210 results about "Privilege level" patented technology

A combined-hardware-and-software secure-platform interface to which operating systems and customized control programs interface within a computer system. The combined-hardware-and-software secure-platform interface employs a hardware platform that provides at least four privilege levels, non-privileged instructions, non-privileged registers, privileged instructions, privileged registers, and firmware interfaces. The combined-hardware-and-software secure-platform interface conceals all privileged instructions, privileged registers, and firmware interfaces and privileged registers from direct access by operating systems and custom control programs, providing to the operating systems and custom control programs the non-privileged instructions and non-privileged registers provided by the hardware platform as well as a set of callable software services. The callable services provide a set of secure-platform management services for operational control of hardware resources that neither exposes privileged instructions, privileged registers, nor firmware interfaces of the hardware nor simulates privileged instructions and privileged registers. The callable services also provide a set of security-management services that employ internally generated secret data, each compartmentalized security-management service managing internal secret data without exposing the internal secret data to computational entities other than the security-management service itself.

A micro-virtualization architecture deploys a threat-aware microvisor as a module of a virtualization system configured to facilitate real-time security analysis, including exploit detection and threat intelligence, of operating system processes executing in a memory of a node in a network environment. The micro-virtualization architecture organizes the memory as a user space and kernel space, wherein the microvisor executes in the kernel space of the architecture, while the operating system processes, an operating system kernel, a virtual machine monitor (VMM) and its spawned virtual machines (VMs) execute in the user space. Notably, the microvisor executes at the highest privilege level of a central processing unit of the node to virtualize access to kernel resources. The operating system kernel executes under control of the microvisor at a privilege level lower than a highest privilege level of the microvisor. The VMM and its spawned VMs execute at the highest privilege level of the microvisor.

A Collaborator computer collaborative environment (CCE) instantiated by a computer network includes N Collaborator CCE clients and a Collaborator CCE server. Each of the N Collaborator CCE clients generates message objects each including a nested group identifier and an associated privilege level; the Collaborator CCE server filters the generated message objects and routes only those message objects to an Nth Collaborator CCE client that is a member of the respective group having the group identifier and that has a privilege greater than or equal to the associated privilege level. Corresponding software is also described.

In a virtual computer system, the invention virtualizes a primary protection mechanism, which restricts memory accesses based on the type of access attempted and a current hardware privilege level, using a secondary protection mechanism, which is independent of the hardware privilege level. The invention may be used to virtualize the protection mechanisms of the Intel IA-64 architecture. In this embodiment, virtual access rights settings in a virtual TLB are translated into shadow access rights settings in a hardware TLB, while virtual protection key settings in a virtual PKR cache are translated into shadow protection key settings in a hardware PKR cache, based in part on the virtual access rights settings. The shadow protection key settings are dependent on the guest privilege level, but the shadow access rights settings are not.

The present invention is directed to improvements to the processor architectures, and more specifically the x86 architecture, to correct shortcomings in processor virtualization. Several embodiment of the present invention are directed to the utilization of at least one virtualization control bit to determine whether the execution of a specific instructions cause a privilege-level exception (e.g., GP0) when executed outside of a privilege ring (e.g., outside of ring-0). Several additional embodiments are directed to the utilization of a virtual assist register to implement at least one virtual assist feature. And several additional embodiments are also directed to utilization of a bit for enabling a virtual protected mode that, when a processor in running in a protected mode, causes said processor, which is otherwise executing as if it is running in protected mode, to execute normally with exceptions to handle special virtualization challenges.

A system and method for providing access and/or roaming features on a network system. The network system includes a plurality of wireless and/or wired access points coupled to a network. Access points (APs) for the network may be widely distributed in various facilities, such as airports, mass-transit stations, and various businesses. The network may couple to a wide area network, such as the Internet. In one embodiment, a portable computing device (PCD) of a user may store identification information which uniquely indicates a network provider of a plurality of possible network providers. The identification information may also or instead indicate an access or privilege level of the user. Each of the access points are operable to "listen for" or detect identification information associated with numerous different providers. When the access point receives the identification information from a PCD of a user, the access point may determine the appropriate network provider for the portable computing device using the identification information. Network access may then be provided to the portable computing device through the determined network provider. Thus the network system is useable by subscribers of each of the plurality of possible network providers, thereby enabling subscribers to "roam" on various wireless networks, including networks maintained by other providers. The access information may also include an access level which indicates the user's access or privilege level. Thus, the local network may provide various local resources which are available to users having a first access level, and users with a second access level may not be entitled to view or utilize these network resources on the network, but may be simply provided external Internet access.

A computer system includes a first portion of a Hypervisor is loaded into the memory as a part of an Extensible Firmware Interface upon start up and prior to loading of an operating system. The first portion is responsible for context switching, at least some interrupt handling, and memory protection fault handling. The first portion runs on a root level. An operating system is loaded into a highest privilege level. A second portion of the Hypervisor is loaded into operating system space together with the operating system, and runs on the highest privilege level, and is responsible for (a) servicing the VMM, (b) servicing the VMs, (c) enabling communication between code launched on non-root level with the second portion of the Hypervisor to perform security checks of trusted code portions and to enable root mode for the code portions if allowable. The VMM runs on the highest privilege level. A Virtual Machine is running under control of the VMM. Trusted code runs on non-root level. The first portion of the Hypervisor verifies trusted code portions during their loading or launch time, and the trusted code is executed on root level.

In a network-based printing system having a communication network, such as the Internet or an intranet, printing control information is added to document data or image data, and the document or image data to which the printing control information is added is transmitted to a user designated by an access privilege level that is stored in a server. Printing of the transmitted data is controlled according to authentication information that is input by the user and the printing control information added to the document or image data.

A system comprising a processor adapted to activate multiple privilege levels for the system, a monitoring unit coupled to the processor and employing security rules pertaining to the multiple privilege levels, and a memory management unit (MMU) coupled to the monitoring unit and adapted to partition memory into public and secure memories. If the processor switches privilege levels while the MMU is disabled, the monitoring unit restricts usage of the system. If the processor accesses the public memory while in a privilege level not authorized by the security rules, the monitoring unit restricts usage of the system.

Automated configuration of a software application to be installed via a software installation package onto different user devices for different users. An initial software installation package is obtained, as is information representing (a) associations between the plurality of users and the plurality of user devices, and (b) user attributes from which access privilege level information for individual users is determinable. The initial software installation package is configured for the user devices based on the information representing (a) and (b), to produce a plurality of different specially-configured software installation packages, each one of which corresponds to one or more specific users and one or more specific user devices. Each specially-configured package includes parameters that establish functionality for the software application based on the access privilege level of the users. Each user is authenticated, and completion of installation of the software application is conditioned on a result of the authentication.

The application discloses an application customizing method and an application customizing device. One specific embodiment of the method comprises the following steps: firstly acquiring biologic feature information parameters which correspond to an unlocking instruction; then, according to a preset numerical value interval to which the biologic feature information parameters belong, determining group class information; finally, according to a preset operation privilege level which corresponds to the group class information, performing application initial configuration. The application initial configuration suitable for different user classes can be performed adaptively, and the goal that different application customizing can be performed by aiming at different groups and the same terminal is achieved, and therefore waste of resources can be avoided.

In one embodiment, a processor mode is provided for guest software. The processor mode enables the guest software to operate at a privilege level intended by the guest software. When the guest software attempts to perform an operation restricted by the processor mode, the processor mode is exited to transfer control over the operation to a virtual-machine monitor, which runs outside this processor mode.

A data processor 2 has privilege levels associated with it including a user level and a privileged level. The processor 2 also has multiple stack memories which can be used including one or more process stacks, a main stack and a deep stack. The stack memory to be used is de-coupled from the privilege level. An activation level state variable tracking the number of pending exceptions is held by the processor and used to modify which stack memory stores pending state values when an exception occurs. If the system is at a base level of activation, corresponding to currently no pending exceptions, then when an exception occurs the current state data is saved on the process stack with the main stack being available for the exception handling code. Particular exceptions can be flagged as requiring use of a deep stack rather than either the process stack or the main stack. If the system is not at the base level of activation, then the main stack is used to save state variables when an exception occurs rather than the process stack.

A system and method for managing relationships in a social network with independent multi-dimensional groupings, individualized privileges & interactive feedback. The contributing member can assign a privilege level from a sliding scale of at least three levels for each item of information, represented as C₁, C₂, C₃, . . . C_N. The contributing member then grants direct privilege levels as they make new friends or grants indirect privilege levels when they join groups or networks. When a requesting user (T) wishes to see contributed information, their privilege level (L) with respect to the contributing member is accessed. The system retrieves all items of information (C), and selectively displays those items of information which have been assigned a privilege level C₁, C₂, C₃, . . . C_N matching or less than the privilege level granted to the requesting member T_L. A contributing member can also chose to allow ‘friends of friends’ to inherit the privilege level assigned to them by their friends so that ‘friends of friends’ can be granted access to their private information despite the lack of direct connection.

The invention discloses a dynamic running method for a security kernel service of a tristate operating system in a Feiteng CPU. The method comprises the steps of: dividing a kernel into a system state and a kernel state of different privilege levels; establishing a service framework in the kernel state to serve as a container for the security kernel service, and establishing a call interface for the security kernel service; establishing a virtual driving interface in the system state to support a user state to call the security kernel service; loading the service framework and the built-in security kernel service after enabling the CPU to be powered on; and loading a loading part of a system service module and starting a system service, wherein the service framework provides the security kernel service and makes a response to a dynamic loading/unloading request of the security kernel service. The dynamic running method can realize security protection on specific hardware resources of the system, realize security access to a core service of the operating system, efficiently support credibility conformation of the system, effectively improve the system security, lower the security risk of traditional kernel bugs and provide an efficient and flexible credible calculating ecological environment for users.

A method and apparatus for monitoring the performance characteristics of a multithreaded processor executing instructions from two or more threads simultaneously. Event detectors detect the occurrence of specific processor events during the execution of instructions from threads of a multithreaded processor. Specialized event select control registers are programmed to control the selection, masking and qualifying of events to be monitored. Events are qualified according to their thread ID and thread current privilege level (CPL). Each event that is qualified is counted by one of several programmable event counters that keep track of all processor events being monitored. The contents of the event counters can then be accessed and sampled via a program instruction.

Roughly described, a network interface device receiving data packets from a computing device for transmission onto a network, the data packets having a certain characteristic, transmits the packet only if the sending queue has authority to send packets having that characteristic. The data packet characteristics can include transport protocol number, source and destination port numbers, source and destination IP addresses, for example. Authorizations can be programmed into the NIC by a kernel routine upon establishment of the transmit queue, based on the privilege level of the process for which the queue is being established. In this way, a user process can use an untrusted user-level protocol stack to initiate data transmission onto the network, while the NIC protects the remainder of the system or network from certain kinds of compromise.

A computer system includes an Open Bus Hypervisor having the highest privilege level. An Open Bus Hypervisor is a set of modules that operate on the root level. The Open Bus Hypervisor provides support for processing, filtering and redirecting of low level events. The Open Bus Hypervisor is used primarily for maintenance and support of computer virtualization features, which are implemented within computer system CPU. Additionally, the Open Bus Hypervisor can be used for supporting new hardware and software modules installed on a computer system. A Virtual Machine Monitor (VMM) runs with fewer privileges than the Open Bus Hypervisor. A Primary Virtual Machine (PVM) runs without system level privileges and has a Primary Operating System (POS) running within it.

A processor includes an input/output (I/O) register that is mapped into input/output (I/O) address space. The processor also includes a base address register that is loaded with a base address. The base address register may be a model specific register (MSR). The input/output register is accessed with an input/output instruction at an address determined according to the base address and an offset therefrom. The base address register may be accessible to software operating at a high privilege level and not accessible to software operating at a lower privilege level, while the I/O register is accessible to software operating at the lower privilege level. The processor determines when an I/O access is to the processor I/O register and accesses that I/O register without causing an input/output bus cycle that would otherwise occur.

Methods and systems for providing a flexible protection model in a computer system by decoupling protection from privilege are described. Information describing a relationship between the two or more domains that define types of protection and portions of code is received. The portions of code with the multiple domains that provide fine granularities of protection can be executed in the same privilege level. The relationship is not required to be linear. In addition, the overhead associated with crossing protection domains is relatively low with respect to traditional operating system context switching overhead.