首页>
外国专利>
Elevating security privileges for creation and use of component object model (COM) objects without escalating to administrator profile.
Elevating security privileges for creation and use of component object model (COM) objects without escalating to administrator profile.
展开▼
机译:提升安全特权,以创建和使用组件对象模型(COM)对象,而无需升级到管理员配置文件。
展开▼
页面导航
摘要
著录项
相似文献
摘要
Component object model (COM) objects are created and used by a user without the need to upgrade to administrator privileges by using a black and white list of COM policies which is administered by software which sits between existing software structures, intercepts calls to create and use COM objects, and allows/denies them according to the predefined security policies. This bypasses the need for a user to obtain administrator privileges by customising the security access control to a much more granular level than the standard Microsoft (RTM) user account control (UAC) system. A COM creating unit 800 intercepts a request for creation of an elevated COM object by a first user process, determines whether the first user process is entitled to access the COM object, and creates the COM object without elevated privileges. A COM implementing unit intercepts a second user process that implements the COM object, confirms that the second user process is entitled to access the COM object and elevates the privilege level of the second user process to implement the elevated COM object.
展开▼