SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR POPULATING A LIST OF KNOWN WANTED DATA

US 20130247024A1
Filed: 03/31/2008
Published: 09/19/2013
Est. Priority Date: 03/31/2008
Status: Active Grant

First Claim

Patent Images

1. A computer program product embodied on a non-transitory tangible computer readable medium for performing operations, comprising:

using a profiling agent to monitor a plurality of update services that are associated with multiple update providers;

identifying an update for a computer;

populating a list of known wanted data with at least a portion of update data provided in the update, wherein the list reflects an aggregation of multiple update data sets from the multiple update providers and the list is based, at least in part, on the operating system and applications of the computer, and wherein the portion of the update data are reflective of data predetermined to exclude malware, and wherein the known wanted data includes a whitelist; and

populating the list of known wanted data with metadata that indicates a version of the update data, a digital signature used to sign a portion of the update data, and a location from which the portion of the update data was received.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer program product are provided for populating a list of known wanted data. In use, an update to data is identified. In addition, a list of known wanted data is populated with the data, in response to the update.

4 Citations

20 Claims

1. A computer program product embodied on a non-transitory tangible computer readable medium for performing operations, comprising:
- using a profiling agent to monitor a plurality of update services that are associated with multiple update providers;
  
  identifying an update for a computer;
  
  populating a list of known wanted data with at least a portion of update data provided in the update, wherein the list reflects an aggregation of multiple update data sets from the multiple update providers and the list is based, at least in part, on the operating system and applications of the computer, and wherein the portion of the update data are reflective of data predetermined to exclude malware, and wherein the known wanted data includes a whitelist; and
  
  populating the list of known wanted data with metadata that indicates a version of the update data, a digital signature used to sign a portion of the update data, and a location from which the portion of the update data was received.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 17)
- - 2. The computer program product of claim 1, wherein the portion of the update data includes an executable file.
  - 3. The computer program product of claim 2, wherein the file includes an operating system file.
  - 4. The computer program product of claim 2, wherein the file includes an application filed.
  - 5. The computer program product of claim 1, wherein the portion of the update data is updated by a setup program.
  - 6. The computer program product of claim 1, wherein the update is identified based on a call to a service to install the update.
  - 7. The computer program product of claim 1, wherein the update is identified based on a call to a service to download the update.
  - 8. The computer program product of claim 7, wherein the service includes an object interface.
  - 9. The computer program product of claim 1, wherein the update is identified utilizing a proxy interface.
  - 10. The computer program product of claim 9, wherein the proxy interface monitors operations performed by a service for identifying the update.
  - 11. The computer program product of claim 10, wherein the proxy interface includes a plurality of components, each component monitoring different operations.
  - 12. The computer program product of claim 11, wherein the components include at least one of a file system component, a registry component, a process component, and a network component.
  - 17. The computer program product of claim 1, wherein the metadata includes at least one of a format type of the portion of the update data, and a time of the update.

13. (canceled)

14. (canceled)

15. (canceled)

16. (canceled)

18. A method, comprising:
- using a profiling agent to monitor a plurality of update services that are associated with multiple update providers;
  
  identifying an update for a computer;
  
  populating a list of known wanted data with at least a portion of update data provided in the update, wherein the list reflects an aggregation of multiple update data sets from the multiple update providers and the list is based, at least in part, on the operating system and applications of the computer, and wherein the portion of the update data are reflective of data predetermined to exclude malware, and wherein the known wanted data includes a whitelist; and
  
  populating the list of known wanted data with metadata that indicates a version of the update data, a digital signature used to sign a portion of the update data, and a location from which the portion of the update data was received.

19. A system, comprising:
- a processor;
  
  a memory; and
  
  a profiling agent, wherein the system is configured for;
  
  monitoring a plurality of update services that are associated with multiple update providers;
  
  identifying an update for a computer;
  
  populating a list of known wanted data with at least a portion of update data provided in the update, wherein the list reflects an aggregation of multiple update data sets from the multiple update providers and the list is based, at least in part, on the operating system and applications of the computer, and wherein the portion of the update data are reflective of data predetermined to exclude malware, and wherein the known wanted data includes a whitelist; and
  
  populating the list of known wanted data with metadata that indicates a version of the update data, a digital signature used to sign a portion of the update data, and a location from which the portion of the update data was received.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the processor is coupled to the memory via a bus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Sallam, Ahmed Said

Granted Patent

US 8,527,978 B1
Time in Patent Office

Days
Field of Search
US Class Current

717/173
CPC Class Codes

G06F 8/65 Updates security arrangemen...

SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR POPULATING A LIST OF KNOWN WANTED DATA

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

4 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR POPULATING A LIST OF KNOWN WANTED DATA

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

4 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links