Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Validity Checking Mechanism that Assures Completeness

IP.com Disclosure Number: IPCOM000082143D
Original Publication Date: 1973-Dec-01
Included in the Prior Art Database: 2005-Feb-28
Document File: 1 page(s) / 11K

Publishing Venue

IBM

Related People

Byrne, PH: AUTHOR [+2]

Abstract

This technique is directed toward solving a problem in system integrity. The problem is that where a control program performs an operation for a user routine, it is necessary to validity check the user-supplied data to determine that it is valid. The basic problem is to identify all places where validity checks should be performed.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

Validity Checking Mechanism that Assures Completeness

This technique is directed toward solving a problem in system integrity. The problem is that where a control program performs an operation for a user routine, it is necessary to validity check the user-supplied data to determine that it is valid. The basic problem is to identify all places where validity checks should be performed.

The mechanism adopted to solve the problem is: 1) assume that the system employs a state switching mechanism, to transfer the control program to the state of the user when performing an operation for the user; 2) define a limited access state that allows access to only the control program-owned portions of the resource in question; and 3) execute all currently unlimited access program services with the state-switch state and the limited access state established in 2 above.

Through this mechanism, the control program is forced to perform the necessary state switch before performing an operation in behalf of the user. If the state switch is not made, the access will be disallowed because the control program routine's own limited access state will not permit access to the caller's portion of the resource. This means that the service routine will simply not function in the normal case, thus causing a problem that must be fixed; the fix being to do the required state switch, thus eliminating the integrity exposure.

1