Digital protection that travels with data

US 10,417,417 B2
Filed: 12/13/2013
Issued: 09/17/2019
Est. Priority Date: 09/27/2013
Status: Active Grant

First Claim

Patent Images

1. At least one machine readable, non-transitory storage medium having instructions stored thereon for providing data-centric computer security between a first device and a second device remote from the first device, wherein the instructions, when executed by at least one processor, cause the at least one processor to perform operations comprising:

scanning a data file using a security scanner at the first device to produce results;

receiving, from the second device, an indication of an operating system platform version at the second device, a version of software at the second device for accessing the data file, or a date for accessing the data file at the second device;

scanning the data file for malware contextually relevant to the second device based on the operating system platform version, the version of the software, or the date;

creating a record based in part on the results from the security scanner, the record comprising a cryptographic hash of the data file, the record further comprising device information associated with the first device, scan information associated with the security scanner, or user information associated with a user of the first device, wherein the device information comprises at least one of a reputation of the first device, a version of the security scanner, and the operating system platform version, the user information comprises at least one of a reputation of the user of the first device and a manner in which the user of the first device is linked to a user of the second device, and the record is generated or augmented according to the indication; and

transmitting the record along with the data file from the first device to the second device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure relates to a system and method for performing antimalware scanning of data files that is data-centric rather than device-centric, In the example, a plurality of computing devices are connected via a network. An originating device creates or first receives data, and scans the data for malware, After scanning the data, the originating device creates and attaches to the data a metadata record including the results of the malware scan, The originating device may also scan the data for malware contextually-relevant to a second device.

15 Citations

View as Search Results

11 Claims

1. At least one machine readable, non-transitory storage medium having instructions stored thereon for providing data-centric computer security between a first device and a second device remote from the first device, wherein the instructions, when executed by at least one processor, cause the at least one processor to perform operations comprising:
- scanning a data file using a security scanner at the first device to produce results;
  
  receiving, from the second device, an indication of an operating system platform version at the second device, a version of software at the second device for accessing the data file, or a date for accessing the data file at the second device;
  
  scanning the data file for malware contextually relevant to the second device based on the operating system platform version, the version of the software, or the date;
  
  creating a record based in part on the results from the security scanner, the record comprising a cryptographic hash of the data file, the record further comprising device information associated with the first device, scan information associated with the security scanner, or user information associated with a user of the first device, wherein the device information comprises at least one of a reputation of the first device, a version of the security scanner, and the operating system platform version, the user information comprises at least one of a reputation of the user of the first device and a manner in which the user of the first device is linked to a user of the second device, and the record is generated or augmented according to the indication; and
  
  transmitting the record along with the data file from the first device to the second device.
- View Dependent Claims (2, 3, 10, 11)
- - 2. The at least one machine readable, non-transitory storage medium according to claim 1, wherein the scan information comprises at least one of scan status or results, scan parameters, and a target platform for which the security scanner scanned.
  - 3. The at least one machine readable, non-transitory storage medium according to claim 1, wherein the record further comprises privacy information comprising at least one of a privacy reputation of the user of the first device, and the manner in which the user of the first device is linked to the user of the second device.
  - 10. The at least one machine readable, non-transitory storage medium according to claim 1, wherein the record comprises a name of the data file.
  - 11. The at least one machine readable, non-transitory storage medium according to claim 1, wherein the record comprises a time stamp of the record.

4. A first device for providing data-centric computer security between the first device and a second device remote from the first device, the first device comprising:
- at least one memory element;
  
  at least one processor coupled to the at least one memory element; and
  
  a file sharing client that, when executed by the at least one processor, is configured toreceive, from the second device, an indication of an operating system platform version at the second device, a version of software at the second device for accessing the data file, or a date for accessing the data file at the second device,create a record associated with a data file based in part on scan results from a security scanner of the first device, the record comprising a cryptographic hash of the data file, the record further comprising device information associated with the first device, scan information associated with the security scanner, or user information associated with a user of the first device, wherein the security scanner of the first device is configured to scan the data file for malware contextually relevant to the second device based on the operating system platform version, the version of the software, or the date, the record is generated or augmented according to the indication, the device information comprises at least one of a reputation of the first device, a version of the security scanner, and the operating system platform version, and the user information comprises at least one of a reputation of the user of the first device and a manner in which the user of the first device is linked to a user of the second device, andtransmit the record along with the data file from the first device to the second device.
- View Dependent Claims (5, 6)
- - 5. The first device according to claim 4, wherein the scan information comprises at least one of scan status or results, scan parameters, and a target platform for which the security scanner scanned.
  - 6. The first device according to claim 4, wherein the record further comprises privacy information comprising at least one of a privacy reputation of the user of the first device, and the manner in which the user of the first device is linked to the user of the second device.

7. A method for providing data-centric computer security between a first device and a second device remote from the first device, comprising:
- receiving, at a file sharing client of the first device, from the second device, an indication of an operating system platform version at the second device, a version of software at the second device for accessing a data file, or a date for accessing the data file at the second device;
  
  scanning, using a security scanner of the first device, the data file for malware contextually relevant to the second device based on the operating system platform version, the version of the software, or the date;
  
  retrieving scan results associated with the data file from the security scanner of the first device;
  
  creating, using the file sharing client, a record based in part on the scan results, the record comprising a cryptographic hash of the data file, the record further comprising device information associated with the first device, scan information associated with the security scanner, or user information associated with a user of the first device, wherein the record is generated or augmented according to the indication, the device information comprises at least one of a reputation of the first device, a version of the security scanner, and the operating system platform version, and the user information comprises at least one of a reputation of the user of the first device and a manner in which the user of the first device is linked to a user of the second device; and
  
  transmitting the record along with the data file from the first device to the second device.
- View Dependent Claims (8, 9)
- - 8. The method according to 7, wherein the scan information comprises at least one of scan status or results, scan parameters, and a target platform for which the security scanner scanned.
  - 9. The method according to claim 7, wherein the record further comprises privacy information comprising at least one of a privacy reputation of the user of the first device, and the manner in which the user of the first device is linked to the user of the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Kulkarni, Dattatraya, Nalluri, Srikanth, Halder, Kamlesh, Krishnapur, Venkatasubrahmanyam, Shankar, Sailaja K., Dhruw, Kaushal Kumar
Primary Examiner(s)
Ullah, Sharif E

Application Number

US14/911,140
Publication Number

US 20160188878A1
Time in Patent Office

2,104 Days
Field of Search

726 23, 726 2, 726 21, 726 36, 713150, 713163, 713181, 380255, 380264, 380276
US Class Current
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/567   using dedicated hardware

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/033   Test or assess software

G06F 2221/034   Test or assess a computer o...

Digital protection that travels with data

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Digital protection that travels with data

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links