Method for protecting computer programs and data from hostile code
First Claim
1. A computerized method of managing a computer'"'"'s operation, comprising:
- providing a filter enveloping an operating system of said computer;
whenever a new program is introduced to said computer and prior to any part of said program reaching the operating system, having said filter perform a check to classify said program as one of trusted, untrusted or forbidden.
4 Assignments
0 Petitions
Accused Products
Abstract
A method that protects computer data from untrusted programs. Each computer'"'"'s object and process is assigned with trust attributes, which define the way it can interact with other objects within the system. When an object is classified as untrusted, it can interact with other object within the system on a limited basis. A virtualized system is provided on the computer so that when the untrusted object attempts to perform an operation that is outside its scope of authorization, the virtualized system intercepts the operation but present the untrusted program with an indication that the requested operation has been performed. The method further includes processes to securely move a program from an untrusted group to a trusted group.
-
Citations
28 Claims
-
1. A computerized method of managing a computer'"'"'s operation, comprising:
-
providing a filter enveloping an operating system of said computer;
whenever a new program is introduced to said computer and prior to any part of said program reaching the operating system, having said filter perform a check to classify said program as one of trusted, untrusted or forbidden. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 26, 27, 28)
-
-
17. A computerized virtualization method for computer operation, comprising:
-
intercepting an operation request sent from a requesting program to an operating system;
modifying the operation request to obtain a modified operation request;
providing the modified operation request to the operating system;
sending to the requesting program an indication that the operation request has been performed by the operating system, to thereby virtualize the operation request. - View Dependent Claims (18, 19, 20)
-
-
21. In a network system having at least one client computer connected to a server, a computerized method of managing said client computer'"'"'s operation, comprising:
-
providing a repository storage coupled to said server;
when a new designated program is installed on said computer by a user, storing a designated copy of said designated program in said repository storage;
allowing said designated program to run on said computer on a limited basis;
when said user sends a request to said server to run said designated program in an unlimited basis, deleting said designated program from said computer and installing on said computer said designated copy with a permission to run on an unlimited basis. - View Dependent Claims (22, 23)
-
-
24. A network architecture resilient to network attacks, comprising:
-
a server connected to a network and having a client control program installed thereon;
at least one client computer connected to said network and having a filter program installed thereon;
wherein when an installation of a new program on said computer is attempted, said filter program analyzes said program to verify whether said program should be allowed to be installed on said computer and;
if yes, the filter program allows said program to be installed or run;
if indecisive, a query is sent to said server for said client control program to provide instructions to said filter program as to whether said program should be allowed to be installed on said computer. - View Dependent Claims (25)
-
Specification