×

Computer system lock-down

  • US 7,865,947 B2
  • Filed: 04/12/2010
  • Issued: 01/04/2011
  • Est. Priority Date: 12/03/2004
  • Status: Active Grant
First Claim
Patent Images

1. A method of locking down a computer system to limit execution of computer program code to only that which can be verified to be approved to run on the computer system, the method comprising:

  • identifying code modules expressly approved for execution by a computer system by taking an inventory of all code modules currently installed on the computer system at a particular point in time; and

    limiting subsequent code module execution by the computer system to those code modules that are included in the inventory by;

    calculating cryptographic hash values for each of the code modules that are included in the inventory;

    storing within a memory of the computer system a customized, local whitelist database, the customized, local whitelist database forming part of an authentication system operable within the computer system and containing therein the cryptographic hash values of the code modules expressly approved for execution by the computer system;

    intercepting, by a kernel mode driver of the authentication system, file system or operating system activity relating to a code module;

    determining, by the authentication system, whether to authorize the request by causing a cryptographic hash value of the code module to be authenticated with reference to the customized, local whitelist database;

    allowing by the authentication system, the code module to be loaded and executed within the computer system if the cryptographic hash value matches one of the cryptographic hash values of code modules expressly approved for execution by the computer system that are contained within the customized, local whitelist database by causing processing relating to the file system or operating system activity relating to the code module to proceed; and

    wherein the authentication system is implemented in one or more processors and one or more computer-readable storage media associated with the computer system, the one or more computer-readable storage media having instructions tangibly embodied therein representing the authentication system that are executable by the one or more processors.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×