Trusted execution of binaries and modules

Invention Grant

US09311475B2 Trusted execution of binaries and modules 有权

Title translation: 受信任的二进制文件和模块的执行

Please log in to see more content

Patent Title: Trusted execution of binaries and modules
Patent Title (中): 受信任的二进制文件和模块的执行
Application No.: US14297044

Application Date: 2014-06-05
Publication No.: US09311475B2

Publication Date: 2016-04-12
Inventor: Mukund Gunti , Christoph Klee
Applicant: VMware, Inc.
Applicant Address: US CA Palo Alto
Assignee: VMware, Inc.
Current Assignee: VMware, Inc.
Current Assignee Address: US CA Palo Alto
Main IPC: G06F9/00
IPC: G06F9/00 ; G06F21/51 ; G06F21/57

Trusted execution of binaries and modules

Abstract:

A computer system mechanism is provided that restricts execution of binaries, such as applications, kernel modules, shared libraries, on the computing system to only those that have been installed by an approved mechanism. The approved mechanism acts as a single entry point on the computing for installing new binaries. Any change in file content or metadata taints an executable file and prevents execution by the kernel. Files copied over and not installed via, the approved mechanism will not be executed.

Abstract(Chinese):

提供了一种计算机系统机制，其将在计算系统上的二进制文件（例如应用程序，内核模块，共享库）的执行限制为仅由经批准的机制安装的那些。已批准的机制作为安装新二进制文件的计算的单个入口点。文件内容或元数据的任何更改都会影响可执行文件，并阻止内核执行。文件复制并未安装，经批准的机制将不会执行。

Public/Granted literature

US20150067838A1 TRUSTED EXECUTION OF BINARIES AND MODULES Public/Granted day:2015-03-05

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F9/00	程序控制装置，例如，控制单元（用于外部设备的程序控制入G06F13/10）