	US 12,141,269 B2
	System and method for building a security monitor
Vladimir S. Burenkov, Moscow (RU); and Alexander A. Bondarenko, Moscow (RU)
Assigned to AO Kaspersky Lab, Moscow (RU)
Filed by AO Kaspersky Lab, Moscow (RU)
Filed on Apr. 1, 2022, as Appl. No. 17/711,399.
Claims priority of application No. RU2021115238 (RU), filed on May 27, 2021.
Prior Publication US 2022/0382855 A1, Dec. 1, 2022
Int. Cl. G06F 15/16 (2006.01); G06F 9/54 (2006.01); G06F 21/53 (2013.01); H04L 29/06 (2006.01)

CPC G06F 21/53 (2013.01) [G06F 9/546 (2013.01); G06F 2221/034 (2013.01)]

21 Claims

1. A method for building a security monitor, the method comprising:

identifying one or more objects of a microkernel Operating System (OS) participating in the transmission of an inter-process communication (IPC) message, wherein the one or more OS objects comprise at least one or more processes or one or more applications executed by the microkernel OS;

selecting, from a security policy database, one or more security policies associated with the identified microkernel OS objects;

configuring a policy verification module based on the selected security policies to generate a decision related to controlling the transmission of the IPC message; and

generating, using the configured policy verification module, a security monitor to control the transmission of the IPC message based on the decision generated by the policy verification module, wherein the security monitor is implemented as a component of the microkernel OS.