System and method to secure a computer system by selective control of write access to a data storage medium

US 7,664,924 B2
Filed: 09/20/2007
Issued: 02/16/2010
Est. Priority Date: 12/01/2005
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. In a computer comprising a storage medium and an application running on said computer, a method of controlling write access to said storage medium by said application comprising:

detecting an attempt by the application to write data to said storage medium;

in response to said write attempt, attempting to retrieve a permission value from a database comprised of data elements encoding at least one permission value associated with one or more applications;

in the case that no permission value for the running application is found in the database, transmitting to a central server operatively connected to the computer and to at least one additional computer, a query comprised of an indicia of identity associated with said running application;

receiving from said central server, data that represents the collective response of the user of the at least one additional computer to requests by the same application running on said at least one additional computer to access the storage medium that comprises said at least one additional computer.

View all claims

7 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

A system and method to securing a computer system from software viruses and other malicious code by intercepting attempts by the malicious code to write data to a storage medium. The invention intercepts the write access requests made by programs and verifies that the program is authorized to write before letting the write proceed. Authorization is determined by using the identity of the program as a query element into a database where permission values are stored. Depending on the presence or value of the permission value, write access is permitted or denied. Permission values can be set by the user, downloaded from a central server, or loaded into the central server by a group of users in order to collectively determine a permission value. The interception code can operate in kernel mode.

31 Citations

View as Search Results

11 Claims

1. In a computer comprising a storage medium and an application running on said computer, a method of controlling write access to said storage medium by said application comprising:
- detecting an attempt by the application to write data to said storage medium;
  
  in response to said write attempt, attempting to retrieve a permission value from a database comprised of data elements encoding at least one permission value associated with one or more applications;
  
  in the case that no permission value for the running application is found in the database, transmitting to a central server operatively connected to the computer and to at least one additional computer, a query comprised of an indicia of identity associated with said running application;
  
  receiving from said central server, data that represents the collective response of the user of the at least one additional computer to requests by the same application running on said at least one additional computer to access the storage medium that comprises said at least one additional computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11)
- - 2. The method of claim 1 further comprising displaying on the user interface of said computer graphical forms representative of said collective response data.
  - 3. The method of claim 1 where the data that represents the collective response data includes a percentage of other computer users who have approved the application writing to the storage medium associated with their respective at least one additional computer.
  - 4. The method of claim 1 where the data that represents the collective response data includes a number which is the number of other users that have approved the application writing to the storage medium associated their respective at least one additional computer.
  - 5. The method of claim 1 where the data that represents the collective response data includes at least one statement characterizing the reason that said at least one additional computer user selected a particular permission value.
  - 6. The method of claim 5 where the reason is a spyware.
  - 7. The method of claim 5 where the reason is a virus.
  - 8. The method of claim 5 where the reason is a trojan.
  - 10. A system comprised of a data storage medium, a central processing unit and a main memory, where said central processing unit executes any of the methods of claims 1-8 or 9.
  - 11. A data storage medium containing digital data that, when loaded into a computer and executed as a program, causes the computer to execute any of the methods of claims 1-8 or 9.

9. In a computer comprising a storage medium and an application running on said computer, a method of controlling write access to said storage medium by said application comprising:
- detecting an attempt by the application to write data to said storage medium;
  
  in response to said write attempt, attempting to retrieve a permission value from a database comprised of data elements encoding at least one permission value associated with one or more applications;
  
  in the case that no permission value for the running application is found, transmitting to a central server operatively connected to the computer a query comprised of an indicia of identity associated with said running application;
  
  receiving from said central server information collective response data of at least one other computer user'"'"'s to the request by the same application running on said other computer user'"'"'s computers to access the storage medium that comprises said at least one other computer user'"'"'s computers;
  
  receiving from said central server information transmitted to said central server, said information comprising other user'"'"'s critique of said at least one other computer user'"'"'s response.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Drive Sentry Limited, Polyvision Corporation (Steelcase Incorporated)
Original Assignee
Drive Sentry Limited
Inventors
Safa, John
Primary Examiner(s)
Bragdon, Reginald G
Assistant Examiner(s)
Mackall, Larry T

Application Number

US11/858,752
Publication Number

US 20080114957A1
Time in Patent Office

880 Days
Field of Search

711/163
US Class Current

711/163
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/554   involving event detection a...

G06F 21/564   by virus signature recognition

G06F 2221/2115   Third party

G06F 2221/2141   Access rights, e.g. capabil...

System and method to secure a computer system by selective control of write access to a data storage medium

First Claim

7 Assignments

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

31 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

System and method to secure a computer system by selective control of write access to a data storage medium

First Claim

7 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

31 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others