Applying a permission grant set to a call stack during runtime
A system and method determine whether a called code frame has a requested permission available to it, so as to be able to execute a protected operation. A code frame is contained within a code assembly received from a remote or local resource location. A policy manager generates a permission grant s...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | LaMacchia, Brian A Fee, Gregory Darrell Kohnfelder, Loren M Kamath, Ashok Cholpady |
| description | A system and method determine whether a called code frame has a requested permission available to it, so as to be able to execute a protected operation. A code frame is contained within a code assembly received from a remote or local resource location. A policy manager generates a permission grant set containing permission grant objects associated with the code assembly. Both the permission grant set and the code assembly are loaded into a runtime call stack for runtime execution of one or more code frames. Calls to other code frames may involve loading additional code assemblies and permission grant sets into the runtime call stack. In order for a called code frame to perform a protected operation, the code frame demands a requested permission from its calling code frame and all code frames preceding the calling code frame on the runtime call stack as part of a stack walk operation. If the calling code frame and the preceding call frames can satisfy the requested permission, the called code frame can perform the protected operation (absent stack overrides). Otherwise, a security exception is thrown and the called code frame is inhibited from performing the protected operation (absent stack overrides). Stack overrides may be employed to dynamically modify the stack walk operation. To increase performance, a stack walk may be avoided by caching an intersection of the permission grants of all code assemblies in the application. |
| format | Patent |
| fullrecord | <record><control><sourceid>uspatents_EFH</sourceid><recordid>TN_cdi_uspatents_grants_07076557</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>07076557</sourcerecordid><originalsourceid>FETCH-uspatents_grants_070765573</originalsourceid><addsrcrecordid>eNrjZLBzLCjIqczMS1dIVChILcrNLC7OzM9TSC9KzCtRKE4tUSjJB8okJ-bkKBSXJCZnK6SUFoFUF5XmlWTmpvIwsKYl5hSn8kJpbgYFN9cQZw_d0uKCxJLUvJLieLBRxfEG5gbmZqam5sZEKAEAAlExNg</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Applying a permission grant set to a call stack during runtime</title><source>USPTO Issued Patents</source><creator>LaMacchia, Brian A ; Fee, Gregory Darrell ; Kohnfelder, Loren M ; Kamath, Ashok Cholpady</creator><creatorcontrib>LaMacchia, Brian A ; Fee, Gregory Darrell ; Kohnfelder, Loren M ; Kamath, Ashok Cholpady ; Microsoft Corporation</creatorcontrib><description>A system and method determine whether a called code frame has a requested permission available to it, so as to be able to execute a protected operation. A code frame is contained within a code assembly received from a remote or local resource location. A policy manager generates a permission grant set containing permission grant objects associated with the code assembly. Both the permission grant set and the code assembly are loaded into a runtime call stack for runtime execution of one or more code frames. Calls to other code frames may involve loading additional code assemblies and permission grant sets into the runtime call stack. In order for a called code frame to perform a protected operation, the code frame demands a requested permission from its calling code frame and all code frames preceding the calling code frame on the runtime call stack as part of a stack walk operation. If the calling code frame and the preceding call frames can satisfy the requested permission, the called code frame can perform the protected operation (absent stack overrides). Otherwise, a security exception is thrown and the called code frame is inhibited from performing the protected operation (absent stack overrides). Stack overrides may be employed to dynamically modify the stack walk operation. To increase performance, a stack walk may be avoided by caching an intersection of the permission grants of all code assemblies in the application.</description><language>eng</language><creationdate>2006</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7076557$$EPDF$$P50$$Guspatents$$Hfree_for_read</linktopdf><link.rule.ids>230,308,776,798,881,64012</link.rule.ids><linktorsrc>$$Uhttps://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7076557$$EView_record_in_USPTO$$FView_record_in_$$GUSPTO$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>LaMacchia, Brian A</creatorcontrib><creatorcontrib>Fee, Gregory Darrell</creatorcontrib><creatorcontrib>Kohnfelder, Loren M</creatorcontrib><creatorcontrib>Kamath, Ashok Cholpady</creatorcontrib><creatorcontrib>Microsoft Corporation</creatorcontrib><title>Applying a permission grant set to a call stack during runtime</title><description>A system and method determine whether a called code frame has a requested permission available to it, so as to be able to execute a protected operation. A code frame is contained within a code assembly received from a remote or local resource location. A policy manager generates a permission grant set containing permission grant objects associated with the code assembly. Both the permission grant set and the code assembly are loaded into a runtime call stack for runtime execution of one or more code frames. Calls to other code frames may involve loading additional code assemblies and permission grant sets into the runtime call stack. In order for a called code frame to perform a protected operation, the code frame demands a requested permission from its calling code frame and all code frames preceding the calling code frame on the runtime call stack as part of a stack walk operation. If the calling code frame and the preceding call frames can satisfy the requested permission, the called code frame can perform the protected operation (absent stack overrides). Otherwise, a security exception is thrown and the called code frame is inhibited from performing the protected operation (absent stack overrides). Stack overrides may be employed to dynamically modify the stack walk operation. To increase performance, a stack walk may be avoided by caching an intersection of the permission grants of all code assemblies in the application.</description><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2006</creationdate><recordtype>patent</recordtype><sourceid>EFH</sourceid><recordid>eNrjZLBzLCjIqczMS1dIVChILcrNLC7OzM9TSC9KzCtRKE4tUSjJB8okJ-bkKBSXJCZnK6SUFoFUF5XmlWTmpvIwsKYl5hSn8kJpbgYFN9cQZw_d0uKCxJLUvJLieLBRxfEG5gbmZqam5sZEKAEAAlExNg</recordid><startdate>20060711</startdate><enddate>20060711</enddate><creator>LaMacchia, Brian A</creator><creator>Fee, Gregory Darrell</creator><creator>Kohnfelder, Loren M</creator><creator>Kamath, Ashok Cholpady</creator><scope>EFH</scope></search><sort><creationdate>20060711</creationdate><title>Applying a permission grant set to a call stack during runtime</title><author>LaMacchia, Brian A ; Fee, Gregory Darrell ; Kohnfelder, Loren M ; Kamath, Ashok Cholpady</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-uspatents_grants_070765573</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2006</creationdate><toplevel>online_resources</toplevel><creatorcontrib>LaMacchia, Brian A</creatorcontrib><creatorcontrib>Fee, Gregory Darrell</creatorcontrib><creatorcontrib>Kohnfelder, Loren M</creatorcontrib><creatorcontrib>Kamath, Ashok Cholpady</creatorcontrib><creatorcontrib>Microsoft Corporation</creatorcontrib><collection>USPTO Issued Patents</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>LaMacchia, Brian A</au><au>Fee, Gregory Darrell</au><au>Kohnfelder, Loren M</au><au>Kamath, Ashok Cholpady</au><aucorp>Microsoft Corporation</aucorp><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Applying a permission grant set to a call stack during runtime</title><date>2006-07-11</date><risdate>2006</risdate><abstract>A system and method determine whether a called code frame has a requested permission available to it, so as to be able to execute a protected operation. A code frame is contained within a code assembly received from a remote or local resource location. A policy manager generates a permission grant set containing permission grant objects associated with the code assembly. Both the permission grant set and the code assembly are loaded into a runtime call stack for runtime execution of one or more code frames. Calls to other code frames may involve loading additional code assemblies and permission grant sets into the runtime call stack. In order for a called code frame to perform a protected operation, the code frame demands a requested permission from its calling code frame and all code frames preceding the calling code frame on the runtime call stack as part of a stack walk operation. If the calling code frame and the preceding call frames can satisfy the requested permission, the called code frame can perform the protected operation (absent stack overrides). Otherwise, a security exception is thrown and the called code frame is inhibited from performing the protected operation (absent stack overrides). Stack overrides may be employed to dynamically modify the stack walk operation. To increase performance, a stack walk may be avoided by caching an intersection of the permission grants of all code assemblies in the application.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_uspatents_grants_07076557 |
| source | USPTO Issued Patents |
| title | Applying a permission grant set to a call stack during runtime |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-05T01%3A38%3A21IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-uspatents_EFH&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=LaMacchia,%20Brian%20A&rft.aucorp=Microsoft%20Corporation&rft.date=2006-07-11&rft_id=info:doi/&rft_dat=%3Cuspatents_EFH%3E07076557%3C/uspatents_EFH%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |