User controllable platform-level trigger to set policy for protecting platform from malware

US 9,372,988 B2
Filed: 12/22/2011
Issued: 06/21/2016
Est. Priority Date: 12/22/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A method to protect data stored in a storage system of a device from malware alteration, comprising:

receiving an indication that the data is to be protected, wherein the receiving an indication in response to a hardware switch being activated;

triggering an interrupt of the device to lock the data outside of operating system control;

securing the data from the malware alteration by preventing an operating system process from altering the data, bysending by a trusted application a first message to the storage system, the first message specifying that the data is to be protected from the malware alteration, andreceiving by a trusted application a second message from the storage system indicating that the data is protected from malware alteration, wherein the first and second message are transported over a tunnel between the device and the storage system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of systems, apparatuses, and methods to protect data stored in a storage system of a device from malware alternation are described. In some embodiments, a system receives an indication that the data is to be protected. In addition, the system further triggers an interrupt of the device and secures the data from the malware alternation.

15 Citations

View as Search Results

15 Claims

1. A method to protect data stored in a storage system of a device from malware alteration, comprising:
- receiving an indication that the data is to be protected, wherein the receiving an indication in response to a hardware switch being activated;
  
  triggering an interrupt of the device to lock the data outside of operating system control;
  
  securing the data from the malware alteration by preventing an operating system process from altering the data, bysending by a trusted application a first message to the storage system, the first message specifying that the data is to be protected from the malware alteration, andreceiving by a trusted application a second message from the storage system indicating that the data is protected from malware alteration, wherein the first and second message are transported over a tunnel between the device and the storage system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein, in response to the sending of the first message, the data is made read-only.
  - 3. The method of claim 1, further comprising:
    - receiving a configuration that indicates that the data is to be protected.
  - 4. The method of claim 1, further comprising:
    - receiving the data; and
      
      storing the data in the storage system.
  - 5. The method of claim 1, wherein the hardware switch is dedicated switch.
  - 6. The method of claim 1, wherein the hardware switch is keyboard combination.
  - 7. The method of claim 1, wherein the data is anti-virus definition data.

8. A device to protect data stored in a storage system of a device from malware alternation, comprising:
- a hardware switch, when activated, to indicate that the data is to be protected and to trigger an interrupt of the device to lock the data outside of operating system control;
  
  lockable storage to secure the data from the malware alternation by preventing an operating system process from altering the data; and
  
  a trusted application interface to send a first message to the storage system, the first message to specify that the data is to be protected from the malware alternation and to receive a second message from the storage system that indicates that the data is protected from the malware alteration, wherein the first and second message are transported over a tunnel between the device and the storage system.
- View Dependent Claims (9, 10)
- - 9. The device of claim 8, wherein the data is made read-only to secure the data.
  - 10. The device of claim 8, wherein the hardware switch is keyboard combination.

11. A non-transitory machine-readable medium having executable instructions to cause one or more processing units to perform a method to protect data stored in a storage system of a device from malware alternation, the method comprising:
- receiving an indication that the data is to be protected, wherein the receiving an indication in response to a hardware switch being activated;
  
  triggering an interrupt of the device to lock the data outside of operating system control;
  
  securing the data from the malware alteration by preventing an operating system process from altering the data, bysending by a trusted application a first message to the storage system,the first message specifying that the data is to be protected from the malware alteration, andreceiving by a trusted application a second message from the storage system indicating that the data is protected from malware alteration, wherein the first and second message are transported over a tunnel between the device and the storage system.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory machine-readable medium of claim 11, wherein, in response to the sending of the first message, the data is made read-only.
  - 13. The non-transitory machine-readable medium of claim 11, further comprising:
    - receiving a configuration that indicates that the data is to be protected.
  - 14. The non-transitory machine-readable medium of claim 11, further comprising:
    - receiving the data; and
      
      storing the data in the storage system.
  - 15. The non-transitory machine-readable medium of claim 11, wherein the data is anti-virus definition data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Thadikaran, Paul J., Triantafillou, Nicholas D., Bowen, Thomas R., Saxena, Paritosh
Primary Examiner(s)
Dada, Beemnet

Application Number

US13/976,253
Publication Number

US 20130283380A1
Time in Patent Office

1,643 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/56   Computer malware detection ...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/85   interconnection devices, e....

H04L 63/145   the attack involving the pr...

User controllable platform-level trigger to set policy for protecting platform from malware

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

User controllable platform-level trigger to set policy for protecting platform from malware

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others