Controlling access to a resource
DC CAFCFirst Claim
1. A method for providing security, the method comprising the steps of:
- detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions.
2 Assignments
Litigations
0 Petitions
Reexamination
Accused Products
Abstract
A method and system are provided for determining whether a principal (e.g. a thread) may access a particular resource. According to one aspect of the invention, the access authorization determination takes into account the sources of the code on the call stack of the principal at the time the access is desired. Because the source of the code on the call stack will vary over time, so will the access rights of the principal. Thus, when a request for an action is made by a thread, a determination is made of whether the action is authorized based on permissions associated with routines in a calling hierarchy associated with the thread. The determination of whether a request is authorized is based on a determination of whether at least one permission associated with each routine encompasses the permission required to perform the requested action. Support for “privileged” routines is also provided. When a routine in the calling hierarchy is privileged, the determination of whether an action is authorized is made by determining whether at least one permission associated with each routine between and including the privileged routine and a second routine in the calling hierarchy encompasses the permission required to perform the requested action.
163 Citations
21 Claims
-
1. A method for providing security, the method comprising the steps of:
-
detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions. - View Dependent Claims (2, 3, 4)
the step of detecting when a request for an action is made includes detecting when a request for an action is made by a thread; and
the step of determining whether said action is authorized includes determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said thread.
-
-
3. The method of claim 1, wherein:
-
the calling hierarchy includes a first routine; and
the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.
-
-
4. The method of claim 1, wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.
-
5. A method for providing security, the method comprising the steps of:
-
detecting when a request for an action is made by a principal, determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said principal;
wherein each routine of said plurality of routines is associated with a class; and
wherein said association between permissions and said plurality of routines is based on a second association between classes and protection domains.
-
-
6. A method for providing security, the method comprising the steps of:
-
detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein a first routine in said calling hierarchy is privileged; and
wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and a second routine in said calling hierarchy, wherein said second routine is invoked after said first routine, wherein said second routine is a routine for performing said requested action. - View Dependent Claims (7, 8, 9)
determining whether said permission required is encompassed by at least one permission associated with said second routine; and
in response to determining said permission required is encompassed by at least one permission associated with said second routine, then performing the steps of;
A) selecting a next routine from said plurality of routines in said calling hierarchy, B) if said permission required is not encompassed by at least one permission associated with said next routine, then transmitting a message indicating that said permission required is not authorized, and C) repeating steps A and B until;
said permission required is not authorized by at least one permission associated with said next routine, there are no more routines to select from said plurality of routines in said calling hierarchy, or determining that said next routine is said first routine.
-
-
8. The method of claim 7, wherein:
-
the method further includes the step of setting a flag associated with said first routine to indicate that said first routine is privileged; and
the step of determining that said next routine is said first routine includes determining that a flag associated with said next routine indicates said next routine is privileged.
-
-
9. The method of claim 8, wherein the step of setting said flag associated with said first routine includes setting a flag in a frame in said calling hierarchy associated with said thread.
-
10. A computer-readable medium carrying one or more sequences of one or more instructions, the one or more sequences of the one or more instructions including instructions which, when executed by one or more processors, causes the one or more processors to perform the steps of:
-
detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions. - View Dependent Claims (11, 12, 13)
the step of detecting when a request for an action is made includes detecting when a request for an action is made by a thread; and
the step of determining whether said action is authorized includes determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said thread.
-
-
12. The computer readable medium of claim 10, wherein:
-
the calling hierarchy includes a first routine; and
the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.
-
-
13. The computer readable medium of claim 10, wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.
-
14. A computer-readable medium bearing instructions for providing security, the instructions including instructions for performing the steps of:
-
detecting when a request for an action is made by a principal;
determining whether said action is authorized based on an association between permissions and a plurality of routines in a calling hierarchy associated with said principal;
wherein each routine of said plurality of routines is associated with a class; and
wherein said association between permissions and said plurality of routines is based on a second association between classes and protection domains.
-
-
15. A computer-readable medium carrying one or more sequences of one or more instructions, the one or more sequences of the one or more instructions including instructions which, when executed by one or more processors, causes the one or more processors to perform the steps of:
-
detecting when a request for an action is made by a principal; and
in response to detecting the request, determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein a first routine in said calling hierarchy is privileged; and
wherein the step of determining whether said action is authorized further includes determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy between and including said first routine and a second routine in said calling hierarchy, wherein said second routine is invoked after said first routine, wherein said second routine is a routine for performing said requested action. - View Dependent Claims (16, 17, 18)
determining whether said permission required is encompassed by at least one permission associated with said second routine; and
in response to determining said permission required is encompassed by at least one permission associated with said second routine, then performing the steps of;
A) selecting a next routine from said plurality of routines in said calling hierarchy, B) if said permission required is not encompassed by at least one permission associated with said next routine, then transmitting a message indicating that said permission required is not authorized, and C) repeating steps A and B until;
said permission required is not authorized by at least one permission associated with said next routine, there are no more routines to select from said plurality of routines in said calling hierarchy, or determining that said next routine is said first routine.
-
-
17. The computer readable medium of claim 16, wherein:
-
the computer readable medium further comprises one or more instructions for performing the step of setting a flag associated with said first routine to indicate that said first routine is privileged; and
the step of determining that said next routine is said first routine includes determining that a flag associated with said next routine indicates said next routine is privileged.
-
-
18. The computer readable medium of claim 17, wherein the step of setting said flag associated with said first routine includes setting a flag in a frame in said calling hierarchy associated with said thread.
-
19. A computer system comprising:
-
a processor;
a memory coupled to said processor;
said processor being configured to detect when a request for an action is made by a principal; and
said processor being configured to respond to detecting the request by determining whether said action is authorized based on permissions associated with a plurality of routines in a calling hierarchy associated with said principal, wherein said permissions are associated with said plurality of routines based on a first association between protection domains and permissions. - View Dependent Claims (20, 21)
the calling hierarchy includes a first routine; and
said processor is configured to determine whether said action is authorized by determining whether a permission required to perform said action is encompassed by at least one permission associated with said first routine.
-
-
21. The computer system of claim 19, wherein
said processor is configured to determine whether said action is authorized by determining whether a permission required to perform said action is encompassed by at least one permission associated with each routine in said calling hierarchy.
Specification