DE69838378D1 - Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten - Google Patents

Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten

Info

Publication number
DE69838378D1
DE69838378D1 DE69838378T DE69838378T DE69838378D1 DE 69838378 D1 DE69838378 D1 DE 69838378D1 DE 69838378 T DE69838378 T DE 69838378T DE 69838378 T DE69838378 T DE 69838378T DE 69838378 D1 DE69838378 D1 DE 69838378D1
Authority
DE
Germany
Prior art keywords
guaranteed
security
procedure
ensure
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69838378T
Other languages
English (en)
Other versions
DE69838378T2 (de
Inventor
John Y Lee
Satish K Dharmaraj
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sun Microsystems Inc
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Application granted granted Critical
Publication of DE69838378D1 publication Critical patent/DE69838378D1/de
Publication of DE69838378T2 publication Critical patent/DE69838378T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)
DE69838378T 1997-04-01 1998-03-27 Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten Expired - Lifetime DE69838378T2 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US829990 1997-04-01
US08/829,990 US6167522A (en) 1997-04-01 1997-04-01 Method and apparatus for providing security for servers executing application programs received via a network
PCT/US1998/006116 WO1998044404A1 (en) 1997-04-01 1998-03-27 Method and apparatus for providing security for servers executing application programs received via a network

Publications (2)

Publication Number Publication Date
DE69838378D1 true DE69838378D1 (de) 2007-10-18
DE69838378T2 DE69838378T2 (de) 2008-05-29

Family

ID=25256058

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69838378T Expired - Lifetime DE69838378T2 (de) 1997-04-01 1998-03-27 Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten

Country Status (5)

Country Link
US (1) US6167522A (de)
EP (1) EP0972234B1 (de)
JP (1) JP2002503364A (de)
DE (1) DE69838378T2 (de)
WO (1) WO1998044404A1 (de)

Families Citing this family (82)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5928323A (en) * 1996-05-30 1999-07-27 Sun Microsystems, Inc. Apparatus and method for dynamically generating information with server-side software objects
US8079086B1 (en) 1997-11-06 2011-12-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US7058822B2 (en) 2000-03-30 2006-06-06 Finjan Software, Ltd. Malicious mobile code runtime monitoring system and methods
US6370571B1 (en) 1997-03-05 2002-04-09 At Home Corporation System and method for delivering high-performance online multimedia services
US7529856B2 (en) 1997-03-05 2009-05-05 At Home Corporation Delivering multimedia services
US6453334B1 (en) * 1997-06-16 2002-09-17 Streamtheory, Inc. Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching
US6275938B1 (en) * 1997-08-28 2001-08-14 Microsoft Corporation Security enhancement for untrusted executable code
US7047369B1 (en) * 1997-09-25 2006-05-16 Aladdin Knowledge Systems Ltd. Software application environment
US6584495B1 (en) * 1998-01-30 2003-06-24 Microsoft Corporation Unshared scratch space
IL123512A0 (en) * 1998-03-02 1999-03-12 Security 7 Software Ltd Method and agent for the protection against hostile resource use access
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content
US6691230B1 (en) * 1998-10-15 2004-02-10 International Business Machines Corporation Method and system for extending Java applets sand box with public client storage
US20040030768A1 (en) * 1999-05-25 2004-02-12 Suban Krishnamoorthy Unified system and method for downloading code to heterogeneous devices in distributed storage area networks
JP2001117769A (ja) * 1999-10-20 2001-04-27 Matsushita Electric Ind Co Ltd プログラム実行装置
WO2001035565A2 (en) * 1999-10-26 2001-05-17 At Home Corporation Method and system for authorizing and authenticating users
US6678733B1 (en) 1999-10-26 2004-01-13 At Home Corporation Method and system for authorizing and authenticating users
US6510464B1 (en) * 1999-12-14 2003-01-21 Verizon Corporate Services Group Inc. Secure gateway having routing feature
US6631417B1 (en) * 2000-03-29 2003-10-07 Iona Technologies Plc Methods and apparatus for securing access to a computer
US6985963B1 (en) 2000-08-23 2006-01-10 At Home Corporation Sharing IP network resources
US7036146B1 (en) 2000-10-03 2006-04-25 Sandia Corporation System and method for secure group transactions
US8831995B2 (en) 2000-11-06 2014-09-09 Numecent Holdings, Inc. Optimized server for streamed applications
US7062567B2 (en) 2000-11-06 2006-06-13 Endeavors Technology, Inc. Intelligent network streaming and execution system for conventionally coded applications
US6965939B2 (en) * 2001-01-05 2005-11-15 International Business Machines Corporation Method and apparatus for processing requests in a network data processing system based on a trust association between servers
US7099663B2 (en) * 2001-05-31 2006-08-29 Qualcomm Inc. Safe application distribution and execution in a wireless environment
US6996602B2 (en) * 2001-06-18 2006-02-07 Ford Global Technologies, Llc Server-side page table framework for client application definition and execution
US7392313B2 (en) * 2001-10-18 2008-06-24 International Business Machines Corporation Method and apparatus for partitioned environment for web application servers
US7653814B2 (en) 2001-12-11 2010-01-26 International Business Machines Corporation System and method for securely hyperlinking graphic objects
CA2469633C (en) * 2001-12-13 2011-06-14 Japan Science And Technology Agency Software safety execution system
US7552189B2 (en) * 2002-01-18 2009-06-23 Bea Systems, Inc. System and method for using virtual directories to service URL requests URL requests in application servers
US7197530B2 (en) * 2002-01-18 2007-03-27 Bea Systems, Inc. System and method for pluggable URL pattern matching for servlets and application servers
US20030140100A1 (en) * 2002-01-18 2003-07-24 Sam Pullara System and method for URL response caching and filtering in servlets and application servers
EP1491017A1 (de) * 2002-03-28 2004-12-29 Oleksiy Yuryevich Shevchenko Verfahren und vorrichtung zum schutz gegen unerlaubter zugriff auf einem komputerspeicher
US6961813B2 (en) * 2002-06-21 2005-11-01 Hewlett-Packard Development Company, L.P. System and method for providing multi-initiator capability to an ATA drive
US6948036B2 (en) * 2002-06-21 2005-09-20 Hewlett-Packard Development Company, L.P. System and method for providing multi-initiator capability to an ATA drive
US20040123117A1 (en) * 2002-12-18 2004-06-24 Symantec Corporation Validation for behavior-blocking system
EP1455501B1 (de) * 2003-03-06 2007-05-09 NTT DoCoMo, Inc. Verfahren und Vorrichtung zur Steuerung von Inhaltsübertragung
US7546956B2 (en) 2004-04-30 2009-06-16 Research In Motion Limited System and method of operation control on an electronic device
US7908653B2 (en) 2004-06-29 2011-03-15 Intel Corporation Method of improving computer security through sandboxing
US7484247B2 (en) * 2004-08-07 2009-01-27 Allen F Rozman System and method for protecting a computer system from malicious software
US8819639B2 (en) * 2004-09-15 2014-08-26 Lakeside Software, Inc. System for selectively blocking execution of applications on a computer system
US20060123398A1 (en) * 2004-12-08 2006-06-08 Mcguire James B Apparatus and method for optimization of virtual machine operation
US20060156400A1 (en) * 2005-01-06 2006-07-13 Gbs Laboratories Llc System and method for preventing unauthorized access to computer devices
US8024523B2 (en) 2007-11-07 2011-09-20 Endeavors Technologies, Inc. Opportunistic block transmission with time constraints
JP2006323614A (ja) * 2005-05-18 2006-11-30 Fujitsu Ltd 不正防止装置、不正防止プログラム、および不正防止方法
US8346950B1 (en) * 2005-05-19 2013-01-01 Glam Media, Inc. Hosted application server
US7756945B1 (en) 2005-08-02 2010-07-13 Ning, Inc. Interacting with a shared data model
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US8045958B2 (en) 2005-11-21 2011-10-25 Research In Motion Limited System and method for application program operation on a wireless device
US7757269B1 (en) 2006-02-02 2010-07-13 Mcafee, Inc. Enforcing alignment of approved changes and deployed changes in the software change life-cycle
DE602006006787D1 (de) 2006-02-27 2009-06-25 Research In Motion Ltd Verfahren zum Personalisieren einer standardisierten IT-Richtlinie
US7895573B1 (en) 2006-03-27 2011-02-22 Mcafee, Inc. Execution environment file inventory
US8060916B2 (en) * 2006-11-06 2011-11-15 Symantec Corporation System and method for website authentication using a shared secret
US9424154B2 (en) 2007-01-10 2016-08-23 Mcafee, Inc. Method of and system for computer system state checks
US8332929B1 (en) 2007-01-10 2012-12-11 Mcafee, Inc. Method and apparatus for process enforced configuration management
US20090125977A1 (en) * 2007-10-31 2009-05-14 Docomo Communications Laboratories Usa, Inc. Language framework and infrastructure for safe and composable applications
US8892738B2 (en) 2007-11-07 2014-11-18 Numecent Holdings, Inc. Deriving component statistics for a stream enabled application
US8789159B2 (en) * 2008-02-11 2014-07-22 Microsoft Corporation System for running potentially malicious code
US20100058016A1 (en) * 2008-08-26 2010-03-04 Jari Nikara Method, apparatus and software product for multi-channel memory sandbox
JP2010092376A (ja) * 2008-10-10 2010-04-22 Softbank Mobile Corp 情報処理装置、情報処理方法及び情報処理プログラム
US8745361B2 (en) * 2008-12-02 2014-06-03 Microsoft Corporation Sandboxed execution of plug-ins
US8381284B2 (en) 2009-08-21 2013-02-19 Mcafee, Inc. System and method for enforcing security policies in a virtual environment
US9552497B2 (en) 2009-11-10 2017-01-24 Mcafee, Inc. System and method for preventing data loss using virtual machine wrapped applications
US8938800B2 (en) 2010-07-28 2015-01-20 Mcafee, Inc. System and method for network level protection against malicious software
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US8549003B1 (en) 2010-09-12 2013-10-01 Mcafee, Inc. System and method for clustering host inventories
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
US9075993B2 (en) 2011-01-24 2015-07-07 Mcafee, Inc. System and method for selectively grouping and managing program files
US9112830B2 (en) 2011-02-23 2015-08-18 Mcafee, Inc. System and method for interlocking a host and a gateway
US8973158B2 (en) 2011-07-20 2015-03-03 Microsoft Technology Licensing Llc Trust level activation
US8832447B2 (en) 2011-08-10 2014-09-09 Sony Corporation System and method for using digital signatures to assign permissions
US9594881B2 (en) 2011-09-09 2017-03-14 Mcafee, Inc. System and method for passive threat detection using virtual memory inspection
US8694738B2 (en) 2011-10-11 2014-04-08 Mcafee, Inc. System and method for critical address space protection in a hypervisor environment
US8973144B2 (en) 2011-10-13 2015-03-03 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US9069586B2 (en) 2011-10-13 2015-06-30 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8713668B2 (en) 2011-10-17 2014-04-29 Mcafee, Inc. System and method for redirected firewall discovery in a network environment
US8739272B1 (en) 2012-04-02 2014-05-27 Mcafee, Inc. System and method for interlocking a host and a gateway
US8973146B2 (en) 2012-12-27 2015-03-03 Mcafee, Inc. Herd based scan avoidance system in a network environment
WO2015060857A1 (en) 2013-10-24 2015-04-30 Mcafee, Inc. Agent assisted malicious application blocking in a network environment
US11461456B1 (en) * 2015-06-19 2022-10-04 Stanley Kevin Miles Multi-transfer resource allocation using modified instances of corresponding records in memory
US11176240B1 (en) * 2021-04-20 2021-11-16 Stanley Kevin Miles Multi-transfer resource allocation using modified instances of corresponding records in memory
JP6901997B2 (ja) 2018-05-31 2021-07-14 富士フイルム株式会社 プログラムの実行制御方法、プログラム、記録媒体、ウェブページ、送信サーバ、クライアントおよびウェブシステム

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB8916586D0 (en) * 1989-07-20 1989-09-06 Int Computers Ltd Distributed data processing system
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
DE69323926T2 (de) * 1992-05-15 1999-09-30 Addison M Fischer Verfahren und Vorrichtung zur Sicherheit eines Computersystem mit Programmberechtigungsdatenstrukturen
US5235642A (en) * 1992-07-21 1993-08-10 Digital Equipment Corporation Access control subsystem and method for distributed computer system using locally cached authentication credentials
US5720033A (en) * 1994-06-30 1998-02-17 Lucent Technologies Inc. Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems
US5692047A (en) * 1995-12-08 1997-11-25 Sun Microsystems, Inc. System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources
US5928323A (en) * 1996-05-30 1999-07-27 Sun Microsystems, Inc. Apparatus and method for dynamically generating information with server-side software objects
US5825877A (en) * 1996-06-11 1998-10-20 International Business Machines Corporation Support for portable trusted software
US5958051A (en) * 1996-11-27 1999-09-28 Sun Microsystems, Inc. Implementing digital signatures for data streams and data archives
US5892904A (en) * 1996-12-06 1999-04-06 Microsoft Corporation Code certification for network transmission

Also Published As

Publication number Publication date
WO1998044404A1 (en) 1998-10-08
DE69838378T2 (de) 2008-05-29
EP0972234B1 (de) 2007-09-05
JP2002503364A (ja) 2002-01-29
US6167522A (en) 2000-12-26
EP0972234A1 (de) 2000-01-19

Similar Documents

Publication Publication Date Title
DE69838378D1 (de) Verfahren und gerät um sicherheit, für server die anwenderprogramme ausführen, die über's netzwerk empfangen wurden, zu gewährleisten
DE69715494D1 (de) Internetfähiges Portfolioverwaltungssystem, Verfahren und Programmprodukt
DE69821387D1 (de) Kommunikationsverfahren und vorrichtung
DE3872059D1 (de) Verfahren und vorrichtungen, um duftstoffe zu verteilen.
DE69729095D1 (de) Pülverfüllanlage, vorrichtung und verfahren
DE69831795D1 (de) Intelligenter kommunikationsserver und kommunikationssystem
DE60009819D1 (de) Netzwerkgerätskonfigurationsverfahren und Vorrichtung
DE69533533D1 (de) Kommunikationssystem, Server und Verfahren zur Adressenverwaltung
KR960009491A (ko) 통신 네트워크 구조 및 이를 기초로 한 통신 네트워크 시스템 및 그 통신 방법
HUP0003520A3 (en) Telecommunication device, system and method
DE69927131D1 (de) Kommunikationsverfahren, -system und -vorrichtung und Server
DE69929314D1 (de) Verfahren, vorrichtung und apparat um information bereit zustellen
EE200000491A (et) Autentimismeetod, -süsteem ja -seade
BR0107459A (pt) Aperfeiçoamento introduzido em sistema de autenticação, aparato para a realização da referida autenticação e aparato de terminal
DE69941313D1 (de) Datenkommunikationssystem, Datenkommunikationsverfahren und Datenkommunikationsvorrichtung
DE69731994D1 (de) Verfahren und Gerät, um Informationen über Netzwerkanbieter zu bekommen und anzuzeigen
DE69840059D1 (de) Anzeigeverfahren, Anzeigegerät und Kommunikationsverfahren
DE69812339D1 (de) Datenkommunikationsvorrichtung, datenkommunikationssystem und datenkommunikationsverfahren
DE69421191T2 (de) Kommunikationsverfahren und vorrichtung dafür
EP0664545A3 (de) Verfahren und Vorrichtung zur Verwaltung von Meldungen.
EE200000280A (et) Kaugsidesüsteemis kasutatav meetod ja seade
EE9900513A (et) Kaugsidevõrgus kasutatav meetod ja süsteem
DK0999854T3 (da) Omskiftelige viskoelastiske systemer, der indeholder galactomannanpolymerer og -borater
IS4925A (is) Flytjanlegt, öruggt aðgerðakerfi fyrir forritanlegan búnað
EE200000019A (et) Meetod ja kaugsidevõrgu aparatuuri kuuluv seade

Legal Events

Date Code Title Description
8364 No opposition during term of opposition