发明名称 |
Processor extensions and software verification to support type-safe language environments running with untrusted code |
摘要 |
Processor extensions and software verification to support type-safe language environments running with untrusted code. Code and data spaces are partitioned into trusted and untrusted regions. Type-safe code is loaded into the trusted region of the code space, while non-type-safe code is loaded into the untrusted region of the code space. The trusted region of the data space is allocated to the type-safe code. The untrusted region of the data space is allocated to the non-type-safe code. Hardware-based truth tables are employed for defining allowable and disallowable code sequences and memory access operations. For code sequences, allowable operations are based on the location (i.e., region) of a code sequence including a current instruction and a prior instruction. For memory access, the location of the requesting instruction and data requested are considered. Disallowed code sequence or memory access operations cause the processor to generate a safe access protection trap. In response to the safe access protection trap, a software-based dynamic verifier applies a security policy to determine whether to allow the operation to proceed.
|
申请公布号 |
US2005273605(A1) |
申请公布日期 |
2005.12.08 |
申请号 |
US20040851860 |
申请日期 |
2004.05.20 |
申请人 |
SAHA BRATIN;WASHBURN WELDON;HELD JAMES P |
发明人 |
SAHA BRATIN;WASHBURN WELDON;HELD JAMES P. |
分类号 |
G06F1/00;G06F21/00;H04L9/00;(IPC1-7):H04L9/00 |
主分类号 |
G06F1/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|