A method and system for enforcing a security policy via a security virtual machine

A method and system for enforcing a security policy via a security virtual machine

A method in a computer system for enforcing a security policy is disclosed. The method includes the steps of (a) providing a security policy, (b) compiling the security policy into a security program based on an instruction set of a security virtual machine, where the security policy specifies secur...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: BAKER, ARTHUR H
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method in a computer system for enforcing a security policy is disclosed. The method includes the steps of (a) providing a security policy, (b) compiling the security policy into a security program based on an instruction set of a security virtual machine, where the security policy specifies security for system calls, (c) loading the security program into an instruction store of the security virtual machine, and (d) upon occurrence of a security enforcement event, that occurs during execution of an application outside of the security virtual machine, executing the instructions of the instruction store based on data of the security enforcement event to enforce the security policy. The security enforcement event is an application placing a system call.