Control of data access by dynamically verifying legal references
First Claim
1. A method for controlling access to data handled by references in a system for executing programs, said programs including processes and tasks, wherein upon executing a program, the method comprises the following steps:
- having the system store an entire set of licit references which the program obtains by means considered as licit, wherein a reference identifies at least one a pointer or data of the program, the data including structures, objects, and tables, said licit reference being stored when introducing into the program said reference by a licit means and when this licit reference is not already stored, wherein a reference is considered to be licit when that reference was obtained in a manner permissible in accordance with a system, context and program being used, and a reference is considered not licit when that reference was not obtained in a manner permissible in accordance with the system, context and program being used;
before any operation intended to be forbidden in case said operation deals with values which are not licit references, having the system check that said values are among the licit references which have been stored for this program, andaccepting the operation, responsive to said step of checking, when said checking determines said values are among the licit references, and rejecting the operation responsive to said step of checking, when said checking determines said values are not among the licit references.
1 Assignment
0 Petitions
Accused Products
Abstract
The inventive method for controlling access to data which is used by reference in a program execution system (including processes and aims) during the program execution consists in memorising by the system the totality of references obtainable by said program with the aid of means considered legal, before any operation which can be prohibited if it relates to values which are not legal references, in verifying by the system whether said values are amongst the legal references memorized for the program and in accepting or rejecting the operation, respectively.
20 Citations
17 Claims
-
1. A method for controlling access to data handled by references in a system for executing programs, said programs including processes and tasks, wherein upon executing a program, the method comprises the following steps:
-
having the system store an entire set of licit references which the program obtains by means considered as licit, wherein a reference identifies at least one a pointer or data of the program, the data including structures, objects, and tables, said licit reference being stored when introducing into the program said reference by a licit means and when this licit reference is not already stored, wherein a reference is considered to be licit when that reference was obtained in a manner permissible in accordance with a system, context and program being used, and a reference is considered not licit when that reference was not obtained in a manner permissible in accordance with the system, context and program being used; before any operation intended to be forbidden in case said operation deals with values which are not licit references, having the system check that said values are among the licit references which have been stored for this program, and accepting the operation, responsive to said step of checking, when said checking determines said values are among the licit references, and rejecting the operation responsive to said step of checking, when said checking determines said values are not among the licit references. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification