Method and process for virtualizing network interfaces
First Claim
1. A system for securing an application for execution on a computer, the system comprising:
- a server computer;
a network; and
a client computer operably connected to the server computer via the network;
wherein the client computer receives an application from the server computer;
wherein the client computer executes the application subsequent to receiving the application; and
wherein the client computer includes an interception module for intercepting at least one network request from the application, wherein the interception module determines whether the destination address is listed in a set of approved addresses, and wherein the interception module notifies a proxy that the request is intercepted.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for securing an application for execution in a computer. In one embodiment, a preprocessor module modifies an application binary such that the application invokes an interception module in response to invoking certain system calls. The interception module prevents the application from adversely affecting the operating of a computer that is executing the application. Furthermore, the interception module protects the contents of the application from improper access by a user of the computer. For example, the interception module transparently encrypts all files that are used by the application such that a user of the computer cannot improperly access these files.
54 Citations
24 Claims
-
1. A system for securing an application for execution on a computer, the system comprising:
-
a server computer;
a network; and
a client computer operably connected to the server computer via the network;
wherein the client computer receives an application from the server computer;
wherein the client computer executes the application subsequent to receiving the application; and
wherein the client computer includes an interception module for intercepting at least one network request from the application, wherein the interception module determines whether the destination address is listed in a set of approved addresses, and wherein the interception module notifies a proxy that the request is intercepted.
-
-
2. A method of securing an application for execution on a computer, the method comprising:
-
modifying a binary of the application such that a request from the application to transmit data over the network is intercepted, wherein the request identifies a destination address; and
determining whether the destination address is listed in a set of approved addresses. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
14. A system for securing an application for execution on a computer, the system comprising:
-
means for modifying a binary of the application such that a request from the application to transmit data over the network is intercepted, wherein the request identifies a destination address; and
means for determining whether the destination address is listed in a set of approved addresses.
-
-
24. A system for securing an application for execution on a computer, the system comprising:
a preprocessor module for modifying the binary of an application such that a request to transmit data over the network is intercepted, wherein the request identifies a destination address, wherein the interception module determines whether the destination address is listed in a set of approved addresses, and wherein the interception module notifies a proxy that the request is intercepted.
Specification