Integrating security protection tools with computer device integrity and privacy policy

US 20080022093A1
Filed: 06/20/2006
Published: 01/24/2008
Est. Priority Date: 06/20/2006
Status: Active Grant

First Claim

Patent Images

1. An integrity and privacy protection method for an operating system of a computer device comprising:

in response to installing a program on a computer device that includes the operating system, a monitor within the operating system assigning a monitoring program for the program being installed, wherein the monitor assigning an integrity and/or privacy label to the monitoring program that is based on predetermined criteria associated with the program being installed, the monitoring program assigning an integrity and/or privacy label to the program being installed that is equal to or less than the integrity and/or privacy label assigned to the monitoring program by the monitor; and

,after the program is installed (“

installed program”

), in response to the installed program seeking to access data or another program on the computer device, or a remote network resource connected to the computer device, the monitor deciding whether to allow access or deny access based on the integrity and/or privacy label assigned to the installed program by the monitoring program.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.

41 Citations

View as Search Results

20 Claims

1. An integrity and privacy protection method for an operating system of a computer device comprising:
- in response to installing a program on a computer device that includes the operating system, a monitor within the operating system assigning a monitoring program for the program being installed, wherein the monitor assigning an integrity and/or privacy label to the monitoring program that is based on predetermined criteria associated with the program being installed, the monitoring program assigning an integrity and/or privacy label to the program being installed that is equal to or less than the integrity and/or privacy label assigned to the monitoring program by the monitor; and
  
  ,after the program is installed (“
  
  installed program”
  
  ), in response to the installed program seeking to access data or another program on the computer device, or a remote network resource connected to the computer device, the monitor deciding whether to allow access or deny access based on the integrity and/or privacy label assigned to the installed program by the monitoring program.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 1, wherein the operating system of the computer device includes an Operating System Reference Monitor (SRM) that assigns an integrity and/or privacy label to the monitoring program.
  - 3. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 2, wherein the monitoring program is a System Protection Policy (SPP) program.
  - 4. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 1, wherein the monitoring program monitors the installed program and advises the monitor when the installed program is seeking access to the data or another program on the computer device, or the remote network resource connected to the computer device.
  - 5. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 1, wherein the monitor assigns a plurality of monitoring programs, wherein each monitoring program assigned an integrity and/or privacy label, wherein the integrity and/or privacy label assigned to the program being installed is based on the integrity and/or privacy label assigned to each of the plurality of monitoring programs and wherein the integrity and/or privacy label of one of the plurality of monitoring programs is chosen as the integrity and/or privacy label of the installed program.
  - 6. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 5, wherein the integrity and/or privacy label assigned to each of the plurality of monitoring programs is assigned based on a different criterion associated with the program being installed.
  - 7. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 3, wherein the criterion is chosen from a group including a signature file included in the program being installed and code that defines the origination of the program being installed.
  - 8. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 1, wherein the integrity and/or privacy label assigned to the monitoring programs and the program being installed cannot be altered unless the program being installed is altered.
  - 9. An integrity and privacy protection method for the operating system of a computer device as claimed in claim 1, wherein the operating system includes a database for storing the integrity and/or privacy label of the program being installed and the integrity and/or privacy label of the data and another program on the computer device, and the remote network resource connected to the computer device for use in allowing or denying access to the data or another program on the computer device, or the remote network resource connected to the computer device when the installed program seeks to access the data or another program on the computer device, or the remote network resource connected to the computer device.

10. An integrity and privacy protection method for a computer device that includes an Operating System Reference Monitor (SRM) comprising:
- initiating on computer device power on the ability of the SRM to assign a monitoring program;
  
  in response to receiving a request to install a program on the computer device, the SRM assigning the monitoring program to the program being installed, the monitoring program assigning an integrity and/or privacy label based on the program being installed;
  
  the monitoring program assigning an integrity and/or privacy label to the program being installed;
  
  the monitoring program monitoring the program being installed after installation to detect requests by the installed program for access to data or another program on the computer device, or a remote network resource connected to the computer device;
  
  in response to the monitoring program detecting a request by the installed program for access to the data or another program on the computer device, or the remote network resource connected to the computer device, the SRM determining if the integrity and/or privacy label assigned to the installed program is adequate for the installed program to access the requested data or another program on the computer device, or the remote network resource connected to the computer device.
- View Dependent Claims (11)
- - 11. An integrity and privacy protection method as claimed in claim 10, wherein the SRM determines if the integrity and/or privacy label assigned to the installed program is adequate for the installed program to access the requested data or another program on the computer device, or the remote network resource connected to the computer device by comparing the integrity and/or privacy label assigned to the installed program and an integrity and/or privacy label assigned to the data and another program on the computer device, and the remote network resource connected to the computer device, and wherein the SRM enforces an integrity and/or privacy policy by allowing the installed program access to the data or another program on the computer device, or the remote network resource connected to the computer device if the integrity and/or privacy label assigned to the installed program is equal to or more than the integrity and/or privacy label assigned to the data or another program on the computer device, or the remote network resource connected to the computer device.

12. A computer device including an operating system that includes a monitor for:
- assigning monitoring programs for monitoring installed programs on the computer device, each monitoring program assigned an integrity and/or privacy label by the monitor based on predetermined criteria, each monitoring program monitoring the operation of a related installed program on the computer device;
  
  in response to installing a program on the computer device, assigning a monitoring program for the program being installed and assigning an integrity and/or privacy label to the monitoring program based on the predetermined criteria;
  
  monitoring the operation of the program being installed after the program is installed (“
  
  installed program”
  
  ) to determine if the installed program is requesting access to data or another program on the computer device, or a remote network resource connected to the computer device; and
  
  in response to determining that the installed program is requesting access to the data or another program on the computer device, or the remote network resource connected to the computer device, granting or denying the request based on an integrity and/or privacy label assigned by the monitoring program to the installed program.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. A computer device as claimed in claim 12, wherein the monitor is an operating System Reference Monitor (SRM).
  - 14. A computer device as claimed in claim 13, wherein the SRM assigns more than one monitoring programs for the program being installed, and assigns an integrity and/or privacy label to each monitoring program based on a different predetermined criteria.
  - 15. A computer device as claimed in claim 14, wherein the integrity and/or privacy label assigned to each monitoring program is based on criteria associated with the program being installed.
  - 16. A computer device as claimed in claim 15, wherein the criteria is chosen from a group that includes a signature file included in the program being installed and code that defines the origination of the program being installed.
  - 17. A computer device as claimed in claim 14, wherein the integrity and/or privacy label assigned to each monitoring program and the integrity and/or privacy label assigned to the program being installed cannot be altered unless the program being installed is altered.
  - 18. A computer device as claimed in claim 14, wherein the monitor uses trusted computing base (TCB) data that includes the integrity and/or privacy label of the data and another program on the computer device, and the remote network resource connected to the computer device that the installed program is requesting access to decide whether to grant or deny the request.
  - 19. A computer device as claimed in claim 12, wherein the monitor decides whether to grant or deny the request based on comparing the integrity and/or privacy label assigned by the monitoring program to the program being installed and an integrity and/or privacy label associated with the data and another program on the computer device, and the remote network resource connected to the computer device.
  - 20. A computer device as claimed in claim 19, wherein the integrity and/or privacy label assigned to the program being installed and the integrity and/or privacy label assigned to the data and another program on the computer device, and the remote network resource connected to the computer device are stored in a table located in a trusted section of a memory of the computer device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Nagampalli, Narasimha Rao, Brundrett, Peter T., Hamblin, Jeffrey B., Field, Scott, Kurien, Thekkthalackal Varugis

Granted Patent

US 8,117,441 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/51   at application loading time...

G06F 21/53   by executing in a restricte...

Integrating security protection tools with computer device integrity and privacy policy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Integrating security protection tools with computer device integrity and privacy policy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links