Strategies for ensuring that executable content conforms to predetermined patterns of behavior ("inverse virus checking")
First Claim
1. A method for reducing the risk that executable content performs undesirable actions, comprising:
- receiving executable content; and
determining, with reference to a knowledge base of predetermined permissible patterns of behavior, whether the executable content is unlikely to perform undesirable actions.
2 Assignments
0 Petitions
Accused Products
Abstract
Security provisions are described which determine whether or not executable content is likely to perform undesirable actions. The security provisions assess that an executable content item poses an acceptable risk when it conforms to an allow list of predetermined patterns of permissible behavior. The security provisions find exemplary use in the context of an instant messaging environment, where participants can consume and propagate executable content in the course of conducting a communication session. Supplemental rules are described which prevent malicious code from subverting the allow list design paradigm.
-
Citations
20 Claims
-
1. A method for reducing the risk that executable content performs undesirable actions, comprising:
-
receiving executable content; and
determining, with reference to a knowledge base of predetermined permissible patterns of behavior, whether the executable content is unlikely to perform undesirable actions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. Conformance-checking functionality for reducing the risk that executable content performs undesirable actions, comprising:
-
logic configured to receive the executable content; and
logic configured to determine, with reference to a knowledge base of predetermined permissible patterns of behavior, whether the executable content is unlikely to perform undesirable actions. - View Dependent Claims (13)
-
-
14. A method for communicating using an instant messaging application, comprising:
-
receiving executable content by a client device;
determining, with reference to a knowledge base of predetermined permissible patterns of behavior, whether the executable content is unlikely to perform undesirable actions; and
using the executable content in an instant messaging communication session if it is determined that the executable content is unlikely to perform undesirable actions. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification