专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP0768594A1 Computer system security 失效
标题翻译： Rechnersystemsicherheit
公开(公告)号：EP0768594A1
公开(公告)日：1997-04-16
申请号：EP96307368.9
申请日：1996-10-10
申请人： DATA GENERAL CORPORATION
发明人： Hayman, Kenneth John , Lewine, Eric Scott , Keene, Michael Donovan , Meyers, William James , Spencer, Jon Frederick , Taylor, Millard Cranford, II
IPC分类号： G06F1/00
CPC分类号： G06F21/31 , G06F2221/2113 , Y10S707/99931
摘要： A security system for a computer system imposes specific limitations on who has access to the computer system and to exactly what operations and data. Viruses are securely contained and prevented from expanding into areas where they can destroy stored programs or data. Viruses are also prevented from being introduced or executed in a large number of instances. The totality of computer functions is broken up into a set of events with an associated set of capabilities and different capabilities are assigned to each user depending on the particular job which that user is to do on the computer system. Also, security labels are placed on each data file and other system resources, and on each process. Further, a range of hierarchy/category labels (MAC labels) is assigned to each process to define a sub-lattice in which special capabilities can apply. Further, the hierarchy of labels is divided into a small number (for example 3) of regions, and a process operating in one region is generally not allowed to cross over into another region. Further an owner of a data file is allowed to place restrictions on the file so that only users who posses certain privileges can gain access to the file.
摘要翻译：计算机系统的安全系统对谁拥有计算机系统的访问权以及准确的操作和数据施加了特定的限制。病毒被安全地包含并阻止扩展到可以销毁存储的程序或数据的区域。病毒也被阻止在许多情况下引入或执行。计算机功能的整体被分解成具有相关联的能力集合的一组事件，并且根据用户在计算机系统上要做的具体工作，将不同的功能分配给每个用户。此外，安全标签放置在每个数据文件和其他系统资源以及每个进程上。此外，分配/分类标签（MAC标签）的范围被分配给每个进程以定义可应用特殊能力的子格。此外，标签的层次被划分为少数（例如3个）区域，并且在一个区域中操作的处理通常不允许跨越到另一个区域。此外，数据文件的所有者可以对文件进行限制，以便只有具有某些权限的用户可以访问该文件。

IPRDB

热门服务

关于我们

友情链接

联系方式