DE3851049T2 - Ein Sicherheitswegmechanismus für ein Betriebssystem. - Google Patents

Ein Sicherheitswegmechanismus für ein Betriebssystem.

Info

Publication number: DE3851049T2
Authority: DE; Germany
Prior art keywords: operating system; path mechanism; security path; security; operating
Prior art date: 1988-01-28
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.): Expired - Fee Related

Application number

DE3851049T

Other languages

English (en)

Other versions

DE3851049D1 (de

Inventor

Gary Linn Luckenbaugh

Abhai Johri

Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)

International Business Machines Corp

Original Assignee

International Business Machines Corp

Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)

1988-01-28

Filing date

1988-12-22

Publication date

1995-03-09

1988-12-22 Application filed by International Business Machines Corp filed Critical International Business Machines Corp

1994-09-15 Publication of DE3851049D1 publication Critical patent/DE3851049D1/de

1995-03-09 Application granted granted Critical

1995-03-09 Publication of DE3851049T2 publication Critical patent/DE3851049T2/de

2008-12-23 Anticipated expiration legal-status Critical

Status Expired - Fee Related legal-status Critical Current

Links

Classifications

- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/468—Specific access rights for resources, e.g. using capability register
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/009—Trust

DE3851049T 1988-01-28 1988-12-22 Ein Sicherheitswegmechanismus für ein Betriebssystem. Expired - Fee Related DE3851049T2 (de)

Applications Claiming Priority (1)

Application Number	Priority Date	Filing Date	Title
US07/149,446 US4918653A (en)	1988-01-28	1988-01-28	Trusted path mechanism for an operating system

Publications (2)

Publication Number	Publication Date
DE3851049D1 DE3851049D1 (de)	1994-09-15
DE3851049T2 true DE3851049T2 (de)	1995-03-09

Family

ID=22530315

Family Applications (1)

Application Number	Title	Priority Date	Filing Date
DE3851049T Expired - Fee Related DE3851049T2 (de)	1988-01-28	1988-12-22	Ein Sicherheitswegmechanismus für ein Betriebssystem.

Country Status (4)

Country	Link
US (1)	US4918653A (de)
EP (1)	EP0325776B1 (de)
JP (1)	JPH01233543A (de)
DE (1)	DE3851049T2 (de)

Families Citing this family (105)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US4984272A (en) *	1988-11-30	1991-01-08	At&T Bell Laboratories	Secure file handling in a computer operating system
CA2025160A1 (en) *	1989-09-28	1991-03-29	John W. White	Portable and dynamic distributed applications architecture
US6507909B1 (en)	1990-02-13	2003-01-14	Compaq Information Technologies Group, L.P.	Method for executing trusted-path commands
US5204961A (en) *	1990-06-25	1993-04-20	Digital Equipment Corporation	Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols
US5625821A (en) *	1991-08-12	1997-04-29	International Business Machines Corporation	Asynchronous or synchronous operation of event signaller by event management services in a computer system
US5237684A (en) *	1991-08-12	1993-08-17	International Business Machines Corporation	Customized and versatile event monitor within event management services of a computer system
US5305454A (en) *	1991-08-12	1994-04-19	International Business Machines Corporation	Notification of event handlers in broadcast or propagation mode by event management services in a computer system
US5355484A (en) *	1991-08-12	1994-10-11	International Business Machines Corporation	Dynamically established event monitors in event management services of a computer system
CA2082146C (en) *	1991-10-29	2005-11-15	Brendan Beahan	Communications security and trusted path method and means
US5317695A (en) *	1992-04-03	1994-05-31	International Business Machines Corporation	Method and system for permitting communication between a data processing system and input pointing devices of multiple types
US5276735A (en) *	1992-04-17	1994-01-04	Secure Computing Corporation	Data enclave and trusted path system
US5596718A (en) *	1992-07-10	1997-01-21	Secure Computing Corporation	Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
US5361359A (en) *	1992-08-31	1994-11-01	Trusted Information Systems, Inc.	System and method for controlling the use of a computer
US6771617B1 (en)	1993-06-17	2004-08-03	Gilat Satellite Networks, Ltd.	Frame relay protocol-based multiplex switching scheme for satellite mesh network
US5434850A (en)	1993-06-17	1995-07-18	Skydata Corporation	Frame relay protocol-based multiplex switching scheme for satellite
US5675771A (en) *	1993-09-28	1997-10-07	Bull Hn Information Systems Inc.	Mechanism for enabling emulation system users to directly invoke a number of host system facilities for executing host procedures either synchronously or asynchronously in a secure manner through automatically created shell mechanisms
US5566326A (en) *	1993-09-28	1996-10-15	Bull Hn Information Systems Inc.	Copy file mechanism for transferring files between a host system and an emulated file system
US5572711A (en) *	1993-09-28	1996-11-05	Bull Hn Information Systems Inc.	Mechanism for linking together the files of emulated and host system for access by emulated system users
US5664098A (en) *	1993-09-28	1997-09-02	Bull Hn Information Systems Inc.	Dual decor capability for a host system which runs emulated application programs to enable direct access to host facilities for executing emulated system operations
US5544322A (en) *	1994-05-09	1996-08-06	International Business Machines Corporation	System and method for policy-based inter-realm authentication within a distributed processing system
US6701370B1 (en) *	1994-06-08	2004-03-02	Hughes Electronics Corporation	Network system with TCP/IP protocol spoofing
US6473793B1 (en) *	1994-06-08	2002-10-29	Hughes Electronics Corporation	Method and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users
WO1995034153A1 (en)	1994-06-08	1995-12-14	Hughes Aircraft Company	Apparatus and method for hybrid network access
US5652795A (en)	1994-11-14	1997-07-29	Hughes Electronics	Method and apparatus for an adapter card providing conditional access in a communication system
JPH08272567A (ja) *	1995-03-14	1996-10-18	Ncr Internatl Inc	Ｕｎｉｘシステムにおけるスクリーンイメージの印刷方法
US6006328A (en) *	1995-07-14	1999-12-21	Christopher N. Drake	Computer software authentication, protection, and security system
AU725098B2 (en) *	1995-07-14	2000-10-05	Christopher Nathan Drake	Computer software authentication, protection, and security system
US5734820A (en)	1996-03-11	1998-03-31	Sterling Commerce, Inc.	Security apparatus and method for a data communications system
US5841869A (en) *	1996-08-23	1998-11-24	Cheyenne Property Trust	Method and apparatus for trusted processing
US6088779A (en) *	1996-12-30	2000-07-11	Fujitsu Limited	System and method for execution management of computer programs
US5978912A (en) *	1997-03-20	1999-11-02	Phoenix Technologies Limited	Network enhanced BIOS enabling remote management of a computer without a functioning operating system
US5991860A (en) *	1997-04-23	1999-11-23	Advanced Micro Devices, Inc.	Root file system size increase on a unix based computer system
US5968170A (en) *	1997-04-23	1999-10-19	Advanced Micro Devices, Inc.	Primary swap size increase on a UNIX based computer system
US6119212A (en) *	1997-04-23	2000-09-12	Advanced Micro Devices, Inc.	Root size decrease on a UNIX based computer system
US5964874A (en) *	1997-04-23	1999-10-12	Advanced Micro Devices, Inc.	Swap size decrease on a UNIX based computer system
US6141771A (en) *	1998-02-06	2000-10-31	International Business Machines Corporation	Method and system for providing a trusted machine state
US6219770B1 (en) *	1998-03-23	2001-04-17	Compaq Computer Corporation	Method and apparatus for managing copy on write operations in a virtual memory
US6289344B1 (en)	1998-05-11	2001-09-11	International Business Machines Corporation	Context-sensitive authorization in an RDBMS
US6289463B1 (en)	1998-12-29	2001-09-11	Ncr Corporation	Establishing communications between a computer system using a Unix operating platform and a computer system using a Windows NT operation platform
US7644439B2 (en) *	1999-05-03	2010-01-05	Cisco Technology, Inc.	Timing attacks against user logon and network I/O
US7451484B1 (en) *	1999-05-27	2008-11-11	International Business Machines Corporation	Method for enabling a program written in untrusted code to interact with a security subsystem of a hosting operating system
EP1076279A1 (de) *	1999-08-13	2001-02-14	Hewlett-Packard Company	Computerplattformen und deren Betriebsverfahren
GB9922665D0 (en)	1999-09-25	1999-11-24	Hewlett Packard Co	A method of enforcing trusted functionality in a full function platform
FR2804234B1 (fr) *	2000-01-24	2003-05-09	Gemplus Card Int	Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes
US6895502B1 (en)	2000-06-08	2005-05-17	Curriculum Corporation	Method and system for securely displaying and confirming request to perform operation on host computer
US6907524B1 (en)	2000-10-13	2005-06-14	Phoenix Technologies Ltd.	Extensible firmware interface virus scan
US7073173B1 (en) *	2000-12-04	2006-07-04	Microsoft Corporation	Code and thread differential addressing via multiplex page maps
US8909555B2 (en) *	2001-04-24	2014-12-09	Hewlett-Packard Development Company, L.P.	Information security system
US7260820B1 (en)	2001-04-26	2007-08-21	Vm Ware, Inc.	Undefeatable transformation for virtual machine I/O operations
US7428636B1 (en) *	2001-04-26	2008-09-23	Vmware, Inc.	Selective encryption system and method for I/O operations
US7089561B2 (en) *	2001-06-01	2006-08-08	Microsoft Corporation	Methods and systems for creating and communicating with computer processes
KR100439171B1 (ko) *	2001-11-21	2004-07-05	한국전자통신연구원	접근제어 처리 기법을 이용한 클라이언트와 시스템간의신뢰경로 보장 방법
US7085933B2 (en) *	2002-06-11	2006-08-01	Lenvo (Singapore) Pte, Ltd.	Computer system apparatus and method for improved assurance of authentication
GB2390249B (en)	2002-06-28	2005-12-14	Sony Uk Ltd	Embedded data in an information signal
US7219234B1 (en)	2002-07-24	2007-05-15	Unisys Corporation	System and method for managing access rights and privileges in a data processing system
WO2004015516A2 (en) *	2002-07-31	2004-02-19	Secure Tx Pte Ltd	System and method for secure data entry
GB2392262A (en) *	2002-08-23	2004-02-25	Hewlett Packard Co	A method of controlling the processing of data
US7266658B2 (en) *	2002-09-12	2007-09-04	International Business Machines Corporation	System, method, and computer program product for prohibiting unauthorized access to protected memory regions
US7380246B2 (en) *	2003-12-15	2008-05-27	Lenovo (Singapore) Pte. Ltd.	Method and system of accessing at least one target file in a computer system with an operating system with file locking implemented with byte-range locking
US20050131960A1 (en) *	2003-12-15	2005-06-16	Reed Benjamin C.	Method and system of accessing at least one target file in a computer system with an operating system with file locking implemented at file-open time
US7783891B2 (en) *	2004-02-25	2010-08-24	Microsoft Corporation	System and method facilitating secure credential management
US8719591B1 (en)	2004-05-14	2014-05-06	Radix Holdings, Llc	Secure data entry
US8219807B1 (en)	2004-12-17	2012-07-10	Novell, Inc.	Fine grained access control for linux services
US8271785B1 (en)	2004-12-20	2012-09-18	Novell, Inc.	Synthesized root privileges
US20060137000A1 (en) *	2004-12-20	2006-06-22	Isaacson Scott A	Method binding network administrators as the root user on linux
US8214398B1 (en)	2005-02-16	2012-07-03	Emc Corporation	Role based access controls
US8539587B2 (en)	2005-03-22	2013-09-17	Hewlett-Packard Development Company, L.P.	Methods, devices and data structures for trusted data
US8074214B2 (en) *	2005-05-19	2011-12-06	Oracle International Corporation	System for creating a customized software installation on demand
US8352935B2 (en)	2005-05-19	2013-01-08	Novell, Inc.	System for creating a customized software distribution based on user requirements
JP4647392B2 (ja) *	2005-05-23	2011-03-09	京セラ株式会社	デバイス制御装置、デバイス制御方法およびプログラム
US7996659B2 (en) *	2005-06-06	2011-08-09	Atmel Corporation	Microprocessor instruction that allows system routine calls and returns from all contexts
US20070011744A1 (en) *	2005-07-11	2007-01-11	Cox Communications	Methods and systems for providing security from malicious software
US9087218B1 (en)	2005-08-11	2015-07-21	Aaron T. Emigh	Trusted path
US7996682B2 (en) *	2005-10-17	2011-08-09	Microsoft Corporation	Secure prompting
US8676973B2 (en) *	2006-03-07	2014-03-18	Novell Intellectual Property Holdings, Inc.	Light-weight multi-user browser
US7730480B2 (en)	2006-08-22	2010-06-01	Novell, Inc.	System and method for creating a pattern installation by cloning software installed another computer
US8516484B2 (en) *	2008-02-01	2013-08-20	International Business Machines Corporation	Wake-and-go mechanism for a data processing system
US8732683B2 (en)	2008-02-01	2014-05-20	International Business Machines Corporation	Compiler providing idiom to idiom accelerator
US8312458B2 (en) *	2008-02-01	2012-11-13	International Business Machines Corporation	Central repository for wake-and-go mechanism
US8880853B2 (en) *	2008-02-01	2014-11-04	International Business Machines Corporation	CAM-based wake-and-go snooping engine for waking a thread put to sleep for spinning on a target address lock
US8127080B2 (en) *	2008-02-01	2012-02-28	International Business Machines Corporation	Wake-and-go mechanism with system address bus transaction master
US8316218B2 (en) *	2008-02-01	2012-11-20	International Business Machines Corporation	Look-ahead wake-and-go engine with speculative execution
US8250396B2 (en)	2008-02-01	2012-08-21	International Business Machines Corporation	Hardware wake-and-go mechanism for a data processing system
US8452947B2 (en) *	2008-02-01	2013-05-28	International Business Machines Corporation	Hardware wake-and-go mechanism and content addressable memory with instruction pre-fetch look-ahead to detect programming idioms
US7865705B2 (en) *	2008-02-01	2011-01-04	International Business Machines Corporation	Branch target address cache including address type tag bit
US8640141B2 (en) *	2008-02-01	2014-01-28	International Business Machines Corporation	Wake-and-go mechanism with hardware private array
US8612977B2 (en) *	2008-02-01	2013-12-17	International Business Machines Corporation	Wake-and-go mechanism with software save of thread state
US8341635B2 (en)	2008-02-01	2012-12-25	International Business Machines Corporation	Hardware wake-and-go mechanism with look-ahead polling
US8225120B2 (en) *	2008-02-01	2012-07-17	International Business Machines Corporation	Wake-and-go mechanism with data exclusivity
US8725992B2 (en)	2008-02-01	2014-05-13	International Business Machines Corporation	Programming language exposing idiom calls to a programming idiom accelerator
US8145849B2 (en) *	2008-02-01	2012-03-27	International Business Machines Corporation	Wake-and-go mechanism with system bus response
US8386822B2 (en) *	2008-02-01	2013-02-26	International Business Machines Corporation	Wake-and-go mechanism with data monitoring
US8171476B2 (en) *	2008-02-01	2012-05-01	International Business Machines Corporation	Wake-and-go mechanism with prioritization of threads
US8788795B2 (en) *	2008-02-01	2014-07-22	International Business Machines Corporation	Programming idiom accelerator to examine pre-fetched instruction streams for multiple processors
US9166797B2 (en) *	2008-10-24	2015-10-20	Microsoft Technology Licensing, Llc	Secured compartment for transactions
US8230201B2 (en) *	2009-04-16	2012-07-24	International Business Machines Corporation	Migrating sleeping and waking threads between wake-and-go mechanisms in a multiple processor data processing system
US8082315B2 (en)	2009-04-16	2011-12-20	International Business Machines Corporation	Programming idiom accelerator for remote update
US8145723B2 (en) *	2009-04-16	2012-03-27	International Business Machines Corporation	Complex remote update programming idiom accelerator
US8886919B2 (en) *	2009-04-16	2014-11-11	International Business Machines Corporation	Remote update programming idiom accelerator with allocated processor resources
JP2013523043A (ja)	2010-03-22	2013-06-13	エルアールディシーシステムズ、エルエルシー	ソースデータセットの完全性を識別及び保護する方法
CN102663274B (zh) *	2012-02-07	2015-12-02	北京奇虎科技有限公司	一种检测远程入侵计算机行为的方法及系统
US20150012739A1 (en) *	2012-04-25	2015-01-08	Zi-Jiang Yang	Switching of operating systems
KR101732889B1 (ko) *	2013-11-04	2017-05-08	한국전자통신연구원	임베디드 시스템에서 쉘 커맨드의 안전 실행 보장 장치 및 방법
US10362136B2 (en) *	2014-08-20	2019-07-23	Visa International Service Association	Device profile data usage for state management in mobile device authentication
CN106934303B (zh) *	2015-12-29	2020-10-30	大唐高鸿信安（浙江）信息科技有限公司	基于可信芯片的可信操作系统创建可信进程的系统及方法

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US4227253A (en) *	1977-12-05	1980-10-07	International Business Machines Corporation	Cryptographic communication security for multiple domain networks
US4310720A (en) *	1978-03-31	1982-01-12	Pitney Bowes Inc.	Computer accessing system
US4218738A (en) *	1978-05-05	1980-08-19	International Business Machines Corporation	Method for authenticating the identity of a user of an information system
US4430728A (en) *	1981-12-29	1984-02-07	Marathon Oil Company	Computer terminal security system
US4531023A (en) *	1982-08-13	1985-07-23	Hlf Corporation	Computer security system for a time shared computer accessed over telephone lines
US4652990A (en) *	1983-10-27	1987-03-24	Remote Systems, Inc.	Protected software access control apparatus and method
US4677546A (en) *	1984-08-17	1987-06-30	Signetics	Guarded regions for controlling memory access
US4694396A (en) *	1985-05-06	1987-09-15	Computer X, Inc.	Method of inter-process communication in a distributed data processing system
US4754395A (en) *	1985-05-06	1988-06-28	Computer X, Inc.	Network interface module with minimized data paths
US4742447A (en) *	1986-01-16	1988-05-03	International Business Machines Corporation	Method to control I/O accesses in a multi-tasking virtual memory virtual machine type data processing system

1988
- 1988-01-28 US US07/149,446 patent/US4918653A/en not_active Expired - Fee Related
- 1988-12-22 DE DE3851049T patent/DE3851049T2/de not_active Expired - Fee Related
- 1988-12-22 EP EP88121478A patent/EP0325776B1/de not_active Expired - Lifetime
1989
- 1989-01-30 JP JP1017842A patent/JPH01233543A/ja active Pending

Also Published As

Publication number	Publication date
JPH01233543A (ja)	1989-09-19
DE3851049D1 (de)	1994-09-15
EP0325776A3 (de)	1992-01-22
US4918653A (en)	1990-04-17
EP0325776A2 (de)	1989-08-02
EP0325776B1 (de)	1994-08-10

Legal Events

Date	Code	Title	Description
1995-09-07	8364	No opposition during term of opposition
1997-12-11	8339	Ceased/non-payment of the annual fee

Publication	Publication Date	Title
DE3851049D1 (de)	1994-09-15	Ein Sicherheitswegmechanismus für ein Betriebssystem.
DE3855378D1 (de)	1996-07-25	Ein Fernsicherheitswegmechanismus für Telnet
DE68911246D1 (de)	1994-01-20	Steuersystem für Drucker.
DE69010543T2 (de)	1995-02-09	Festhaltemechanismus für Pfropfen.
DE68908855D1 (de)	1993-10-07	Steuersystem für Satellit.
DE68919903T2 (de)	1995-07-06	Positionskontrollsystem für eine Speicherplatteneinheit.
DE68919017D1 (de)	1994-12-01	Ruck-Steuerung für ein Antriebssystem.
DE69004483T2 (de)	1994-03-03	Steuerung für einen Labeldrucker.
DE58907561D1 (de)	1994-06-01	Halterung für ein Langbügelschloss.
DE68915708T2 (de)	1994-12-22	Verschiebungsmechanismus für einen Thermo-Druckkopf.
DE3853168T2 (de)	1995-06-29	Kombinationsschloss für ein blutidentifikationssystem.
DE68911059T2 (de)	1994-03-24	Ruck-Steuerungssystem für ein Antriebssystem.
DE69007874T2 (de)	1994-07-21	Regelungsanordnung für ein Verfahrensinstrumentierungssystem.
DE68912592T2 (de)	1994-07-28	Anordnung für ein markierungssystem.
DE68916254D1 (de)	1994-07-21	Bewegungssteuerung für ein fahrzeug.
DE68907793T2 (de)	1994-02-10	Steuerung für ein Kopiergerät.
DE69005493T2 (de)	1994-06-09	Bremsbetätigungseinrichtung für ein Fahrrad.
DE68913439D1 (de)	1994-04-07	Schlossmechanismus für ein strombegrenzendes Schütz.
DE59007140D1 (de)	1994-10-20	Alarmanlage für ein Geldspielgerät.
DE68913869D1 (de)	1994-04-21	Beschleunigungssteuerung für eine Druckkopfanordnung.
DE68910075T2 (de)	1994-05-19	Datenverarbeitungssystem für Ladeprogrammechanismus.
DE3850259D1 (de)	1994-07-21	Blockierungsanordnung für ein werkzeug tragendes fahrzeug.
DE58908770D1 (de)	1995-01-26	Koppelfeld für ein Vermittlungssystem.
DE68923073T2 (de)	1995-11-09	Steuerschaltung für eine PLL Schaltung.
DE69021740T2 (de)	1996-04-18	Kassette für eine filmeinheit.