SYSTEMS AND METHODS FOR IMPLEMENTING APPLICATION CONTROL SECURITY

US 20140208107A1
Filed: 03/26/2014
Published: 07/24/2014
Est. Priority Date: 10/11/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

(a) storing, on a first computerized device, at least an unencrypted first white-list and an encrypted second white-list;

(b) receiving at the first computerized device, and from a second device, all or part of a unique identifier of the second device;

(c) decrypting, at the first computerized device, the encrypted second white-list using all or part of the unique identifier of the second device, thereby creating a decrypted second white-list;

(d) determining whether an executable program is referenced in the decrypted second white-list; and

(e) based on the determining step, allowing or disallowing execution by the first computerized device of the executable program.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for implementing application control security are disclosed. In one embodiment, a system includes a first device, a decrypted white-list, and an executable program. The first device may be in electrical communication with a memory containing an encrypted white-list. The encrypted white-list may be decrypted using an identifier of a second device. The executable program may be referenced in the decrypted white-list.

12 Citations

View as Search Results

19 Claims

1. A method comprising:
- (a) storing, on a first computerized device, at least an unencrypted first white-list and an encrypted second white-list;
  
  (b) receiving at the first computerized device, and from a second device, all or part of a unique identifier of the second device;
  
  (c) decrypting, at the first computerized device, the encrypted second white-list using all or part of the unique identifier of the second device, thereby creating a decrypted second white-list;
  
  (d) determining whether an executable program is referenced in the decrypted second white-list; and
  
  (e) based on the determining step, allowing or disallowing execution by the first computerized device of the executable program.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the first computerized device and the second device have access to a network, the method comprising:
    - transmitting a request onto the network, and performing the receiving step (b) in response to the transmitting step.
  - 3. The method of claim 2, wherein the request is an address resolution protocol.
  - 4. The method of claim 1, comprising:
    - disallowing, prior to the receiving step (b), execution of the executable program on the first computerized device.
  - 5. The method of claim 1, comprising:
    - creating an unencrypted second white-list;
      
      receiving all or part of the unique identifier of the second device;
      
      encrypting the unencrypted second white-list via all or part of the unique identifier of the second device;
      
      thereby creating the encrypted second white-list.
  - 6. The method of claim 1, comprising:
    - transmitting, prior to the receiving step (b), the unique identifier of the second device to the first computerized device.
  - 7. The method of claim 1, wherein the unique identifier of the second device is dreived from a biometric, reader.
  - 8. The method of claim 1:
    - wherein a partitioned white-list comprises the unencrypted first white-list and the encrypted second white-list;
      
      wherein the partitioned white-list is partitioned into at least a first partition and a second partition;
      
      wherein the first partition comprises the unencrypted first white-list; and
      
      wherein the second partition comprises the encrypted second white-list.
  - 9. The method of claim 1, wherein the first device receives the encrypted second white-list from a memory in electrical communication with the first computerized device.
  - 10. The method of claim 9, comprising:
    - deleting the second encrypted white-list from the memory.
  - 11. The method of claim 1, wherein the first device and the second device are both mobile devices.

12. A method comprising:
- (a) storing, on a first computerized device, at least an unencrypted first white-list and an encrypted second white-list;
  
  (b) receiving at the first computerized device and from a second device all or part of a unique identifier of the second device;
  
  (c) receiving at the first computerized device and from a third device all or part of a unique identifier of the third device;
  
  (d) creating by the first computerized device a composite identifier from at least a portion of the unique identifier of the second device and from at least a portion of the unique identifier of the third device;
  
  (e) decrypting, at the first computerized device, the encrypted second white-list using all or part of the composite identifier, thereby creating a decrypted second white-list;
  
  (f) determining whether an executable program is referenced in the decrypted second white-list; and
  
  (g) based on the determining step, allowing or disallowing execution by the first computerized device of the executable program.
- View Dependent Claims (13)
- - 13. The method of claim 12, wherein the third device is a mobile device.

14. A system comprising:
- (a) a first computerized device, wherein the first device is adapted to store at least an unencrypted first white-list and an encrypted second white-list;
  
  (b) a second device adapted to transmit a unique identifier of the second device;
  
  wherein first computerized device is adapted to decrypt the encrypted second white-list using all or part of a unique identifier of a second device, thereby creating a decrypted second white-list; and
  
  (c) an executable program, wherein the executable program is referenced in the decrypted second white-list.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein:
    - the first device comprises a partitioned white-list;
      
      wherein the partitioned white-list comprises;
      
      (i) a first partition, wherein the first partition comprises the unencrypted first white-list; and
      
      (ii) a second partition, wherein the second partition comprises the encrypted second white-list.
  - 16. The system of claim 14, wherein the first device and the second device are both mobile devices.
  - 17. The system of claim 16, wherein the encrypted white-list is decrypted using a composite identifier comprising all or part of the unique identifier of the second device and all or part of a unique identifier of a third device.
  - 18. The system of claim 17, wherein the third device is a mobile device.
  - 19. The system of claim 14, wherein the system comprises a plurality of executable programs;
    - wherein a first executable program is referenced in the unencrypted first white-list;
      
      wherein a second executable program is the executable program referenced in the encrypted second white-list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lumension Security, Inc. (Ivanti Software, Inc.)
Original Assignee
Lumension Security, Inc. (Ivanti Software, Inc.)
Inventors
Kelly, Ciaran, Molloy, Iarla

Application Number

US14/226,294
Publication Number

US 20140208107A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/51   at application loading time...

G06F 21/6218   to a system of files or obj...

G06F 2221/2153   Using hardware token as a s...

H04L 63/0428   wherein the data content is...

SYSTEMS AND METHODS FOR IMPLEMENTING APPLICATION CONTROL SECURITY

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

SYSTEMS AND METHODS FOR IMPLEMENTING APPLICATION CONTROL SECURITY

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others