1. Field of the Invention
The present invention relates generally to security in a computing software environment, and more specifically to a computer-implemented technique for employing secure checkpoints referred to as task gates to secure access to computer-executable program code.
2. Description of the Related Art
Businesses are increasingly dependent on their computing resources or information systems. Company-sensitive information is typically stored in computer memory that is part of the information system. Security may be compromised if the information is accessed by unauthorized individuals. It may be accidentally or purposely destroyed or altered. Moreover, secret business information made available to competitors may be used to the owner's disadvantage causing economic loss and hardship. Additionally, certain resources such as a check-writing printer should be protected to prevent its fraudulent use.
Generally security for information systems is concerned with (1) confidentiality, (2) integrity, (3) accountability, and (4) availability. The first element confidentiality refers to the requirement that only uses authorized to certain information be able to access it. The second element integrity refers to the requirement that only authorized users be able to access information, and then only in certain ways. For example, one user may have rights to view and modify information, while another user has rights to view the same information but not to modify it. The next element accountability is concerned with making sure that users are accountable (i.e., identifiable and responsible) for their security-relevant actions. Finally, availability is concerned with making sure that no one can maliciously deny access to authorized users.
Typically the above-reference security measures are addressed on a resource or system level. A resource may be a file or a device with a computer system, whereas the system refers to an aggregation of components that may include software and/or hardware that together operate to perform computing functions for one or more users. An example of resource-level security follows. A file that is created by a user employing a word processing program may be given a password that must be provided in order to access the file. A computer or network system may require similar entry of a password in order to "login" or begin using the system after identifying oneself. The familiar notion of "logging in (login)" is a security concept, because not only must the individual meet some security requirement, such as the providing of a system-recognizable password, the user must identify him/herself to the system which makes the user accountable for any actions taken while logged in.
It is well known that certain users, perhaps belonging to certain groups, may be given rights to perform actions that others may not have. As described above, one user might have the right to access a file and modify it (i.e., write to the file), while another may access the file but may not modify it (i.e., only read the file). However, this is just one example of how one application, such as a word processing program or a local area network administration program, may handle security. Typically, application programs have very specialized security requirements that the underlying operating system must support. For example, an operating system may allow an entire database to be secured for read or write access, while a database management application may need to provide security controls on individual records that regulates who may read and who may write to a file. Additionally, such an application may contain special functions, such as database management functions, that should only be seen and used by authorized users.
To address the different security needs of different applications, most software applications have their own accompanying security setup routines that must be run by a system security administrator when the application is installed. Unfortunately, this requires the application to maintain a list or table of authorized users together with the tasks or functions that particular users may use. The list or table is checked whenever a user invokes an action that would cause the code associated with the task or function to be executed. It is cumbersome for the application developer to anticipate all of the authorized users or maintain such a list, or for an administrator to understand what each application does to understand how to protect it. Typically, when a user is removed or added to the system, the various security routines for each application must each be individually run.
Security is also a problem in "object oriented programming," which many software developers are moving to in order to reduce development expense. In object oriented programming, program code may be inherited from objects as long as there is an underlying system, sometimes embodied as a "framework" that supports the objects and allows the inheritance to take place. Frameworks take over many of the low-level functions such as communicating with the operating system, and allow applications to be created more quickly and with better quality for high-level functions since the low-level functions are taken care of by the frameworks designers. Unfortunately, applications frameworks designers have not provided any significant support for security-related needs of applications.
What is needed is a simple, low-cost, and efficient mechanism for implementing security-related checkpoints within an application that can be flexibly applied to various kinds of software applications. In an object oriented environment, such a mechanism is needed at the framework level, but which allows each application developer to determine when and where the framework-provided mechanism is applied relative to the application itself. Regardless of whether the mechanism is provided in an object-oriented environment or not, providing granularity of control that allows each application developer to decide when and where such a security-related mechanism is applied would be an advancement in the computer arts.