Single point of entry/origination item scanning within an enterprise or workgroup
First Claim
1. A method for reducing malicious code within a computer system comprising:
- (a) scanning an item with a trusted virus scanner;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free; and
(c) appending to the item a pointer pointing to the certificate in a database, wherein the pointer is a globally unique identifier.
13 Assignments
0 Petitions
Accused Products
Abstract
A method and system for on-access virus scanning within an enterprise or in a workgroup, where all users are authenticated against a trusted certificate authority. The first time an item, such as an executable file or document, is accessed, it is scanned for viruses, worms, trojan horses, or other malicious code, and, after the item is determined to be free from threats or is corrected, a certificate noting this information is generated. At the same time a Globally Unique Identifier (“GUID”) is generated and appended to the item. The certificate contains various information, including the identity of the scanner that performed the virus check, as well as a means for determining if the original item has been altered since it was scanned, and is stored in a certificate database. The GUID is used as a pointer for locating the certificate. A subsequent user who accesses the item will detect the GUID and can use the GUID to locate the certificate for the item. If the certificate can be located and has not been tampered with and the item has not been changed since it was scanned, the subsequent user can access the item without re-scanning it.
-
Citations
22 Claims
-
1. A method for reducing malicious code within a computer system comprising:
-
(a) scanning an item with a trusted virus scanner;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free; and
(c) appending to the item a pointer pointing to the certificate in a database, wherein the pointer is a globally unique identifier. - View Dependent Claims (2, 3)
-
-
4. A method for reducing computer viruses, worms, trojan horses, and other malicious code within a computer system comprising:
-
(a) scanning an item with a trusted virus scanner;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free;
(c) maintaining the certificate in a database;
(d) appending to the item a pointer pointing to the certificate in the database, wherein the pointer is a globally unique identifier; and
before allowing a user to access the item;
(i) examining the certificate to confirm that the item has been previously scanned by a trusted virus scanner;
(ii) confirming that the item has not been altered since it was scanned by the trusted virus scanner;
(iii) confirming that the certificate has not been tampered with.
-
-
5. A method for reducing computer viruses, worms, trojan horses, and other malicious code within a computer system comprising:
-
(a) scanning an item with a trusted virus scanner;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free;
(c) maintaining the certificate in a database;
(d) appending to the item a pointer pointing to the certificate in the database; and
before allowing a user to access the item;
(i) examining the certificate to confirm that the item has been previously scanned by a trusted virus scanner;
(ii) confirming that the item has not been altered since it was scanned by the trusted virus scanner;
(iii) confirming that the certificate has not been tampered with;
wherein the item is signed after it is scanned with a first digital signature;
wherein the pointer is signed after it is generated with a second digital signature;
wherein the certificate is signed after it is created with a third digital signature. - View Dependent Claims (6)
-
-
7. A method for reducing computer viruses, worms, trojan horses, and other malicious code within a computer system comprising:
-
(a) scanning an item with a trusted virus scanner;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free; and
before allowing a user to access the item;
(i) examining the certificate to confirm that the item has been previously scanned by a trusted virus scanner;
(ii) confirming that the item has not been altered since it was scanned by the trusted virus scanner;
(iii) confirming that the certificate has not been tampered with;
wherein the confirming that the item has not been altered and confirming that the certificate has not been tampered with are performed by verifying multiple digital signatures.
-
-
8. A system for checking for computer viruses, trojan horses, worms, and other malicious code comprising:
-
(a) at least one computer item capable of carrying computer viruses;
(b) at least one trusted virus scanner that includes a Certificate Authority and is capable of scanning the item, creating a corresponding certificate relating to the item after it is scanned that indicates the result of the virus scan;
(c) a corresponding certificate for items that have been previously scanned by the trusted virus scanner certifying that the item is free from viruses; and
(d) a verifier for verifying that the item has not been altered since it was scanned by the trusted virus scanner and that the certificate has not been tampered with. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for checking for computer viruses, trojan horses, worms, and other malicious code comprising:
-
(a) at least one computer item capable of carrying computer viruses;
(b) at least one trusted virus scanner that is capable of scanning the item, creating a corresponding certificate relating to the item after it is scanned that indicates the result of the virus scan;
(c) a corresponding certificate for items that have been previously scanned by the trusted virus scanner certifying that the item is free from viruses;
(d) a verifier for verifying that the item has not been altered since it was scanned by the trusted virus scanner and that the certificate has not been tampered with;
(e) an operating system which prevents users from accessing items that are not verified by the verification procedure; and
(f) a Certificate Authority built into the virus scanner.
-
-
16. A method for reducing computer viruses, worms, trojan horses, and other malicious code in one or more computer networks comprising:
-
(a) scanning an item residing in a first network with a virus scanner trusted by the first network;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free (d) transmitting a copy of the item to a second network;
(e) transmitting a copy of the certificate to the second network;
wherein a pointer is appended to the item, the pointer capable of pointing to the certificate regardless of whether the certificate is located in the first network or the second network. - View Dependent Claims (17)
-
-
18. A method for reducing computer viruses, worms, trojan horses, and other malicious code in one or more computer networks comprising:
-
(a) scanning an item residing in a first network with a virus scanner trusted by the first network;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free;
(c) establishing a Trust Relationship between the first network and a second network;
(d) transmitting a copy of the item to the second network;
(e) transmitting a copy of the certificate to the second network;
(f) maintaining the certificate in a second network database;
before allowing a user on the second network to access the item;
(i) examining the certificate to confirm that the item has been previously scanned by a virus scanner trusted by a network in a trust relationship with the second network;
(ii) confirming that the item has not been altered since it was scanned by the trusted virus scanner;
(iii) confirming that the certificate has not been tampered with.
-
-
19. A method for reducing computer viruses, worms, trojan horses, and other malicious code in one or more computer networks comprising:
-
(a) scanning an item residing in a first network with a virus scanner trusted by the first network;
(b) creating a certificate, if the scanning did not detect a virus, certifying that the item is virus free;
(c) establishing a Trust Relationship between the first network and a second network;
(d) transmitting a copy of the item to the second network;
(e) transmitting a copy of the certificate to the second network;
before allowing a user on the second network to access the item;
(i) examining the certificate to confirm that the item has been previously scanned by a virus scanner trusted by a network in a trust relationship with the second network;
(ii) confirming that the item has not been altered since it was scanned by the trusted virus scanner;
(iii) confirming that the certificate has not been tampered with;
wherein a pointer is appended to the item, the pointer capable of pointing to the certificate regardless of whether the certificate is located in the first network or the second network.
-
-
20. A certificate indicating that a computer item is free from threats comprising:
-
first portion having information indicating that the item has been scanned by a virus scanner and has been found to be free from computer viruses, trojan horses, worms, and other malicious code; and
a second portion comprising a digital signature;
wherein a pointer is capable of pointing to the certificate regardless of where the certificate is located on a network. - View Dependent Claims (21, 22)
-
Specification