Method for protecting computer programs and data from hostile code

US 20050223239A1
Filed: 06/02/2005
Published: 10/06/2005
Est. Priority Date: 01/19/2001
Status: Active Grant

First Claim

Patent Images

1. A computerized method of managing a computer'"'"'s operation, comprising:

providing a filter enveloping an operating system of said computer;

whenever a new program is introduced to said computer and prior to any part of said program reaching the operating system, having said filter perform a check to classify said program as one of trusted, untrusted or forbidden.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method that protects computer data from untrusted programs. Each computer'"'"'s object and process is assigned with trust attributes, which define the way it can interact with other objects within the system. When an object is classified as untrusted, it can interact with other object within the system on a limited basis. A virtualized system is provided on the computer so that when the untrusted object attempts to perform an operation that is outside its scope of authorization, the virtualized system intercepts the operation but present the untrusted program with an indication that the requested operation has been performed. The method further includes processes to securely move a program from an untrusted group to a trusted group.

Citations

28 Claims

1. A computerized method of managing a computer'"'"'s operation, comprising:
- providing a filter enveloping an operating system of said computer;
  
  whenever a new program is introduced to said computer and prior to any part of said program reaching the operating system, having said filter perform a check to classify said program as one of trusted, untrusted or forbidden.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 26, 27, 28)
- - 2. The computerized method of claim 1, wherein said check to classify said program as trusted comprises checking whether the program has been certified by at least one of a recognized certifying authority and/or an administrator.
  - 3. The computerized method of claim 1, wherein said check to classify said program as forbidden comprises checking whether the program is listed on a forbidden-program list.
  - 4. The computerized method of claim 1, wherein:
    - a. said check to classify said program as trusted comprises checking whether the program has been certified by at least one of a recognized certifying authority and/or an administrator;
      
      b. said check to classify said program as forbidden comprises checking whether the program is listed on a forbidden-program list; and
      
      classifying the program as untrusted whenever both checks a and b return a negative.
  - 5. The computerized method of claim 1, wherein when a program is classified as untrusted, said program is allowed to be installed and run on said computer, but is provided with a predefined limited access to the computer'"'"'s resources and files.
  - 6. The computerized method of claim 4, wherein when a program is classified as untrusted, said program is allowed to be installed and run on said computer, but is prevented from accessing a network connected to said computer and is prevented from changing any existing program that has been classified as trusted.
  - 7. The computerized method of claim 3, wherein said check to classify said program as trusted comprises checking whether the program is listed on a trusted-program list.
  - 8. The computerized method of claim 2, wherein said certification by an administrator comprises adding said file to a trusted-program list.
  - 9. The computerized method of claim 5, wherein said predefined limited access comprises at least one of i. preventing said file from accessing the network and ii. preventing said file from modifying any other file that has been classified as trusted.
  - 10. The computerized method of claim 1, wherein when a file is classified as an untrusted file, the untrusted file is installed on said computer but is allowed to run in a virtualized environment only.
  - 11. The computerized method of claim 10, wherein said virtualized environment causes the computer to:
    - intercept an operation request sent from the untrusted prgram to the computer'"'"'s operating system;
      
      modify the operation request to obtain a modified operation request;
      
      provide the modified operation request to the operating system;
      
      send to the untrusted program an indication that the operation request has been performed by the operating system, to thereby virtualize the operation request.
  - 12. The computerized method of claim 10, further comprising, enabling said computer to send an authorization request to a client server, said authorization request requesting that an untrusted file be reclassified as a trusted file;
    - and, whenever an authorization request is received by the client server, may perform one of i. approve, ii. stall, or iii. deny.
  - 13. The computerized method of claim 12, wherein said stall comprises indicating the time said authorization request has been made and postponing a decision as to whether to approve said reclassification until a specified period has lapsed.
  - 14. The computerized method of claim 12, wherein prior to making a decision as to whether to approve said authorization request, a malicious code scanning is performed on said untrusted file.
  - 15. The computerized method of claim 12, wherein said authorization request may include at least one of the indications i. whether the request is urgent and ii. whether the untrusted file is needed for a business or personal use.
  - 16. The computerized method of claim 12, further comprising:
    - providing a repository storage coupled to said client server;
      
      when an untrusted file is installed on said computer, storing a designated copy of said file in said repository storage;
      
      when an authorization request is approved by the client server, deleting said untrusted file from said computer and installing on said designated copy as a trusted file on said computer.
  - 26. The computerized method of claim 10, further comprising creating a virtualized directory on said computer and redirecting any I/O requests from untrusted programs to said virtualized directory.
  - 27. The computerized method of claim 26, wherein when the I/O request is to delete a file from a real directory, the method proceeds by creating a file with the same name in the virtualized directory, and adding to it an extension that indicates a deletion of the file, and returning a deletion completion indication to the requesting program.
  - 28. The computerized method of claim 27, wherein when a directory listing request is received, for each object name in the real directory the computer checks whether the same name exists in the virtual directory and:
    - if not, the computer includes the object name from the real directory in the listing if yes the computer checks to see whether an extension is attached to the file that indicates a delete operation, if yes, the computer does not include the object in the listing, and if no the computer includes the name of the virtual object in the listing.

17. A computerized virtualization method for computer operation, comprising:
- intercepting an operation request sent from a requesting program to an operating system;
  
  modifying the operation request to obtain a modified operation request;
  
  providing the modified operation request to the operating system;
  
  sending to the requesting program an indication that the operation request has been performed by the operating system, to thereby virtualize the operation request.
- View Dependent Claims (18, 19, 20)
- - 18. The computerized virtualization method according to claim 17, wherein said modifying the operation request comprises modifying the directory name of the operation request and providing a modified directory name to the operating system.
  - 19. The computerized virtualization method of claim 18, further comprising creating a virtualized directory and wherein said modified directory name refers to said virtualized directory.
  - 20. The computerized virtualization method of claim 19, wherein when a program requests to modify a file during a virtualized mode operation, the file is copied onto the virtualized directory and the requested modification is performed only on the copied file, while the original file remains unchanged.

21. In a network system having at least one client computer connected to a server, a computerized method of managing said client computer'"'"'s operation, comprising:
- providing a repository storage coupled to said server;
  
  when a new designated program is installed on said computer by a user, storing a designated copy of said designated program in said repository storage;
  
  allowing said designated program to run on said computer on a limited basis;
  
  when said user sends a request to said server to run said designated program in an unlimited basis, deleting said designated program from said computer and installing on said computer said designated copy with a permission to run on an unlimited basis.
- View Dependent Claims (22, 23)
- - 22. The method of claim 21, wherein said designated program comprises an untrusted program.
  - 23. The method of claim 22, wherein said untrusted program comprises a program which is not listed on a forbidden-program list and a trusted-program list.

24. A network architecture resilient to network attacks, comprising:
- a server connected to a network and having a client control program installed thereon;
  
  at least one client computer connected to said network and having a filter program installed thereon;
  
  wherein when an installation of a new program on said computer is attempted, said filter program analyzes said program to verify whether said program should be allowed to be installed on said computer and;
  
  if yes, the filter program allows said program to be installed or run;
  
  if indecisive, a query is sent to said server for said client control program to provide instructions to said filter program as to whether said program should be allowed to be installed on said computer.
- View Dependent Claims (25)
- - 25. The network architecture of claim 24, wherein when the outcome of said query is sent to said server, said server performs an integrity test on said program prior to allowing said program to run on an unlimited basis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BUFFERZONE Security Ltd.
Original Assignee
Trustware International Limited
Inventors
Dotan, Eyal

Granted Patent

US 7,613,930 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/188
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/6281   at program execution time, ...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2149   Restricted operating enviro...

Method for protecting computer programs and data from hostile code

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting computer programs and data from hostile code

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links