IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7770202 B1

PDFFull Text
Date of Patent:
Aug. 03, 2010

Filed:

Feb. 03, 2004

Cross assembly call interception

Applicants:

Christopher W. Brumme, Mercer Island, WA (US);

Vance Morrison, Kirkland, WA (US);

Sebastian Lange, Seattle, WA (US);

Gregory D. Fee, Seattle, WA (US);

Dario Russi, Redmond, WA (US);

Simon Jeremy Hall, Seattle, WA (US);

Mahesh Prakriya, Redmond, WA (US);

Brian F. Sullivan, Woodinville, WA (US);

Inventors:

Christopher W. Brumme, Mercer Island, WA (US);

Vance Morrison, Kirkland, WA (US);

Sebastian Lange, Seattle, WA (US);

Gregory D. Fee, Seattle, WA (US);

Dario Russi, Redmond, WA (US);

Simon Jeremy Hall, Seattle, WA (US);

Mahesh Prakriya, Redmond, WA (US);

Brian F. Sullivan, Woodinville, WA (US);

Assignee:

Microsoft Corporation, Redmond, WA (US);

Attorney:

Lee & Hayes, PLLC

Primary Examiner:

Kambiz Zand

Assistant Examiner:

Jason K Gee

Int. Cl.
CPC ...
G06F 17/00 (2006.01); H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
Abstract

A host intercepts calls between two executables and determines whether the calls are permissible according to the host's security model which can be identify based, such as user identity based—for instance, mapping access rights within a specific data base user context to database object access. Such an identity security model differs from a common language runtime security model where managed code uses Code Access Security to prevent managed assemblies from performing certain operations. Managed assemblies registered with the host are host objects from the host's perspective for which access rights can be defined via security rules, such as are defined for individual user identities. A host can decide access between managed executables based on the host's identity based access rules by trapping any cross assembly calls and deciding whether such calls should proceed or be blocked from taking place based on the corresponding identity security settings.

Find Patent Forward Citations

Loading…