专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US5859966A Security system for computer systems 失效
标题翻译：计算机系统安全系统
公开(公告)号：US5859966A
公开(公告)日：1999-01-12
申请号：US541636
申请日：1995-10-10
申请人： Kenneth John Hayman , Michael Donovan Keene , Eric Scott Lewine , William James Meyers , Jon Frederick Spencer , Millard Cranford Taylor, II
发明人： Kenneth John Hayman , Michael Donovan Keene , Eric Scott Lewine , William James Meyers , Jon Frederick Spencer , Millard Cranford Taylor, II
IPC分类号： G06F12/14 , G06F1/00 , G06F21/00 , G06F21/22 , G06F21/24 , H04L9/00
CPC分类号： G06F21/31 , G06F2221/2113 , Y10S707/99931
摘要： A security system for a computer system imposes specific limitations on who has access to the computer system and to exactly what operations and data. Viruses are securely contained and prevented from expanding into areas where they can destroy stored programs or data. Viruses are also prevented from being introduced or executed in a large number of instances. The totality of computer functions is broken up into a set of events with an associated set of capabilities and different capabilities are assigned to each user depending on the particular job which that user is to do on the computer system. Also, security labels are placed on each data file and other system resources, and on each process. Further, a range of hierarchy/category labels (MAC labels) is assigned to each process to define a sub-lattice in which special capabilities can apply. Further, the hierarchy of labels is divided into a small number (for example 3) of regions, and a process operating in one region is generally not allowed to cross over into another region. Further, an owner of a data file is allowed to place restrictions on the file so that only users who posses certain privileges can gain access to the file.
摘要翻译：计算机系统的安全系统对谁拥有计算机系统的访问权限以及准确的操作和数据施加了特定的限制。病毒被安全地包含并防止扩展到可以销毁存储的程序或数据的区域。病毒也被阻止在许多情况下引入或执行。计算机功能的整体被分解成具有相关联的能力集合的一组事件，并且根据该用户在计算机系统上要做的特定作业将不同的能力分配给每个用户。此外，安全标签放置在每个数据文件和其他系统资源以及每个进程上。此外，分配/分类标签（MAC标签）的范围被分配给每个进程以定义其中可以应用特殊能力的子格。此外，标签的层次被划分为少数（例如3个）区域，并且在一个区域中操作的处理通常不允许跨越到另一个区域。此外，允许数据文件的所有者对文件进行限制，以便只有拥有某些权限的用户才能访问该文件。

IPRDB

热门服务

关于我们

友情链接

联系方式