DIGITAL PROTECTION THAT TRAVELS WITH DATA

US 20160188878A1
Filed: 12/13/2013
Published: 06/30/2016
Est. Priority Date: 09/27/2013
Status: Active Grant

First Claim

Patent Images

1-25. -25. (canceled)

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure relates to a system and method for performing antimalware scanning of data files that is data-centric rather than device-centric, In the example, a plurality of computing devices are connected via a network. An originating device creates or first receives data, and scans the data for malware, After scanning the data, the originating device creates and attaches to the data a metadata record including the results of the malware scan, The originating device may also scan the data for malware contextually-relevant to a second device.

35 Citations

View as Search Results

49 Claims

1-25. -25. (canceled)

26. At least one machine readable non-transitory storage medium having instructions stored thereon for providing data-centric computer security between a first device and a second device remote from the first device, wherein the instructions when executed by at least one processor cause the at least one processor to perform the following operations:
- scanning a data file using a security scanner at the first device;
  
  creating a record associated with the data file based in part on results from the security scanner, the record comprising;
  
  an identifier of the data file, a cryptographic hash of the data file, device information associated with the first device, scan information associated with the security scanner, user information associated with a user of the first device, and a time stamp of the record; and
  
  making the record accessible by the second device.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The at least one machine readable non-transitory storage medium according to claim 26, wherein the operations further comprises:
    - scanning the data file for malware contextually relevant to the second device based on contextual information received from the second device.
  - 28. The at least one machine readable non-transitory storage medium according to claim 26, wherein:
    - the device information comprises at least one of;
      
      reputation of the device, identifier of the security software, version of the security software; and
      
      operating system platform version.
  - 29. The at least one machine readable non-transitory storage medium according to claim 26, wherein:
    - the scan information comprises at least one of;
      
      scan status or results, scan parameters, and target platforms for which the security scanner scanned.
  - 30. The at least one machine readable non-transitory storage medium according to claim 26, wherein:
    - the user information comprises at least one of;
      
      reputation of the user of the first device, and the manner in which the user of the first device is linked to a user of the second device.
  - 31. The at least one machine readable non-transitory storage medium according to claim 26, wherein the record further comprises privacy information comprising at least one of:
    - privacy reputation of a user of the first device, and the manner in which the user of the first device is linked to a user of the second device.
  - 32. The at least one machine readable non-transitory storage medium according to claim 26, wherein making the record accessible by the second device comprises:
    - transmitting the record associated with the data file along with the data file from the first device to the second device.
  - 33. The at least one machine readable non-transitory storage medium according to claim 26, wherein making the record accessible by the second device comprises:
    - transmitting the record associated with the data file to a network resource, wherein the network resource is accessible by the second device.

34. At least one machine readable non-transitory storage medium having instructions stored thereon for providing data-centric computer security between a first device and a second device remote from the first device, wherein the instructions when executed by at least one processor cause the at least one processor to perform the following operations:
- receiving a record at a sharing service system from the first device, wherein the record is associated with a data file and comprises an identifier of the data file, a cryptographic hash of the data file, device information associated with the first device, scan information associated with the security scanner, user information associated with a user of the first device, and a time stamp of the record;
  
  querying the second device to retrieve information associated with the second device and/or user information associated with a user of the second device; and
  
  providing at least a part of the record or a derivation thereof to the second device based on the information associated with the second device and/or the user information associated with the user of the second device.
- View Dependent Claims (35)
- - 35. The at least one machine readable non-transitory storage medium of claim 34, wherein the operations further comprises:
    - augmenting the record, before providing the record to the second device, with user reputation information determined based on a history associated with the user of the first device.

36. At least one machine readable non-transitory storage medium having instructions stored thereon for providing data-centric computer security between a first device and a second device remote from the first device, wherein the instructions when executed by at least one processor cause the at least one processor to perform the following operations:
- receiving a data file at the second device;
  
  retrieving a record associated with the data file, wherein the record comprises;
  
  an identifier of the data file, a cryptographic hash of the data file, device information associated with the first device, scan information associated with the security scanner, user information associated with a user of the first device, and a time stamp of the record; and
  
  rendering at least a part of the record or a derivation thereof for display to a user at the second device.
- View Dependent Claims (37, 38, 39, 40, 41)
- - 37. The at least one machine readable non-transitory storage medium according to claim 36, wherein rendering the record for display comprises:
    - providing a first user interface element indicating an overall level of safety of the data file for the second device, wherein the overall level of safety is determined based on the cryptographic hash of the data file, the device information, the scan information, and the user information.
  - 38. The at least one machine readable non-transitory storage medium according to claim 37, further comprising:
    - determining the overall level of safety of the data file for the second device based further on device information associated with the second device and/or user information associated with a user of the second device.
  - 39. The at least one machine readable non-transitory storage medium according to claim 36, wherein rendering the record for display comprises providing a second user interface element displaying one or more of the following:
    - a device reputation indicator determined based on the device information associated with the first device;
      
      a user reputation indicator determined based on the user information associated with the user of the first device; and
      
      a file reputation indicator determined based on the cryptographic hash and the scan information.
  - 40. The at least one machine readable non-transitory storage medium according to claim 36, wherein the record further comprises privacy information comprising at least one of:
    - privacy reputation of a user of the first device, and the manner in which the user of the first device is linked to a user of the second device.
  - 41. The at least one machine readable non-transitory storage medium according to claim 40, wherein rendering the record for display comprises providing a second user interface element displaying one or more of the following:
    - a privacy reputation indicator determined based on the privacy information and user information associated with the user of the second device.

42. An apparatus for providing data-centric computer security between a first device and a second device remote from the first device, the apparatus comprising:
- at least one memory element;
  
  at least one processors coupled to the at least one memory element;
  
  a file sharing client of the first device that when executed by the at least one processors is configured to;
  
  create a record associated with a data file based in part on scan results from a security scanner of the first device, the record comprising;
  
  an identifier of the data file, a cryptographic hash of the data file, device information associated with the first device, scan information associated with the security scanner, user information associated with a user of the first device, and a time stamp of the record; and
  
  make the record accessible by the second device.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49)
- - 43. The apparatus according to claim 42, wherein:
    - the file sharing client is further configured to receive contextual information associated with the second device from the second device; and
      
      the security scanner of the first device is configured to scan the data file for malware contextually relevant to the second device based on contextual information received from the second device.
  - 44. The apparatus according to claim 42, wherein:
    - the device information comprises at least one of;
      
      reputation of the device, identifier of the security software, version of the security software; and
      
      operating system platform version.
  - 45. The apparatus according to claim 42, wherein:
    - the scan information comprises at least one of;
      
      scan status or results, scan parameters, and target platforms for which the security scanner scanned.
  - 46. The apparatus according to claim 42, wherein:
    - the user information comprises at least one of;
      
      reputation of the user of the first device, and the manner in which the user of the first device is linked to a user of the second device.
  - 47. The apparatus according to claim 42, wherein the record further comprises privacy information comprising at least one of:
    - privacy reputation of a user of the first device, and the manner in which the user of the first device is linked to a user of the second device.
  - 48. The apparatus according to claim 42, wherein the file sharing client of the first client device is further configured to transmit the record associated with the data file along with the data file from the first device to the second device.
  - 49. The apparatus according to claim 42, wherein the file sharing client of the first client device is further configured to transmit the record associated with the data file to a network resource, wherein the network resource is accessible by the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
KULKARNI, DATTATRAYA, NALLURI, SRIKANTH, HALDER, KAMLESH, KRISHNAPUR, VENKATASUBRAHMANYAM, SHANKAR, SHAILAJA, DHRUW, KAUSHAL KUMAR

Granted Patent

US 10,417,417 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/567   using dedicated hardware

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/033   Test or assess software

G06F 2221/034   Test or assess a computer o...

DIGITAL PROTECTION THAT TRAVELS WITH DATA

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

49 Claims

Specification

Use Cases

Quick Links

Others

DIGITAL PROTECTION THAT TRAVELS WITH DATA

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

49 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others