. Therefore, performance of the operating system may be enhanced at the same time of supporting high security of the operating system so that reliability of the operating system can also be enhanced.

Citations

12 Claims

1. A non-transitory computer-readable storage medium (CRSM) storing an operating system to be executed on a computer comprising a memory and a processor, the operating system managing the memory and other resources in the computer via the processor, the operating system comprising:
- a system resource management part, in a first domain of the operating system, managing system resources by assigning control permissions for the system resources interworking with the operating system; and
  
  a system operation part, in a second domain of the operating system which is independent from the first domain, executing an application program by utilizing the system resources managed by the system resource management part,wherein the system resource management part includes a resource allocation module allocating a system resource required for the application program, and generating identification information of the application program and information on the system resource allocated to the application program, andwherein the system resource management part includes an access control information database receiving the identification information of the application program and the information on the system resource, generating access control information by mapping the information on the system resource to the identification information of the application program, and storing the generated access control information.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The non-transitory CRSM of claim 1, wherein the operating system comprises a monolithic kernel, and wherein the first domain and the second domain are implemented respectively in separate domains of the monolithic kernel, and perform independent functions.
  - 3. The non-transitory CRSM of claim 1, wherein the system resource management part includes a resource release module deleting the information on the system resource corresponding to the identification information of the application program in the access control information database based on the access control information stored in the access control information database in response to a request of the application program to release the system resource.
  - 4. The non-transitory CRSM of claim 1, wherein the system resource management part includes a resource access module controlling access on the system resource by checking whether the information on the system resource corresponding the identification information of the application program exist or not in the access control information database based on the access control information stored in the access control information database in response to a request of the application program to access the system resource.
  - 5. The non-transitory CRSM of claim 1, wherein the system resource management part performs a scheduling function for determining an order of processes constituting the application program.
  - 6. The non-transitory CRSM of claim 1, wherein the system operation part executes the application program by using an access address of the system resource generated by virtualizing the system resource on which access of the application program is permitted.
  - 7. The non-transitory CRSM of claim 1, wherein the system resource includes at least one of an input/output device, a storage device, and a computation device which are used for executing the application program.

8. A processing method of an operating system that is executed on a computer comprising a memory and a processor, the operating system managing the memory and other resources in the computer via the processor, the processing method comprising:
- managing system resources by assigning control permission for the system resources interworking with the operating system in a first domain of the operating system; and
  
  executing an application program by utilizing the system resources in a second domain which is independent from the first domain,wherein, in the managing system resources, the system resource required for the application program is allocated, and access control information generated by mapping information on the system resource allocated to the application program to the application program are stored, andwherein, in the managing system resources, whether access of the application program on the system resource on which access of the application is requested is permitted or not is determined based on the stored access control information in response to a request of the application program to access the system resource.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The processing method of claim 8, wherein the operating system comprises a monolithic kernel, and wherein the managing system resources and the executing an application program are performed respectively in the first domain and the second domain of the monolithic kernel.
  - 10. The processing method of claim 8, wherein, in the managing system resources, the information on the system resource corresponding to the identification information of the application program is deleted based on the stored access control information in response to a request of the application program to release the system resource.
  - 11. The processing method of claim 8, wherein, in the managing system resources, a scheduling function for determining an order of processes constituting the application program is performed.
  - 12. The processing method of claim 8, wherein, in the executing the application program, the application program is executed by using an access address of the system resource generated by virtualizing the system resource on which access of the application program is permitted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Postech Academy-Industry Foundation
Original Assignee
Postech Academy-Industry Foundation
Inventors
Park, Chan Ik, Park, Se Jin
Primary Examiner(s)
ELAMIN, ABDELMONIEM I

Application Number

US14/335,798
Publication Number

US 20150026447A1
Time in Patent Office

1,068 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 9/44505   Configuring for program ini...

G06F 9/468   Specific access rights for ...

G06F 9/50   Allocation of resources, e....

Apparatus for configuring operating system and method therefor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus for configuring operating system and method therefor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links