17965541. AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION simplified abstract (Dell Products L.P.)
Contents
- 1 AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION
Organization Name
Inventor(s)
Daniel Thomas Daugherty of Plano TX (US)
Ricardo Antonio Ruiz of The Colony TX (US)
AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION - A simplified explanation of the abstract
This abstract first appeared for US patent application 17965541 titled 'AUTOMATIC ACCESS CONTROL OF CALLS MADE OVER NAMED PIPES WITH OPTIONAL CALLING CONTEXT IMPERSONATION
Simplified Explanation
The patent application describes systems and methods for automatically filtering privileged methods from unprivileged methods to prevent unauthorized access to privileged methods by consumer applications on an information handling system.
- Identifying unprivileged methods within an original implementation class of an elevated publisher software application that are eligible to be shared with an unelevated consumer software application via a named pipe.
- Implementing a dynamic publisher object on the elevated publisher software application and an intermediary dynamic consumer proxy class on the unelevated consumer software application to restrict access to privileged methods within the original implementation class.
Potential Applications
This technology could be applied in secure software development, where sensitive methods need to be protected from unauthorized access by lower privilege level applications.
Problems Solved
This technology addresses the issue of unauthorized access to privileged methods by consumer applications, enhancing the security and integrity of the software system.
Benefits
The system provides a mechanism to control access to privileged methods, ensuring that only authorized applications can utilize sensitive functionality within the software.
Potential Commercial Applications
One potential commercial application of this technology could be in the development of secure communication software, where encryption and decryption methods need to be protected from unauthorized access.
Possible Prior Art
One possible prior art for this technology could be the use of access control lists in operating systems to restrict access to certain system resources based on user privileges.
Unanswered Questions
How does this technology impact software performance?
This article does not delve into the potential performance implications of implementing the described filtering mechanism. It would be interesting to know if there are any performance overheads associated with this approach.
Are there any potential vulnerabilities in this filtering mechanism?
The article does not discuss any potential weaknesses or vulnerabilities that could be exploited to bypass the filtering of privileged methods. It would be important to understand the robustness of this system against potential attacks.
Original Abstract Submitted
Systems and methods are provided for automatically filtering privileged methods from unprivileged methods, and thus preventing privileged methods from being available to an unelevated consumer application executing on an information handling system. Filtering privileged methods from unprivileged methods may be performed, for example, by identifying any unprivileged method/s within an original implementation class of an elevated publisher software application that are eligible to be exposed to (e.g., shared with) an unelevated consumer software application via a named pipe, and implementing a corresponding dynamic publisher object on the elevated publisher software application and an intermediary dynamic consumer proxy class on the unelevated consumer software application to prevent the unelevated consumer software application from calling any other methods (e.g., privileged method/s) within the original implementation class of the elevated publisher software application that are not so identified as being eligible to be exposed to the unelevated consumer software application.