Method and apparatus for immunizing data in computer systems from corruption
First Claim
1. A method for immunizing a recipient'"'"'s computer system in a data processing network from all corrupting contents of all incoming messages received over a communications path through a server wherein each incoming message requires at least one production application for processing the message, said method comprising, for each incoming message, the steps of:
- A) identifying each of the at least one production application required for processing the message,B) generating a controlled environment set for the message as an instance of controlled environment templates stored in the server, said generated controlled environment set being isolated from the data processing network and other portions of the server and including an instance of a controlled environment for processing each identified production application, each production application including at least one predetermined message criterion that defines those characteristics of the message required to prove that the message could not corrupt the recipient'"'"'s computer system and including transmission criteria that define dispositions for the identified message,C) analyzing the message by processing all of its contents in said generated controlled environment set to determine whether the message meets all of the at least one message criterion that proves that the entire message is free of any corrupting contents, andD) disposing of the message in response to said analyzing step and the transmission criteria for the message, one said disposing step enabling the message to be transferred to the recipient'"'"'s computer system without modification only when said analyzing step determines that the entire message has been proven to be free of corrupting contents and another disposing step providing a communications path whereby the recipient can view the message remotely and in isolation in the controlled environment set without transferring the message to the recipient'"'"'s computer system.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for immunizing a computer network against adverse effects caused by the receipt of a corrupting message. Each message transfers into a protocol-based controlled environment for a specific recipient where message criteria determine whether the incoming message is deemed to be a valid or suspicious message. Transmission criteria determine the final message disposition. If the message is valid, it is delivered to a recipient computer system in the network. If the incoming message is suspicious, the message is isolated in the controlled environment where the transmission criteria may provide remote access to the recipient.
43 Citations
46 Claims
-
1. A method for immunizing a recipient'"'"'s computer system in a data processing network from all corrupting contents of all incoming messages received over a communications path through a server wherein each incoming message requires at least one production application for processing the message, said method comprising, for each incoming message, the steps of:
-
A) identifying each of the at least one production application required for processing the message, B) generating a controlled environment set for the message as an instance of controlled environment templates stored in the server, said generated controlled environment set being isolated from the data processing network and other portions of the server and including an instance of a controlled environment for processing each identified production application, each production application including at least one predetermined message criterion that defines those characteristics of the message required to prove that the message could not corrupt the recipient'"'"'s computer system and including transmission criteria that define dispositions for the identified message, C) analyzing the message by processing all of its contents in said generated controlled environment set to determine whether the message meets all of the at least one message criterion that proves that the entire message is free of any corrupting contents, and D) disposing of the message in response to said analyzing step and the transmission criteria for the message, one said disposing step enabling the message to be transferred to the recipient'"'"'s computer system without modification only when said analyzing step determines that the entire message has been proven to be free of corrupting contents and another disposing step providing a communications path whereby the recipient can view the message remotely and in isolation in the controlled environment set without transferring the message to the recipient'"'"'s computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An immunization system for immunizing a recipient'"'"'s computer system in a data processing network from all corrupting contents of all incoming messages received over a communications path through a server with a controlled environment template store wherein each incoming message requires at least one production application for processing the message, said system comprising a processor executing software configured to implement, for each incoming message:
-
A) means for identifying each of the at least one production application required to process the message, B) a controlled environment set that is isolated from the data processing network and other portions of the server and that includes a controlled environment for processing each identified production application, each controlled environment in said controlled environment set being an instance of a controlled environment template in the controlled environment template store and including; i) at least one predetermined message criterion that defines those characteristics required to prove that the message could not corrupt the recipient'"'"'s computer system, and ii) transmission criteria that define dispositions for the identified message, C) means for analyzing all of the contents of the message by processing the message contents in a corresponding controlled environment set to determine whether the message meets all of the at least one message criterion that proves that the entire message is free of any corrupting contents, and D) disposition means responsive to analyzing mean for controlling the disposition of the message, one disposition enabling the message to be transferred to the recipient'"'"'s computer system without modification only when said analyzing step determines that the entire message has been proven to be free of corrupting contents and another disposition providing a communications path whereby the recipient can view the message remotely and in isolation in the controlled environment set without transferring the message to the recipient'"'"'s computer system. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification