会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 3. 发明申请
    • Security requirement determination
    • 安全要求确定
    • US20050172126A1
    • 2005-08-04
    • US10772207
    • 2004-02-03
    • Sebastian LangeGregory FeeAaron GoldfederIvan MedvedevMichael Gashler
    • Sebastian LangeGregory FeeAaron GoldfederIvan MedvedevMichael Gashler
    • G06F21/00H04L9/00
    • G06F21/53
    • All execution paths of one or more assemblies in managed code are simulated to find the permissions for each execution path. The managed code can correspond to a managed shared library or a managed application. Each call in each execution path has a corresponding permissions set. When the library or application has permissions to execute that are not less than the required permission sets for the execution paths, any dynamic execution of the library or application will not trigger a security exception The simulated execution provides a tool that can be used to ensure that code being written will not exceed a maximum security permission for the code. A permission set can be determined by the tool for each assembly corresponding to an application and for each entry point corresponding to a shared library.
    • 托管代码中的一个或多个程序集的所有执行路径都被模拟,以查找每个执行路径的权限。 托管代码可以对应于托管共享库或托管应用程序。 每个执行路径中的每个调用都具有相应的权限集。 当库或应用程序具有不少于执行路径所需权限集的执行权限时,库或应用程序的任何动态执行都不会触发安全异常。模拟执行提供了一种可用于确保 正在编写的代码不会超过代码的最大安全许可。 对于与应用程序对应的每个程序集以及对应于共享库的每个入口点,工具可以确定权限集。
    • 4. 发明申请
    • Filtering a permission set using permission requests associated with a code assembly
    • 使用与代码程序集相关联的权限请求过滤权限集
    • US20060070112A1
    • 2006-03-30
    • US11272639
    • 2005-11-14
    • Brian LaMacchiaLoren KohnfelderGregory FeeMichael Toutonghi
    • Brian LaMacchiaLoren KohnfelderGregory FeeMichael Toutonghi
    • H04L9/00G06F15/16G06F17/00H04K1/00G06F9/00
    • G06F21/52
    • A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.
    • 安全策略管理器为从资源位置接收到的代码集合生成许可权授予集。 策略管理器可以与计算机系统(例如,Web客户机)一起在运行时环境的验证模块和类加载器的组合中执行。 为代码组合生成的许可授权集合被应用于运行时调用堆栈中,以帮助系统确定代码组件的给定系统操作是否被授权。 还可以与代码组合相关联地接收许可请求集合。 许可请求集可以包括最小请求集,指定代码组件正确运行所需的权限。 许可请求集还可以包括可选的请求集合,指定代码组件请求的许可以提供替代级别的功能。 此外,许可请求集合可以包括垃圾请求集合,指定不被授予代码组件的权限。 权限请求用于过滤权限集以生成权限授予集。