Systems and methods for determining whether to evaluate the trustworthiness of digitally signed files based on signer reputation
First Claim
1. A computer-implemented method for determining whether to independently evaluate the trustworthiness of digitally signed files based on signer reputation, the method comprising:
- identifying a file;
determining that the file has been digitally signed;
identifying a signer responsible for digitally signing the file;
identifying a reputation of the signer, the signer'"'"'s reputation being based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer;
determining whether the signer'"'"'s reputation satisfies a predetermined threshold;
only performing an independent evaluation of the trustworthiness of the file if the signer'"'"'s reputation fails to satisfy the predetermined threshold;
wherein each step of the method is performed by a computing device comprising at least one hardware processor.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for determining whether to evaluate the trustworthiness of digitally signed files based on signer reputation may include (1) identifying a file, (2) determining that the file has been digitally signed, (3) identifying a signer responsible for digitally signing the file, (4) identifying the signer'"'"'s reputation, and then (5) determining whether to evaluate the trustworthiness of the file based at least in part on the signer'"'"'s reputation. In one example, the signer'"'"'s reputation may be based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer. Various other methods, systems, and encoded computer-readable media are also disclosed.
38 Citations
19 Claims
-
1. A computer-implemented method for determining whether to independently evaluate the trustworthiness of digitally signed files based on signer reputation, the method comprising:
-
identifying a file; determining that the file has been digitally signed; identifying a signer responsible for digitally signing the file; identifying a reputation of the signer, the signer'"'"'s reputation being based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer; determining whether the signer'"'"'s reputation satisfies a predetermined threshold; only performing an independent evaluation of the trustworthiness of the file if the signer'"'"'s reputation fails to satisfy the predetermined threshold; wherein each step of the method is performed by a computing device comprising at least one hardware processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for determining whether to independently evaluate the trustworthiness of digitally signed files based on signer reputation, the system comprising:
-
a file-analysis module programmed to; identify a file; determine that the file has been digitally signed; identify a signer responsible for digitally signing the file; a reputation module programmed to identify a reputation of the signer, the signer'"'"'s reputation being based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer; a security module programmed to; determine whether the signer'"'"'s reputation satisfies a predetermined threshold; only perform an independent evaluation of the trustworthiness of the file if the signer'"'"'s reputation fails to satisfy the predetermined threshold; at least one processor configured to execute the file-analysis module, the reputation module, and the security module. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable-storage medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify a file; determine that the file has been digitally signed; identify a signer responsible for digitally signing the file; identify a reputation of the signer, the signer'"'"'s reputation being based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer; determine whether the signer'"'"'s reputation satisfies a predetermined threshold; only perform an independent evaluation of the trustworthiness of the file if the signer'"'"'s reputation fails to satisfy the predetermined threshold. - View Dependent Claims (16, 17, 18, 19)
-
Specification