US5958050: Trusted delegation system

Dec. 26, 1996

A trust manager examines each new class before it is allowed to execute by examining a policy file which includes data structures defining security policies of the user system, a certificate repository for storing a plurality of certificates, a certificate being a data record which is digitally signed and which certifies claims relevant to a security evaluation, a code examiner adapted to analyze the portion of code to determine potential resource use of the portion of code and a trust evaluator adapted to evaluate certificate requirements of the portion of code based on policy rules extracted from the policy file and the potential resource use specified by the code examiner. The trust evaluator also determines, from certificates from the certificate repository and a code identifier identifying the portion of code, whether execution of the portion of code is allowed by the policy rules given the potential resource use, the code supplier and applicable certificates. Certificates and policies can be specified in hierarchical form, so that some levels of security can be delegated to trusted entities.


US05819299: Process for distributed garbage collection

June 6, 1996

US5991779: Process for distributed garbage collection

Sept. 14, 1998

A process and system for distributed garbage collection in a distributed network includes transmission of a root request message tagged with a unique identifier from a suspect node to all nodes of the suspect node's inverse reference graph looking for a rooted (persistent) object. Objects respond to the root request message with an affirmative or disregard response (indicating a root or coupling to a root) tagged with the same identifier or that no relevant garbage collecting information is available from a particular branch. The suspect node, in the absence of any affirmative responses, is identified as obsolete (garbage) and may be collected. Other objects having the same identifier are identified and/or collected as garbage as well.


US6006280: Distributed instantiation system and method

April 9, 1996

US6145013: Distributed instantiation system and method

March 6, 1997

A communication system and method includes unums distributed over at least a single presence and including a selected plurality of ingredients. An unum is established by creating ingredients at the level of its interface and attributes; and at the level of its implementation; and interconnecting ingredients into presences and unums. Communication between ingredients is accomplished within a single presence, across an unum boundary within an agency, or within a single unum across a presence boundary. Trust boundaries are established between presences and unums to establish a predetermined level of communications security in messaging between ingredients.