Temporal access control for computer virus prevention

US 7,483,993 B2
Filed: 10/04/2002
Issued: 01/27/2009
Est. Priority Date: 04/06/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A system for preventing infection of a host system by a virus, the system comprising a computer readable storage medium having computer program instructions encoded therein, the computer program instructions comprising:

a memory module configured to store a time stamp indicating a time at which a computer code was introduced to the host system; and

an access control module coupled to the memory module and configured to;

receive an access control message including an access control time, wherein the access control time is expressed as a duration of time;

prevent execution of the computer code on the host system when the time stamp indicates a time within the duration of time expressed by the access control time;

receive a second access control message subsequent to the access control message previously received, the second access control message including a second access control time representing a shorter duration of time than the access control time of the access control message previously received; and

responsive to receiving the second access control message, allow execution of a computer code whose execution had been prevented responsive to receiving the access control message previously received.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access control system (200) enables a computer network (1) to prevent execution of computer code that may contain computer viruses. An access control console (201) generates an access control message (260) including control parameters such as a time limit (255). Said time limit (255) is disseminated to computers (2, 3) on the network (1). Said computers (2, 3) use the time limit (255) to determine the executability of computer code. Access control system (200) also enables blocking data communications with suspicious or susceptible programs in network (1) during virus outbreaks.

Citations

19 Claims

1. A system for preventing infection of a host system by a virus, the system comprising a computer readable storage medium having computer program instructions encoded therein, the computer program instructions comprising:
- a memory module configured to store a time stamp indicating a time at which a computer code was introduced to the host system; and
  
  an access control module coupled to the memory module and configured to;
  
  receive an access control message including an access control time, wherein the access control time is expressed as a duration of time;
  
  prevent execution of the computer code on the host system when the time stamp indicates a time within the duration of time expressed by the access control time;
  
  receive a second access control message subsequent to the access control message previously received, the second access control message including a second access control time representing a shorter duration of time than the access control time of the access control message previously received; and
  
  responsive to receiving the second access control message, allow execution of a computer code whose execution had been prevented responsive to receiving the access control message previously received.
- View Dependent Claims (2, 3, 4, 17, 18, 19)
- - 2. The system of claim 1, wherein the access control message further includes sources of computer code;
    - andthe access control module is further configured to prevent execution of the computer code when the computer code originated from a source of computer code included in the access control message.
  - 3. The system of claim 1, whereinthe access control message further includes an expiration time;
    - andthe access control module is further configured to permit execution of the computer code when the expiration time indicates the access control message has expired.
  - 4. The system of claim 1, wherein the access control module is further configured to intercept an attempt to execute the computer code.
  - 17. The system of claim 1, wherein the time at which the computer code was introduced to the host system is a time at which the computer code was first introduced to the host system.
  - 18. The system of claim 1, wherein the access control time is a fixed time period measured from when the computer code is introduced to the host system during which the access control module is configured to prevent execution of the computer code.
  - 19. The system of claim 1, wherein the access control time represents an estimate of when a virus attack first began.

5. A method for preventing infection of a host system by a virus, comprising:
- storing a time stamp indicating a time at which a computer code was introduced to the host system;
  
  receiving an access control message including an access control time, wherein the access control time is expressed as a duration of time;
  
  preventing execution of the computer code on the host system when the time stamp indicates a time within the duration of time expressed by the access control time;
  
  receiving a second access control message subsequent to the access control message previously received, the second access control message including a second access control time representing a shorter duration of time than the access control time of the access control message previously received; and
  
  responsive to receiving the second access control message, allowing execution of a computer code whose execution had been prevented responsive to receiving the access control message previously received.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5, further comprising:
    - receiving a list of sources;
      
      determining a source of the computer code; and
      
      preventing execution of the computer code on the host system when the source of the computer code is listed in the list of sources.
  - 7. The method of claim 5, further comprising:
    - receiving a list of types of computer code;
      
      determining a type of the computer code; and
      
      preventing execution of the computer code on the host system when the type of the computer code is listed in the list of types of computer code.
  - 8. The method of claim 5, wherein the access control message further includes sources of computer code, and further comprising:
    - preventing execution of the computer code when the computer code originated from a source of computer code included in the access control message.
  - 9. The method of claim 5, wherein the access control message further includes an expiration time, and further comprising:
    - permitting execution of the computer code when the expiration time indicates the access control message has expired.
  - 10. The method of claim 5, further comprising intercepting an attempt to execute the computer code.

11. A computer readable storage medium storing a computer program executable by a processor for preventing infection of a host system by a virus, the actions of the computer program comprising:
- storing a time stamp indicating a time at which a computer code was introduced to the host system;
  
  receiving an access control message including an access control time, wherein the access control time is expressed as a duration of time;
  
  preventing execution of the computer code on the host system when the time stamp indicates a time within the duration of time expressed by the access control time;
  
  receiving a second access control message subsequent to the access control message previously received, the second access control message including a second access control time representing a shorter duration of time than the access control time of the access control message previously received; and
  
  responsive to receiving the second access control message, allowing execution of a computer code whose execution had been prevented responsive to receiving the access control message previously received.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The computer readable storage medium of claim 11, further comprising:
    - receiving a list of sources;
      
      determining a source of the computer code; and
      
      preventing execution of the computer code on the host system when the source of the computer code is listed in the list of sources.
  - 13. The computer readable storage medium of claim 11, further comprising:
    - receiving a list of types of computer code;
      
      determining a type of the computer code; and
      
      preventing execution of the computer code on the host system when the type of the computer code is listed in the list of types of computer code.
  - 14. The computer readable storage medium of claim 11, wherein the access control message further includes sources of computer code, and further comprising:
    - preventing execution of the computer code when the computer code originated from a source of computer code included in the access control message.
  - 15. The computer readable storage medium of claim 11, wherein the access control message further includes an expiration time, and further comprising:
    - permitting execution of the computer code when the expiration time indicates the access control message has expired.
  - 16. The computer readable storage medium of claim 11, further comprising intercepting an attempt to execute the computer code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Sobel, William E., Nachenberg, Carey S.
Primary Examiner(s)
Cardone; Jason D
Assistant Examiner(s)
Patel; Chirag R

Application Number

US10/264,721
Publication Number

US 20030088680A1
Time in Patent Office

2,307 Days
Field of Search

709/229, 726/24, 726/23, 713/188
US Class Current

709/229
CPC Class Codes

G06F 21/56   Computer malware detection ...

H04L 63/0227   Filtering policies mail mes...

H04L 63/145   the attack involving the pr...

Temporal access control for computer virus prevention

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Temporal access control for computer virus prevention

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links