Securing file trust with file format conversions

US 9,015,836 B2
Filed: 03/02/2014
Issued: 04/21/2015
Est. Priority Date: 03/13/2012
Status: Expired due to Fees

First Claim

Patent Images

1. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions for reducing a security risk posed by a digital file, which when executed by one or more processors, cause:

converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein converting the digital file from the first format to the second format is performed, without user input, in response to a component determining that the digital file (a) has entered a secure area of a storage medium and (b) does not contain a digital signature from a trusted entity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Approaches for ensuring a digital file does not contain malicious code. A digital file in an original format may or may not contain malicious code. An intermediate copy of the digital file in an intermediate format is created from the digital file in the original format. The intermediate format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the original format. A sterilized copy of the digital file is created from the intermediate copy. The sterilized copy is in the original format. The sterilized copy comprises a digital signature indicating that the sterilized copy has been converted from the intermediate format to the original format. Advantageously, the sterilized copy is guaranteed to not possess any malicious code.

Citations

21 Claims

1. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions for reducing a security risk posed by a digital file, which when executed by one or more processors, cause:
- converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein converting the digital file from the first format to the second format is performed, without user input, in response to a component determining that the digital file (a) has entered a secure area of a storage medium and (b) does not contain a digital signature from a trusted entity.
- View Dependent Claims (2, 3, 5, 6, 7, 10, 11, 13, 14, 21)
- - 2. The one or more non-transitory computer-readable storage mediums of claim 1, wherein execution of the one or more sequences of instructions further cause:
    - converting the digital file from the second format back to the first format.
  - 3. The one or more non-transitory computer-readable storage mediums of claim 2, wherein converting the digital file from the second format back to the first format comprises inserting a digital signature into the digital file indicating that the digital file has been converted from the second format to the first format.
  - 5. The one or more non-transitory computer-readable storage mediums of claim 2, wherein converting the digital file from the first format back to the second format is performed within a particular virtual machine, and wherein converting the digital file from the second format back to the first format is performed outside of the particular virtual machine.
  - 6. The one or more non-transitory computer-readable storage mediums of claim 2, wherein execution of the one or more sequences of instructions further causes:
    - prior to converting the digital file from the first format back to the second format, removing a macro from the digital file while the digital file is in the first format;
      
      after identifying a portion of the macro which does not conform to a rule, revising the portion of the macro to conform to the rule to produce a sterilized macro; and
      
      after converting the digital file from the second format back to the first format, inserting the sterilized macro back into the digital file.
  - 7. The one or more non-transitory computer-readable storage mediums of claim 2, wherein execution of the one or more sequences of instructions further causes:
    - examining a macro contained within the digital file while the digital file is in the first format; and
      
      after determining that the macro does not conform to a rule, causing the macro to be removed from the digital file upon converting the digital file from the second format back to the first format.
  - 10. The one or more non-transitory computer-readable storage mediums of claim 2, wherein the steps of (a) converting the digital file from the first format to the second format and (b) converting the digital file from the second format back to the first format are performed transparently to a user.
  - 11. The one or more non-transitory computer-readable storage mediums of claim 2, wherein execution of the one or more sequences of instructions further causes:
    - preventing all files, other than files which have been converted to a different format and then back to an original format, from being processed using a default file handler associated with the shell extension of the file.
  - 13. The one or more non-transitory computer-readable storage mediums of claim 1, wherein the second format is a serialized representation of the digital file.
  - 14. The one or more non-transitory computer-readable storage mediums of claim 1, wherein the digital file is converted into the second format in a virtual machine that is instantiated immediately prior to and for the purpose of converting the digital file into the second format.
  - 21. The one or more non-transitory computer-readable storage mediums of claim 1, wherein converting the digital file from said first format to said second format is performed prior to receiving a request to open said digital file.

4. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions for reducing a security risk posed by a digital file, which when executed by one or more processors, cause:
- converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein converting the digital file from the first format to the second format is performed, without user input, in response to a component determining that the digital file does not contain a digital signature from a trusted entity, wherein the component executes on or corresponds to an edge router, an email server, an email client, a web browser, software responsible for managing the instantiation and de-instantiation of one or more virtual machines, a hardware device, or an application specific integrated circuit (ASIC).

8. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions for reducing a security risk posed by a digital file, which when executed by one or more processors, cause:
- converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein converting the digital file from the first format to the second format is performed, without user input, in response to a component determining that the digital file does not contain a digital signature from a trusted entity;
  
  converting the digital file from the second format back to the first format; and
  
  after converting the digital file from the second format back to the first format to produce a sterilized digital file, storing, within a file system, an original copy of the digital file in association with the sterilized digital file,wherein the original copy of the digital file is in the first format and has an attribute that hides the original copy from the user'"'"'s view, and wherein the original copy of the digital file has not been converted to or from the second format.
- View Dependent Claims (9, 12, 15)
- - 9. The one or more non-transitory computer-readable storage mediums of claim 8, wherein a move operation performed on the sterilized digital file is also automatically and transparently performed on the original copy.
  - 12. The one or more non-transitory computer-readable storage mediums of claim 8, wherein execution of the one or more sequences of instructions further causes:
    - performing a merge-edit operation involving the sterilized digital file and a target file by (a) identifying the original copy of the digital file stored in association with the sterilized digital file and (b) copying a portion of content from the original copy of the digital file into the target file, wherein the portion of content comprises dynamic content expressed in the first format.
  - 15. The one or more non-transitory computer-readable storage mediums of claim 8, wherein execution of the one or more sequences of instructions further causes:
    - in response to a request to perform a first type of merge operation, merging the sterilized digital file with a particular digital file to create a first merged document, wherein the first merged document does not comprise any metadata or file format data structures of the first format; and
      
      in response to a request to perform a second type of merge operation, merging the sterilized digital file with the particular digital file to create a second merged document, wherein the second merged document does comprise metadata or file format data structures of the first format.

16. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions for reducing a security risk posed by a digital file, which when executed by one or more processors, cause:
- converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein converting the digital file from the first format to the second format is performed, without user input, in response to a component determining that the digital file does not contain a digital signature from a trusted entity; and
  
  in response to a request to perform a type of merge operation, performing the steps of;
  
  instantiating a new virtual machine for the purpose of creating a merged document;
  
  merging, within the new virtual machine, a portion of the digital file with a portion of a particular digital file to create the merged document, wherein the merged document does comprise metadata or file format data structures of the first format, andafter extracting the merged document from the new virtual machine, de-instantiating the new virtual machine.

17. An apparatus for reducing a security risk posed by a digital file, which when executed by one or more processors, comprising:
- one or more processors; and
  
  one or more non-transitory computer-readable storage mediums storing one or more sequences of instructions, which when executed, cause;
  
  converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein creating the second format is performed, without user input, in response to a component determining that the digital file (a) has entered a secure area of a storage medium and (b) does not contain a digital signature from a trusted entity.
- View Dependent Claims (18)
- - 18. The apparatus of claim 17, wherein execution of the one or more sequences of instructions further cause:
    - converting the digital file from the second format back to the first format.

19. A machine-implemented method for reducing a security risk posed by a digital file, which when executed by one or more processors, comprising:
- a machine executing one or more sequences of instructions to cause;
  
  converting the digital file from a first format to a second format, wherein the second format is different than the first format, wherein the second format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the first format,wherein creating the second format is performed, without user input, in response to a component determining that the digital file (a) has entered a secure area of a storage medium and (b) does not contain a digital signature from a trusted entity.
- View Dependent Claims (20)
- - 20. The machine-implemented method of claim 19, wherein execution by the machine of the one or more sequences of instructions further causes:
    - converting the digital file from the second format back to the first format.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Bromium Inc (HP Inc.)
Inventors
Banga, Gaurav, Kashyap, Rahul, Southgate, Andrew
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Cribbs, Malcolm

Application Number

US14/194,747
Publication Number

US 20140259159A1
Time in Patent Office

415 Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/56 Computer malware detection ...

G06F 21/568 eliminating virus, restorin...

Securing file trust with file format conversions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Securing file trust with file format conversions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links