-
公开(公告)号:US07673109B2
公开(公告)日:2010-03-02
申请号:US11567871
申请日:2006-12-07
IPC分类号: G06F12/00
CPC分类号: G06F21/53 , G06F8/437 , G06F9/45516 , G06F9/52
摘要: Sensitive data structures, such as type data structures, can be used by untrusted application programs without necessarily exposing the sensitive data structures directly. For example, untrusted components, such as application programs that may or may not be type safe, can be allowed to operate in a lower-privilege mode. In addition, the application programs can be associated with an address space with limited permissions (e.g., read-only) to a shared memory heap. Requests by the untrusted components for sensitive data structures can then be handled by trusted components operating in a higher-privilege mode, which may have broader permissions to the shared memory heap. If the requests by the untrusted components are deemed to be valid, the results of the requests can be shared with the lower-privilege mode components through the shared memory heap.
摘要翻译: 不受信任的应用程序可以使用敏感数据结构(例如类型数据结构),而不必直接暴露敏感数据结构。 例如,可以允许不受信任的组件(例如可能或可能不是类型安全的应用程序)以较低权限模式运行。 此外,应用程序可以与具有对共享存储器堆的有限许可(例如,只读))的地址空间相关联。 敏感数据结构的不受信任组件的请求可以由操作在更高权限模式的受信任组件来处理,这可能具有对共享内存堆的更广泛的权限。 如果不信任组件的请求被认为是有效的,则请求的结果可以通过共享内存堆与较低权限模式组件共享。
-
公开(公告)号:US20080126740A1
公开(公告)日:2008-05-29
申请号:US11567871
申请日:2006-12-07
IPC分类号: G06F12/00
CPC分类号: G06F21/53 , G06F8/437 , G06F9/45516 , G06F9/52
摘要: Sensitive data structures, such as type data structures, can be used by untrusted application programs without necessarily exposing the sensitive data structures directly. For example, untrusted components, such as application programs that may or may not be type safe, can be allowed to operate in a lower-privilege mode. In addition, the application programs can be associated with an address space with limited permissions (e.g., read-only) to a shared memory heap. Requests by the untrusted components for sensitive data structures can then be handled by trusted components operating in a higher-privilege mode, which may have broader permissions to the shared memory heap. If the requests by the untrusted components are deemed to be valid, the results of the requests can be shared with the lower-privilege mode components through the shared memory heap.
摘要翻译: 不受信任的应用程序可以使用敏感数据结构(例如类型数据结构),而不必直接暴露敏感数据结构。 例如,可以允许不受信任的组件(例如可能或可能不是类型安全的应用程序)以较低权限模式运行。 此外,应用程序可以与具有对共享存储器堆的有限许可(例如,只读))的地址空间相关联。 敏感数据结构的不受信任组件的请求可以由操作在更高权限模式的受信任组件来处理,这可能具有对共享内存堆的更广泛的权限。 如果不信任组件的请求被认为是有效的,则请求的结果可以通过共享内存堆与较低权限模式组件共享。
-
公开(公告)号:US08479283B2
公开(公告)日:2013-07-02
申请号:US11564204
申请日:2006-11-28
IPC分类号: G06F12/14
摘要: A security program code generator is configured to automatically generate program code used to perform one or more validation checks of components operating in user mode. In one implementation, for example, the program code generator receives one or more files that include declarative values and parameters regarding one or more function calls made by any user mode component. The program code generator then takes the file of declarative call descriptions and automatically generates a user mode stub and a kernel mode stub for each function call of interest to be handled by a kernel mode component. The file(s) that include the user mode stub and the kernel mode stub can then be compiled and linked into the operating system components.
摘要翻译: 安全程序代码生成器被配置为自动生成用于对在用户模式下操作的组件执行一个或多个验证检查的程序代码。 在一个实现中,例如,程序代码生成器接收一个或多个文件,该文件包括关于由任何用户模式组件进行的一个或多个功能调用的声明值和参数。 然后,程序代码生成器接受声明性调用描述文件,并自动生成用于由每个内核模式组件处理的感兴趣的函数调用的用户模式存根和内核模式存根。 然后可以将包含用户模式存根和内核模式存根的文件编译并链接到操作系统组件中。
-
公开(公告)号:US20080127303A1
公开(公告)日:2008-05-29
申请号:US11564204
申请日:2006-11-28
摘要: A security program code generator is configured to automatically generate program code used to perform one or more validation checks of components operating in user mode. In one implementation, for example, the program code generator receives one or more files that include declarative values and parameters regarding one or more function calls made by any user mode component. The program code generator then takes the file of declarative call descriptions and automatically generates a user mode stub and a kernel mode stub for each function call of interest to be handled by a kernel mode component. The file(s) that include the user mode stub and the kernel mode stub can then be compiled and linked into the operating system components.
摘要翻译: 安全程序代码生成器被配置为自动生成用于对在用户模式下操作的组件执行一个或多个验证检查的程序代码。 在一个实现中,例如,程序代码生成器接收一个或多个文件,该文件包括关于由任何用户模式组件进行的一个或多个功能调用的声明值和参数。 然后,程序代码生成器接受声明性调用描述文件,并自动生成用于由每个内核模式组件处理的感兴趣的函数调用的用户模式存根和内核模式存根。 然后可以将包含用户模式存根和内核模式存根的文件编译并链接到操作系统组件中。
-
公开(公告)号:US20080127142A1
公开(公告)日:2008-05-29
申请号:US11564249
申请日:2006-11-28
IPC分类号: G06F9/45
CPC分类号: G06F21/53 , G06F8/437 , G06F9/45516 , G06F9/52
摘要: Unsafe application programs that implement managed code can be executed in a secure fashion. In particular, an operating system can be configured to execute an application program in user mode, but handle managed code compilation through a type-safe JIT compiler operating in kernel mode. The operating system can also designate a single memory location to be accessed through multiple address spaces with different permission sets. An application program operating in user mode can be executed in the read/execute address space, while the JIT compiler operates in a read/write address space. When encountering one or more pointers to intermediate language code, the application runtime can send one or more compilation requests to a kernel mode security component, which validates the requests. If validated, the JIT compiler will compile the requested intermediate language code, and the application program can access the compiled code from a shared memory heap.
摘要翻译: 实施托管代码的不安全的应用程序可以以安全的方式执行。 特别地,可以将操作系统配置为以用户模式执行应用程序,但通过在内核模式下操作的类型安全的JIT编译器处理托管代码编译。 操作系统还可以指定通过具有不同权限集合的多个地址空间来访问的单个存储器位置。 可以在读/执行地址空间中执行以用户模式运行的应用程序,而JIT编译器在读/写地址空间中运行。 当遇到一个或多个指向中间语言代码的指针时,应用程序运行时可以向内核模式安全组件发送一个或多个编译请求,该组件验证请求。 如果验证,则JIT编译器将编译所请求的中间语言代码,应用程序可以从共享内存堆访问编译的代码。
-
-
-
-