System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages

US 20050120242A1
Filed: 10/20/2004
Published: 06/02/2005
Est. Priority Date: 05/28/2000
Status: Active Grant

First Claim

Patent Images

1. A security system for computers that does not depend on information about the specific identities of malicious programs, wherein said computers are at least one of a personal computer, a network server, a cellular phone, a palm pilot, a car computer, and/or other computerized gadget, comprising at least one of:

a. A system for automatic segregation between programs that is applied to at least one of the hard disks and other non-volatile storage devices;

b. An independent device that is adapted to notice and intercept whenever the amount of data actually sent out from a computer does not fit the amount reported by at last one of;

the Security System installed on the computer, and the communications software of the computer;

c. A system for preventing malicious software from falsifying the user'"'"'s input;

d. A security system wherein in an organization the Security System of the central authority and/or of the system administrator and/or a gateway computer through which the other computers access the web—

automatically checks at least once in a while if the Security System is functioning properly on the other computers;

e. A security system and/or firewall that prevents applications and/or drivers from accessing directly at all or at least without user permission the hardware ports of and/or the actual device drivers that physically access at least one of the communication channels and the storage devices;

f. A security system and/or fireball that prevents applications and/or drivers from accessing without user permission also USB devices;

g. A security system and/or firewall that prevents applications and/or drivers from accessing without user permission also at least one of Bluetooth communication devices, infra-red, and other wireless communication channels;

h. A security system and/or firewall that prevents applications and/or drivers from accessing without user permission at least one of Fax sending functions and other TAPI functions;

i. A security system wherein at least one general trusted area and at least one non-trusted area are enforced by creating at least two Virtual Environments (VEs), one for the trusted area and one for the non-trusted area, and enforcing the virtual sharing of resources between them, so that each VE sees only itself and the OS;

i. A security system wherein separate VEs with virtual sharing are used to enforce better segregation between users, so that each user has at least one VE of his/her own, and/or to enforce different profiles or configurations for the same users.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In the prior art of computer security by default programs are allowed to do whatever they like to other programs or to their data files or to critical files of the operating system, which is as absurd as letting a guest in a hotel bother other guests as he pleases, steal their property or copy it or destroy it, or have free access to the hotel'"'"'s management resources. The present concept is based on automatic segregation between programs. This is preferably done by creating automatically an unlimited number of Virtual Environments (VEs) with virtual sharing of resources, so that the programs in each VE think that they are alone on the computer, and (unless explicitly allowed by the user) any changes that they think they made in virtually shared resources are in reality only made in their own VE, while the user preferably has an integrated view of the computer.

318 Citations

93 Claims

1. A security system for computers that does not depend on information about the specific identities of malicious programs, wherein said computers are at least one of a personal computer, a network server, a cellular phone, a palm pilot, a car computer, and/or other computerized gadget, comprising at least one of:
- a. A system for automatic segregation between programs that is applied to at least one of the hard disks and other non-volatile storage devices;
  
  b. An independent device that is adapted to notice and intercept whenever the amount of data actually sent out from a computer does not fit the amount reported by at last one of;
  
  the Security System installed on the computer, and the communications software of the computer;
  
  c. A system for preventing malicious software from falsifying the user'"'"'s input;
  
  d. A security system wherein in an organization the Security System of the central authority and/or of the system administrator and/or a gateway computer through which the other computers access the web—
  
  automatically checks at least once in a while if the Security System is functioning properly on the other computers;
  
  e. A security system and/or firewall that prevents applications and/or drivers from accessing directly at all or at least without user permission the hardware ports of and/or the actual device drivers that physically access at least one of the communication channels and the storage devices;
  
  f. A security system and/or fireball that prevents applications and/or drivers from accessing without user permission also USB devices;
  
  g. A security system and/or firewall that prevents applications and/or drivers from accessing without user permission also at least one of Bluetooth communication devices, infra-red, and other wireless communication channels;
  
  h. A security system and/or firewall that prevents applications and/or drivers from accessing without user permission at least one of Fax sending functions and other TAPI functions;
  
  i. A security system wherein at least one general trusted area and at least one non-trusted area are enforced by creating at least two Virtual Environments (VEs), one for the trusted area and one for the non-trusted area, and enforcing the virtual sharing of resources between them, so that each VE sees only itself and the OS;
  
  i. A security system wherein separate VEs with virtual sharing are used to enforce better segregation between users, so that each user has at least one VE of his/her own, and/or to enforce different profiles or configurations for the same users.
- View Dependent Claims (19, 69, 71, 73, 75, 76, 81, 82, 84, 85, 86, 88, 89, 90, 91, 93)
- - 19. The system of claim 1 wherein by default each program can only see itself and the operating system and the computer resources that it is allowed to see, so that it lives in a Virtual Environment (VE).
  - 69. The system of claim 19 wherein the user sees a merged view of at least the desktop regardless of the VE (Virtual Environment) boundaries, and at least one of the following features exists:
    - a. The user sees also the merged view of the list of installed programs in the Windows start menu and/or of any other resources;
      
      b. When viewing the directory structure itself the user sees only the merged view of normal directories and/or files and/or other resources, as they would be if there was no actual segregation to virtual environments;
      
      c. At least in one mode the user and/or the administrator can see, in addition or instead of the merged view of the file system, the additional directories or subdirectories and/or files that are needed for the actual implementation and/or enforcing of the virtual environments, and/or the user and/or the administrator can switch back and forth between a mode where they are hidden and a mode where they are revealed;
      
      d. In the variations and/or in the modes where the user and/or the administrator is shown virtual files as if they really exist in the OS scope there is at least an indication near each such file and/or directory if it is a real file or a virtual file, and/or the user can see by clicking on the file and/or by the color of the file name or icon or other indication to which VE it really belongs;
      
      e. The Security system includes also its special disk repair and/or rescuer and/or maintenance utilities and/or can interfere in the operation of other such utilities so that questions can be displayed to the user through the merged view;
      
      f. If a process in memory or a program on the disk or other non-volatile storage changes, it is automatically transferred to another Virtual Environment;
      
      g. If a program lets the user choose from a menu to reopen a recent file or a program needs to re-access recently accessed files, the Security System automatically allows the program to reopen a limited number of the last files that it was allowed to open, for a limited time.
  - 71. The system of claim 19 wherein if the Security System is installed on a computer that already has other programs installed on it after the OS, at least one of the following features exists:
    - a. The Security System is able to cause installed programs to automatically uninstall themselves virtually, so that the uninstalling program doesn'"'"'t really uninstall, but the security system tracks the steps of the attempted uninstall and thus can learn about the associated files and directories and/or other resources;
      
      b. The Security system can use various heuristics in order to define the boundaries of VE'"'"'s of programs that were already installed before the Security System, and these heuristics include automatically limiting them by default to their default directories and subdirectories;
      
      c. In an organization one computer can be used for learning all of the segregation rules and virtual environment parameters for each program, and this knowledge can be transferred to all the other computers in the organization, without the need to install the Security System before the other applications in the other computers.
  - 73. The system claim 19 wherein embedded objects or plug-ins are executed each at a separate VE but appear visually integrated, and at least one of the following features exists:
    - a. There is no real connection between the two objects other than their internal communication stream;
      
      b. The security system filters or controls the communication between the two objects;
      
      c. The visual integration is implemented with the aid of a graphical proxy, which makes a combination of programs look as if they are integrated, while in reality they run in different VEs;
      
      d. Each COM (Component Object Module) server is allowed to run only in one VE, thus avoiding the situation where the same COM server could be giving services at the same time to programs that are on separate VEs.
  - 75. The security system of claim 1 wherein the security system and/or firewall prevents applications and/or drivers from accessing directly at all or at least without user permission the hardware ports of and/or the actual device drivers that physically access at least one of the communication channels and the storage devices.
  - 76. The system of claim 75 wherein this is done by at least one of:
    - a. Hooking also the lower-level functions and preventing applications from calling them not through the normal kernel interfaces;
      
      b. Hooking also the lower-level functions and preventing applications from calling them without user permission, at least the first time they do it;
      
      c. Limiting the types of hardware that installed drivers can access.
  - 81. The system of claim 1 wherein virtual sharing is done so that, unless explicitly allowed by the user, when an executable tries to change a shared resource, it is given the illusion that it has accessed it, but in reality the executable is redirected to a separate private sub-directory which only it can access.
  - 82. The system of claim 1 wherein at least one general trusted area and at least one non-trusted area are enforced by creating at least two VEs, one for the trusted area and one for the non-trusted area, and enforcing the virtual sharing of resources between them, so that each VE sees only itself and the OS.
  - 84. The system of claims 19 wherein OS services are handled by at least one of the following ways:
    - a. At least some of the services are duplicated so that each VE has a different copy of the thread or process of the service that is running for that VE;
      
      b. At least some of the services are initially duplicated only into stubs or empty shells for each VE in order not to use up resources before they are needed, and the stub or shell is loaded with actual resources only when it becomes needed;
      
      c. At least some of the services, instead of being duplicated, are regarded as an extension of the OS and thus treated like other shared resources.
  - 85. The system claim 19 wherein in order to enable efficient searchable indexing at least one of the following is done:
    - a. Only one or a few special applications which are part of the OS or of the Security system are allowed to run such indexing on the entire computer, and normal applications which are limited to their own VE can only create and/or use such index in their own VE;
      
      b. There is only one or more global indexes that are conducted by the appropriate OS or security application, and in this index or indexes each file or resource has a code or mark that indicates the VE to which it belongs, and when accessing this index only the files or other elements that belong to the appropriate VE or VEs are made visible.
  - 86. The system of claim 19 wherein separate VEs with virtual sharing are used to enforce better segregation between users, so that each user has at least one VE of his/her own, and/or to enforce different profiles or configurations for the same users.
  - 88. The system of claim 86 wherein the use of special VE'"'"'s to separate between users is at least one of:
    - a. In addition to the normal division into users, so that once the user enters the computer in the Special VE that he/she desires, he/she can still use within it a system of normally defined users and administrator;
      
      b. Integrated with the OS, so that the experience of division into users and administrator is the same, but the higher separation is enforced by the use of VEs with virtual sharing.
  - 89. The security system of claim 1 wherein the security system and/or firewall prevents applications and/or drivers from accessing without user permission also USB devices.
  - 90. The security system of claim 1 wherein the security system and/or firewall prevents applications and/or drivers from accessing without user permission also at least one of Bluetooth communication devices, infra-red, and other wireless communication channels.
  - 91. The security system of claim 1 wherein the security system and/or firewall prevents applications and/or drivers from accessing without user permission at least one of Fax sending functions and other TAPI functions.
  - 93. The security system of claim 1 wherein when looking at the authorizations table the user is shown also at least one of:
    - a. Which programs have been given temporary access rights to the communication channels;
      
      b. How long ago the temporary or non-temporary permission was given;
      
      c. How much data that program has already sent out and/or received during the current Internet session and/or for a certain time period.

2-18. -18. (canceled)

20-66. -66. (canceled)

67. A security system and/or firewall that asks the user for confirmation when at least one of the following activities occur:
- a. Multiple E-mails are being sent out consecutively;
  
  b. The e-mail message or messages include an attachment or attachments which are executable files.

68. (canceled)

70. The system of claim 6919 wherein when running virus-scan programs, at least one of the following features exists:
- a. The virus-scan program can access freely all the real files and directories, including files and/or directories created for the implementation of Copy-On-Write or of sub-VEs;
  
  b. When the anti-virus program reports a virus or asks the user for a confirmation for deleting a virus, the user can be exposed also to the special files and/or directories;
  
  c. The Security System comes with its own special anti-virus program or programs, or it interferes whenever the anti-virus program wants to show the user any of these special files or directories, and then the security system can answer automatically instead of the user and/or questions can be displayed to the user through the merged view;
  
  d. The Security System lets the antivirus run automatically each time on the next VE, seeing each time only the scope of that VE;
  
  e. The Security System ruins either a special antivirus or interferes when the antivirus shows results and then reports the results to the users in terms of VE'"'"'s, and/or can ask the user if he want to remove the virus or remove the entire VE.

72. (canceled)

74. (canceled)

77. A security system wherein in an organization the Security System of the central authority and/or of the system administrator and/or a gateway computer through which the other computers access the web—
- automatically checks at least once in a while if the Security System is functioning properly on the other computers.
- View Dependent Claims (78)
- - 78. The system of claim 77 wherein this checking is done by sending a short communication that contains special codes with different keys for each computer, so that only an active Security System can respond to it properly.

79. (canceled)

80. (canceled)

83. (canceled)

87. (canceled)

92. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Batya Barhon Mayer
Original Assignee
Batya Barhon Mayer
Inventors
Dechovich, Zak, Mayer, Yaron

Granted Patent

US 9,213,836 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/55 Detecting local intrusion o...

G06F 21/56 Computer malware detection ...

System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

318 Citations

93 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

318 Citations

93 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links