Hierarchical security mechanism for dynamically assigning security levels to object programs

摘要

A computer system organization which allows a program to specify a predetermined security level for other programs which it invokes, while at the same time being subject to security restraints placed on it either by a higher priority level invoking program or by the operating system. A plurality of security levels organized as a hierarchy which may be established by both problem programmers, and the operating system are then controlled by the operating system. A program cannot change its previously assigned level. Only a higher level invoking program can make such an alteration. A new program's security level indicator must be validated and then a protection code or 'mask' of a predetermined size related to the security level must be validated. The system utilizes a plurality of special purpose bits in every data word which bits contain the protection field. Level indicators for the particular program determine the use of the protection field. A series of linking registers or a 'Link Stack' having appropriate logic circuitry connected thereto is utilized for keeping track of the security level of all programs in a hierarchical sequence currently running on the system. The stack allows proper branching back to an originating program and prevents violation of security rules. The hardware additionally provides a mechanism for automatically checking each and every memory access, whether read or write, to assure that a correct protection field is present in each of the memory data words which is to be accessed or stored into.