Please download the dossier by clicking on the dossier button x
×

Systems and methods for implementing computer security

  • US 10,153,906 B2
  • Filed: 11/01/2016
  • Issued: 12/11/2018
  • Est. Priority Date: 08/09/2011
  • Status: Active Grant
First Claim
Patent Images

1. A computing device, comprising:

  • one or more processing units;

    memory; and

    a first security control module, wherein the first security control module is stored in the memory and executed by the one or more of the processing units to monitor integrity of files and directories, the first security control module including instructions for;

    obtaining an Application Programming Interface (API) key;

    transmitting to a remote security server the API key;

    receiving from the remote security server a first cryptographic key uniquely associated with the first security control module responsive to the transmitting of the API key;

    transmitting to the remote security server a policy identifier, wherein the policy identifier identifies a security policy that applies to a first operating system running on the computing device and applies to one or more applications running in the first operating system;

    obtaining from the remote security server a plurality of commands to be executed according to the security policy assigned to the first security control module, wherein the plurality of commands to be executed are received through encrypted communication between the first security control module and the remote security server using the first cryptographic key, and wherein the plurality of commands to be executed includes a specification of a first set of files and directories that are being monitored according to the security policy, wherein each of the files or directories in the first set is associated with the first operating system or associated with one of the one or more applications running in the first operating system;

    periodically collecting metadata for the first set of files and directories and computing a content signature for each file in the first set; and

    using the first cryptographic key to securely transmit the collected metadata and computed content signatures to the remote security server for evaluation of integrity against baseline data for the first set of files and directories, wherein the baseline data is stored at the remote security server.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×