Pre-emptive anti-virus protection of computing systems
First Claim
1. A method for inhibiting execution of malicious executable files and other unauthorized executable files by a computing system, the method comprising:
- (a) creating a unique execution key for each executable file authorized by a user to be run on a specific computing system wherein each said key is unique to its respective file and to the specific computing system upon which it is authorized to run;
associating each said executable file with its respective execution key;
storing execution key information for each said execution key in a key store separate from the executable file but accessible by the computing system;
(b) when any executable file is queued to run on the computing system, examining the said executable file for an associated said execution key; and
(c) if an associated said execution key is found, comparing the found execution key with the respective said stored execution key information to verify the validity of the found execution key, if the stored execution key information matches the found execution key, allowing the queued executable file to run at least once on the computing system, and if the stored execution key information does not match the found execution key, preventing the executable file from running.
13 Assignments
0 Petitions
Accused Products
Abstract
A system is provided that strongly inhibits infection and spread of computer viruses. Valid executable software files and supporting files, even files provided by mass-released commercial software, are associated with a numeric key that is unique to each individual computer running the software. For a file to be processed by the central processing unit (CPU) of the computer, the presence of a valid key must first be verified. Every valid executable file, including files relating to the operating system and application layer code, is provided with a unique key. Thus, viruses that attempt to gain access to the CPU to perform unauthorized actions, including replication, are prevented due to lack of a valid execution key. Execution keys are generated locally on each individual computer using a variety of methods. Execution keys can be regenerated if the security of a computer system has been compromised, or appears to have been compromised.
44 Citations
30 Claims
-
1. A method for inhibiting execution of malicious executable files and other unauthorized executable files by a computing system, the method comprising:
-
(a) creating a unique execution key for each executable file authorized by a user to be run on a specific computing system wherein each said key is unique to its respective file and to the specific computing system upon which it is authorized to run;
associating each said executable file with its respective execution key;
storing execution key information for each said execution key in a key store separate from the executable file but accessible by the computing system;(b) when any executable file is queued to run on the computing system, examining the said executable file for an associated said execution key; and (c) if an associated said execution key is found, comparing the found execution key with the respective said stored execution key information to verify the validity of the found execution key, if the stored execution key information matches the found execution key, allowing the queued executable file to run at least once on the computing system, and if the stored execution key information does not match the found execution key, preventing the executable file from running. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for inhibiting execution of malicious executable files and other unauthorized executable files by a computing system, the method comprising:
-
(a) creating a unique execution key for each executable file authorized by a user to be run on a specific computing system wherein each said key is unique to its respective file and to the specific computing system upon which it is authorized to run;
associating each said executable file with its respective execution key;
storing execution key information for each said execution key in a key store separate from the executable file but accessible by the computing system; and(b) each time any executable file is queued to run on the computing system, examining the said executable file for an associated said execution key; and if an associated said execution key is not found, then performing an automated missing key response that will prevent the executable file from running without authorization; and if an associated said execution key is found, then comparing the stored execution key information for a match with the found execution key;
whereasif the stored key information does not match the found execution key, then performing an automated invalid key response that will prevent the executable file from running without authorization; and if the stored execution key information matches the found execution key, then allowing the queued executable file to run once on the computing system. - View Dependent Claims (19, 20, 21, 22, 23)
-
-
24. A method for inhibiting execution of malicious executable files and other unauthorized executable files by a computing system, the method comprising:
-
(a) creating a unique execution key for each executable file authorized to be run on a specific computing system wherein each said key is unique to its respective file and to the specific computing system upon which it is authorized to run;
associating each said executable file with its respective execution key;
storing execution key information for each said execution key in a key store separate from the executable file but accessible by the computing system; and(b) when an executable file is queued to run on the computing system, examining the said executable file for an associated said execution key;
if an associated said execution key is found, comparing the found execution key with the respective said stored execution key information to verify the validity of the found execution key; and
if the stored execution key information matches the found execution key, allowing the queued executable file to run at least once on the computing system;else perform a configurable automatable action. - View Dependent Claims (25, 26, 27, 28, 29, 30)
-
Specification