Method of protecting a computing system from harmful active content in documents

US 7,607,172 B2
Filed: 03/02/2004
Issued: 10/20/2009
Est. Priority Date: 03/02/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for protecting a computing device from potentially harmful code in a document, the method comprising:

receiving a data structure representation of the document;

providing one or more definitions of potentially harmful active content in an editable configuration file, each definition identifying potentially harmful active content and specifying an action to be performed on that potentially harmful active content if that potentially harmful active content is found in the document;

dynamically editing by a user the editable configuration file by adding a new definitionparsing the editable configuration file to generate a data structure representation of the definitions in the editable configuration file;

comparing the data structure representation of the document with the data structure representation of the definitions of potentially harmful active content to identify potentially harmful active content within the document; and

modifying the document to render harmless any identified potentially harmful active content before presenting the document to the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are a system and method for protecting a computing device from potentially harmful code in a document. One or more definitions of potentially harmful active content are provided in an editable text file. The document is compared with each definition of potentially harmful active content in the editable text file to identify potentially harmful active content within the document. The document is modified to render harmless any identified potentially harmful active content before presenting the document to the computing device.

38 Citations

View as Search Results

15 Claims

1. A method for protecting a computing device from potentially harmful code in a document, the method comprising:
- receiving a data structure representation of the document;
  
  providing one or more definitions of potentially harmful active content in an editable configuration file, each definition identifying potentially harmful active content and specifying an action to be performed on that potentially harmful active content if that potentially harmful active content is found in the document;
  
  dynamically editing by a user the editable configuration file by adding a new definitionparsing the editable configuration file to generate a data structure representation of the definitions in the editable configuration file;
  
  comparing the data structure representation of the document with the data structure representation of the definitions of potentially harmful active content to identify potentially harmful active content within the document; and
  
  modifying the document to render harmless any identified potentially harmful active content before presenting the document to the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising syntactically examining the document and placing the document in a valid form before comparing the document with each definition.
  - 3. The method of claim 1, further comprising transmitting the modified document to the computing device over a network after the potentially harmful active content is rendered harmless.
  - 4. The method of claim 3, wherein each definition is listed in the configuration file in a same language structure and schema as the document.
  - 5. The method of claim 3, further comprising mapping each definition in the configuration file into a same language and schema as the document.
  - 6. The method of claim 1, wherein the data structure representation of the document is a first document object model (DOM) tree and wherein the data structure representation of the definitions in the configuration file is a second DOM tree.
  - 7. The method of claim 1, wherein the editable configuration file is an XML (extensible markup language) file.
  - 8. The method of claim 1, wherein one or more of the definitions of potentially harmful active content identifies potentially harmful active content at a level of a tag in the document.
  - 9. The method of claim 1, wherein one or more of the definitions of potentially harmful active content identifies potentially harmful active content at a level of an attribute in the document.
  - 10. The method of claim 1, wherein one or more of the definitions of potentially harmful active content identifies potentially harmful active content at a level of an attribute value in the document.
  - 11. The method of claim 1, wherein each definition is listed in the configuration file in a different language structure and different schema from the document.
  - 12. The method of claim 1, wherein the action specified by a given definition is to remove an attribute from the document.
  - 13. The method of claim 1, wherein the action specified by a given definition is to replace the identified potentially harmful active content in the document with active content known to be harmless.
  - 14. The method of claim 1, wherein the action specified by a given definition is to remove a tag from the document.
  - 15. The method of claim 1, further comprising identifying potentially harmful active content by finding a node in the data structure representation of the definitions that matches a node in the data structure representation of the document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Morales, Veronica, Zurko, Mary Ellen, Congdon, Robert
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Powers; William S

Application Number

US10/790,944
Publication Number

US 20050198692A1
Time in Patent Office

2,058 Days
Field of Search

726/24, 713/187, 713/188
US Class Current

726/24
CPC Class Codes

G06F 21/563 by source code analysis

Method of protecting a computing system from harmful active content in documents

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Method of protecting a computing system from harmful active content in documents

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others