DE69706440T2 - Schutzmittel in einem verteilten rechnersystem - Google Patents

Schutzmittel in einem verteilten rechnersystem

Info

Publication number
DE69706440T2
DE69706440T2 DE69706440T DE69706440T DE69706440T2 DE 69706440 T2 DE69706440 T2 DE 69706440T2 DE 69706440 T DE69706440 T DE 69706440T DE 69706440 T DE69706440 T DE 69706440T DE 69706440 T2 DE69706440 T2 DE 69706440T2
Authority
DE
Germany
Prior art keywords
computer system
distributed computer
protective agents
agents
protective
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69706440T
Other languages
English (en)
Other versions
DE69706440D1 (de
Inventor
Joerg Bischof
Thomas Eirich
Dirk Husemann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Application granted granted Critical
Publication of DE69706440D1 publication Critical patent/DE69706440D1/de
Publication of DE69706440T2 publication Critical patent/DE69706440T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/468Specific access rights for resources, e.g. using capability register
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • G06F9/548Object oriented; Remote method invocation [RMI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/30Managing network names, e.g. use of aliases or nicknames
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/30Managing network names, e.g. use of aliases or nicknames
    • H04L61/3015Name registration, generation or assignment
    • H04L61/3025Domain name generation or assignment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/35Network arrangements, protocols or services for addressing or naming involving non-standard use of addresses for implementing network functionalities, e.g. coding subscription information within the address or functional addressing, i.e. assigning an address to a function
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99939Privileged access
DE69706440T 1997-01-17 1997-01-17 Schutzmittel in einem verteilten rechnersystem Expired - Lifetime DE69706440T2 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB1997/000025 WO1998032073A1 (en) 1997-01-17 1997-01-17 Protecting resources in a distributed computer system

Publications (2)

Publication Number Publication Date
DE69706440D1 DE69706440D1 (de) 2001-10-04
DE69706440T2 true DE69706440T2 (de) 2002-05-16

Family

ID=11004521

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69706440T Expired - Lifetime DE69706440T2 (de) 1997-01-17 1997-01-17 Schutzmittel in einem verteilten rechnersystem

Country Status (6)

Country Link
US (1) US6658573B1 (de)
EP (1) EP0953172B1 (de)
JP (1) JP3381927B2 (de)
KR (1) KR100373526B1 (de)
DE (1) DE69706440T2 (de)
WO (1) WO1998032073A1 (de)

Families Citing this family (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6760746B1 (en) 1999-09-01 2004-07-06 Eric Schneider Method, product, and apparatus for processing a data request
US6633984B2 (en) * 1999-01-22 2003-10-14 Sun Microsystems, Inc. Techniques for permitting access across a context barrier on a small footprint device using an entry point object
USRE43690E1 (en) 1999-03-22 2012-09-25 Esdr Network Solutions Llc Search engine request method, product, and apparatus
US6338082B1 (en) 1999-03-22 2002-01-08 Eric Schneider Method, product, and apparatus for requesting a network resource
US7188138B1 (en) * 1999-03-22 2007-03-06 Eric Schneider Method, product, and apparatus for resource identifier registration and aftermarket services
US9141717B2 (en) 1999-03-22 2015-09-22 Esdr Network Solutions Llc Methods, systems, products, and devices for processing DNS friendly identifiers
USRE44207E1 (en) 1999-09-01 2013-05-07 Esdr Network Solutions Llc Network resource access method, product, and apparatus
DE60017438T2 (de) * 1999-09-03 2005-12-22 General Instrument Corporation System zur betriebsmittelzugriffsteuerung
EP1113361A1 (de) * 2000-01-03 2001-07-04 Wimba.Com S.A. Kommunikationsverfahren zwischen einem Applet und einem lokalen Agent über einen Socket-Kommunikationskanal
GB0020441D0 (en) * 2000-08-18 2000-10-04 Hewlett Packard Co Performance of a service on a computing platform
US7096466B2 (en) * 2001-03-26 2006-08-22 Sun Microsystems, Inc. Loading attribute for partial loading of class files into virtual machines
US7237257B1 (en) 2001-04-11 2007-06-26 Aol Llc Leveraging a persistent connection to access a secured service
US6964033B2 (en) * 2001-06-20 2005-11-08 Sun Microsystems, Inc. Object band customization of Java runtime environments
US7117489B2 (en) * 2001-06-20 2006-10-03 Sun Microsystems, Inc. Optional attribute generator for customized Java programming environments
US7155728B1 (en) * 2001-06-28 2006-12-26 Microsoft Corporation Remoting features
US20030018909A1 (en) * 2001-07-17 2003-01-23 International Business Machines Corporation Method and apparatus for enforcing security policies in Java applications
GB0212314D0 (en) * 2002-05-28 2002-07-10 Symbian Ltd Secure mobile wireless device
AU2003245574A1 (en) * 2002-06-21 2004-01-06 Probix, Inc. Method and system for protecting digital objects distributed over a network using an electronic mail interface
CA2402717C (en) * 2002-09-10 2013-04-09 Research In Motion Limited User interface and method of adapting a sensor signal to actuate multiple dimensions
US7453448B2 (en) * 2002-09-10 2008-11-18 Research In Motion Limited User interface and method of adapting a sensor signal to actuate multiple dimensions
FR2846770B1 (fr) * 2002-11-04 2005-01-28 Oberthur Card Syst Sa Carte a microcircuit comportant des moyens de publication de ses objets informatiques
US20050005105A1 (en) * 2003-06-24 2005-01-06 Brown Larry Cecil Remote access control feature for limiting access to configuration file components
FR2864658B1 (fr) * 2003-12-30 2006-02-24 Trusted Logic Controle d'acces aux donnees par verification dynamique des references licites
US7716728B2 (en) * 2004-02-16 2010-05-11 Microsoft Corproation Security scopes and profiles
US7640573B2 (en) 2004-02-16 2009-12-29 Microsoft Corporation Generic security claim processing model
US7873831B2 (en) * 2004-02-26 2011-01-18 Microsoft Corporation Digests to identify elements in a signature process
US7950000B2 (en) * 2004-03-17 2011-05-24 Microsoft Corporation Architecture that restricts permissions granted to a build process
US8607299B2 (en) * 2004-04-27 2013-12-10 Microsoft Corporation Method and system for enforcing a security policy via a security virtual machine
WO2005107204A1 (en) * 2004-05-04 2005-11-10 Telecom Italia S.P.A. Method and system for access control in distributed object-oriented systems
US7484247B2 (en) 2004-08-07 2009-01-27 Allen F Rozman System and method for protecting a computer system from malicious software
US7793350B2 (en) * 2004-10-28 2010-09-07 International Business Machines Corporation Apparatus, system, and method for simulated access to restricted computing resources
GB2422453A (en) * 2005-01-22 2006-07-26 Hewlett Packard Development Co Dynamically allocating resources according to a privacy policy
US7574700B2 (en) * 2005-03-31 2009-08-11 Sun Microsystems, Inc. Supporting dynamically-typed languages in typed assembly languages
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8046778B1 (en) 2007-11-26 2011-10-25 Adobe Systems Incorporated Managing device application program interfaces
US8209685B1 (en) 2007-11-26 2012-06-26 Adobe Systems Incorporated Virtual machine device access
US8505029B1 (en) * 2007-11-26 2013-08-06 Adobe Systems Incorporated Virtual machine communication
US9166797B2 (en) * 2008-10-24 2015-10-20 Microsoft Technology Licensing, Llc Secured compartment for transactions
CN102073597B (zh) * 2009-11-19 2016-04-13 北京明朝万达科技股份有限公司 一种基于用户身份认证的操作系统盘全盘加密方法
JP5739182B2 (ja) 2011-02-04 2015-06-24 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 制御システム、方法およびプログラム
JP5731223B2 (ja) 2011-02-14 2015-06-10 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 異常検知装置、監視制御システム、異常検知方法、プログラムおよび記録媒体
JP5689333B2 (ja) 2011-02-15 2015-03-25 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 異常検知システム、異常検知装置、異常検知方法、プログラムおよび記録媒体
US8898459B2 (en) 2011-08-31 2014-11-25 At&T Intellectual Property I, L.P. Policy configuration for mobile device applications
US8918841B2 (en) * 2011-08-31 2014-12-23 At&T Intellectual Property I, L.P. Hardware interface access control for mobile applications
US10146522B1 (en) * 2015-03-10 2018-12-04 Twitter, Inc. Live code updates
US10956136B2 (en) 2018-10-16 2021-03-23 Ebay, Inc. User interface resource file optimization
KR102239902B1 (ko) * 2019-06-03 2021-04-13 김덕우 보조기억장치에서의 파일시스템 보호장치 및 방법

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3173004B2 (ja) * 1990-09-06 2001-06-04 日本電気株式会社 アクセス権制御方式
US5577252A (en) 1993-07-28 1996-11-19 Sun Microsystems, Inc. Methods and apparatus for implementing secure name servers in an object-oriented system
US5717911A (en) * 1995-01-23 1998-02-10 Tandem Computers, Inc. Relational database system and method with high availability compliation of SQL programs
US5857102A (en) * 1995-03-14 1999-01-05 Sun Microsystems, Inc. System and method for determining and manipulating configuration information of servers in a distributed object environment
GB2301912A (en) * 1995-06-09 1996-12-18 Ibm Security for computer system resources
US5745683A (en) * 1995-07-05 1998-04-28 Sun Microsystems, Inc. System and method for allowing disparate naming service providers to dynamically join a naming federation
JP3738787B2 (ja) * 1995-10-19 2006-01-25 富士ゼロックス株式会社 資源管理装置及び資源管理方法
US5944793A (en) * 1996-11-21 1999-08-31 International Business Machines Corporation Computerized resource name resolution mechanism
US6145083A (en) * 1998-04-23 2000-11-07 Siemens Information And Communication Networks, Inc. Methods and system for providing data and telephony security
US6205466B1 (en) * 1998-07-17 2001-03-20 Hewlett-Packard Company Infrastructure for an open digital services marketplace

Also Published As

Publication number Publication date
US6658573B1 (en) 2003-12-02
KR20000069948A (ko) 2000-11-25
EP0953172A1 (de) 1999-11-03
JP3381927B2 (ja) 2003-03-04
EP0953172B1 (de) 2001-08-29
WO1998032073A1 (en) 1998-07-23
DE69706440D1 (de) 2001-10-04
KR100373526B1 (ko) 2003-02-25
JP2000508104A (ja) 2000-06-27

Similar Documents

Publication Publication Date Title
DE69706440D1 (de) Schutzmittel in einem verteilten rechnersystem
DE69830709D1 (de) Integritätsschutz in einem telekommunikationssystem
DE69517206D1 (de) Virenschutz in rechnersystemen
DE69803575T2 (de) Visualisierung in einem modularen softwaresystem
KR960011695A (ko) 컴퓨터 시스템
DE69811295D1 (de) Fahrradcomputer
DE69327576D1 (de) Paralleles Rechnersystem
NO950780L (no) Datamaskin-system
KR960011629A (ko) 컴퓨터 시스템
DE69804548D1 (de) Computergehäuse
DE69705507D1 (de) Ereignisversammlung in einem verteilten objektsystem
DE69825350D1 (de) Verzweigungsvorhersage in Rechnersystem
FI972843A (fi) Tietokonejärjestelmä
DE69802290D1 (de) Gemeinsame unterbrechungsverarbeitung in einem datenverarbeitungssystem
DE29703630U1 (de) Rechner
DE69940784D1 (de) Tiv ausgeführten jobs in einem multiverarbeitungssystem
DE69810098D1 (de) Leseoperationen in einem multiprozessorrechnersystem
DE69712998D1 (de) Auftragsverteilung in einem Mehrfachknoten-Rechnersystem
DE29618083U1 (de) EDV-System-Koffer
GB9721299D0 (en) Improvements in computer systems
DE29603765U1 (de) Computergehäuse
DE29703554U1 (de) EDV-System-Koffer
DE59809778D1 (de) Datenbus in einem Rechnersystem
FR2764408B1 (fr) Ordinateur securise
DE29618106U1 (de) EDV-System-Koffer

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8320 Willingness to grant licences declared (paragraph 23)
8328 Change in the person/name/address of the agent

Representative=s name: DUSCHER, R., DIPL.-PHYS. DR.RER.NAT., PAT.-ANW., 7

R082 Change of representative

Ref document number: 953172

Country of ref document: EP

Representative=s name: PFENNING MEINIG & PARTNER GBR, DE