User level control of degree of client-side processing
First Claim
Patent Images
1. A data processing system for setting desired security levels for application programs without modification of the application programs, said system comprising:
- a processor, input means, output means, and memory means coupled via a bus;
means for storing a kernel and an operating system in said memory means;
means for storing a plurality of different security level versions of selected ones of a plurality of dynamically linked libraries, wherein a security level determines an amount of interaction between said operating system and an application program;
means for loading into said memory means a first application program;
means for storing said first application program in said memory means;
means for determining a security level for said first application program;
means for determining which of said selected ones of a plurality of dynamically linked libraries is requested by said first application program;
means for retrieving, without modifying said first application program, one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program, wherein said retrieved one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level corresponds to said dynamically linked library requested by said first application program;
means for loading into said memory means said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program;
means for loading a dynamically linked library having a default security level when said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program is not retrievable;
means for loading into said memory means said dynamically linked library having a default security level when said desired security level for said first application program cannot be determined;
means for loading into said memory means a message stub which allows said operating system, which loaded said first application program, to support said desired security level for said first application program;
means for loading into said memory means a second application program;
means for storing said second application program in said memory means;
means for determining what is the desired security level for said second application program;
means for determining which of said selected ones of a plurality of dynamically linked libraries is requested by said second application program;
means for retrieving, without modifying said second application program, one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said second application program, wherein said retrieved one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level corresponds to said dynamically linked library requested by said second application program;
means for loading into said memory means said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said second application program;
means for loading into said memory means a dynamically linked library having a default security level when said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level, for said second application program is not retrievable;
means for loading into said memory means said dynamically linked library having a default security level when said desired security level for said second application program cannot be determined; and
means for loading into said memory means a message stub which allows said operating system, which loaded said second application program, to support said desired security level for said second application program.
1 Assignment
0 Petitions
Accused Products
Abstract
A data processing system stores and maintains a plurality of security levels for dynamically linked libraries. Upon loading of an application, and upon determination of which dynamically linked libraries are required by the application, the data processing system determines the predefined security level assigned to the application and loads dynamically linked libraries previously encoded with the predefined security level.
62 Citations
22 Claims
-
1. A data processing system for setting desired security levels for application programs without modification of the application programs, said system comprising:
-
a processor, input means, output means, and memory means coupled via a bus;
means for storing a kernel and an operating system in said memory means;means for storing a plurality of different security level versions of selected ones of a plurality of dynamically linked libraries, wherein a security level determines an amount of interaction between said operating system and an application program; means for loading into said memory means a first application program; means for storing said first application program in said memory means; means for determining a security level for said first application program; means for determining which of said selected ones of a plurality of dynamically linked libraries is requested by said first application program; means for retrieving, without modifying said first application program, one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program, wherein said retrieved one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level corresponds to said dynamically linked library requested by said first application program; means for loading into said memory means said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program; means for loading a dynamically linked library having a default security level when said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said first application program is not retrievable; means for loading into said memory means said dynamically linked library having a default security level when said desired security level for said first application program cannot be determined; means for loading into said memory means a message stub which allows said operating system, which loaded said first application program, to support said desired security level for said first application program; means for loading into said memory means a second application program; means for storing said second application program in said memory means; means for determining what is the desired security level for said second application program; means for determining which of said selected ones of a plurality of dynamically linked libraries is requested by said second application program; means for retrieving, without modifying said second application program, one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said second application program, wherein said retrieved one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level corresponds to said dynamically linked library requested by said second application program; means for loading into said memory means said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said second application program; means for loading into said memory means a dynamically linked library having a default security level when said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level, for said second application program is not retrievable; means for loading into said memory means said dynamically linked library having a default security level when said desired security level for said second application program cannot be determined; and means for loading into said memory means a message stub which allows said operating system, which loaded said second application program, to support said desired security level for said second application program. - View Dependent Claims (2, 3)
-
-
4. A data processing system comprising:
-
a processor, input means, output means, and memory means coupled via a bus; means for storing a kernel and an operating system in said memory means; means for storing one or more application programs in said memory means; means for defining one or more security levels; means for storing one or more dynamically linked libraries in said memory means, each dynamically linked library associated with one of the defined security levels; means for loading an application program; and means for linking, without modifying the application program, one or more of the dynamically linked libraries to an application program when the application program is loaded, wherein the security level of each dynamically linked library linked to the application program is a desired security level of the application program, and wherein the security level of each dynamically linked library determines a degree of access the application program has to one or more system resources, and wherein each time the application program is loaded, it may be linked to different dynamically linked libraries at different security levels. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11)
-
-
12. In a data processing system, a method for setting a desired security level for an application program, said method comprising the steps of:
-
defining one or more security levels; storing one or more dynamically linked libraries, each dynamically linked library associated with one of the defined security levels; loading the application program; and linking, without modifying the application program, one or more of the dynamically linked libraries to the application program, wherein the security level of each dynamically linked library is the desired security level of the application program, and wherein the security level of each dynamically linked library determines a degree of access the application program has to one or more system resources, and wherein each time the application program is loaded, it may be linked to different dynamically linked libraries at different security levels. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. In a data processing system, a method for setting a desired security level for an application program, said method comprising:
-
storing a kernel and an operating system in a memory means; storing a plurality of different security level versions of selected ones of a plurality of dynamically linked libraries, wherein a security level determines an amount of interaction between said operating system and an application program; loading into said memory means an application program; storing said application program in said memory means; determining a security level for said application program; determining which of said selected ones of a plurality of dynamically linked libraries is requested by said application program; retrieving, without modifying said application program, one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said application program, wherein said retrieved one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level corresponds to said dynamically linked library requested by said application program; and loading into said memory means said one of said selected ones of a plurality of dynamically linked libraries which incorporates said desired security level for said application program. - View Dependent Claims (20, 21, 22)
-
Specification