최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0070787 (1993-06-03) |
발명자 / 주소 |
|
인용정보 | 피인용 횟수 : 334 인용 특허 : 0 |
Method and apparatus are disclosed including a system monitor which limits the ability of a program about to be executed to the use of predefined resources (e.g., data files, disk writing capabilities, etc.). The system monitor processes a data structure including a set of authorities defining that
Method and apparatus are disclosed including a system monitor which limits the ability of a program about to be executed to the use of predefined resources (e.g., data files, disk writing capabilities, etc.). The system monitor processes a data structure including a set of authorities defining that which a program is permitted to do and/or that which the program is precluded from doing. The set of authorities and/or restrictions assigned to a program to be executed are referred to as “program authorization information”(or “PAI”). Once defined, the program authorization information is thereafter associated with at least one program to be executed to thereby delineate the resources and functions that the program is allowed to utilize and/or is not allowed to utilize. The PAI associated with a particular program may be assigned by a computer system owner/user or by someone who the computer system owner/user implicitly trusts. The PAI permits an associated program to access what has been authorized and nothing else. The program may be regarded as being placed in a program capability limiting “safety box”. This “safety box”is thereafter associated with the program such that when the system monitor runs the program, the PAI for that program is likewise loaded and monitored. When the program is to perform a function or access a resource, the associated PAI is monitored to confirm that the operation is within the defined program limits. If the program is prevented from doing anything outside the authorized limits.
In a computer system including processing means for executing a plurality of programs and memory means coupled to said processing means for storing data and for storing at least one program, said computer system having a plurality of computer resources and being capable of performing a wide range of
In a computer system including processing means for executing a plurality of programs and memory means coupled to said processing means for storing data and for storing at least one program, said computer system having a plurality of computer resources and being capable of performing a wide range of information processing related functions under program control, a method for protecting a computer user from operations typically performable by a program while it is executing on behalf of a user, comprising the steps of: establishing a program authorizing information data structure for storing a plurality of authorization entries each indicating at least one of those computer resources and information processing related functions which may be used by an associated program; storing said program authorizing information data structure; and associating the program authorizing information data structure with at least one program to be executed by said computer system to thereby protect the computer user from operations that might be performed by said at least one program, whereby the program authorizing information is available to be monitored when its associated program is executed.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.