Altered token sandboxing

Embodiments of the present invention relate generally to application security. In an embodiment, a method for altered token sandboxing includes creating a process based on a naked token and suspending the process. The method further includes obtaining an impersonation token and resuming the process...

Full description

Saved in:
Bibliographic Details
Main Authors THORARINSSON FINNUR BREKI, SYLVAIN NICOLAS, PUENTES JOSE RICARDO VARGAS, PIZANO CARLOS E, LARSON MARK ALAN
Format Patent
LanguageEnglish
Published 23.04.2013
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
INFORMATION STORAGE
PHYSICS
STATIC STORES
Online AccessGet full text

Cover

More Information
Summary:Embodiments of the present invention relate generally to application security. In an embodiment, a method for altered token sandboxing includes creating a process based on a naked token and suspending the process. The method further includes obtaining an impersonation token and resuming the process with the impersonation token. The method further includes acquiring resources needed for the process with the impersonation token. The method also includes replacing the impersonation token with the naked token. In a further embodiment, the method further includes executing the suspended process with the naked token and the acquired resources. In another embodiment, a system for user-mode, altered token sandboxing includes a security module, an acquisition module and a replacement module. In a further embodiment, the system may include an execution module. In another embodiment, the system may include a request module.
Bibliography:Application Number: US20080201967