Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2010-10-15
2011-11-29
Truong, Thanhnga (Department: 2438)
Information security
Prevention of unauthorized use of data including prevention...
Access control
C713S155000, C713S164000, C713S165000, C726S016000
Reexamination Certificate
active
08069487
ABSTRACT:
Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, an in-memory cache is maintained having entries containing execution authorization information regarding recently used modules. After authenticating a module, its execution authorization information is added to the cache. Activity relating to a module is intercepted. A hash value of the module is generated. The module is authenticated with reference to a multi-level whitelist including a global whitelist, a local whitelist and the cache. The authentication includes first consulting the cache and if the module is not found, then looking up its hash value in the local whitelist and if it is not found, then looking it up in the global whitelist. Finally, the module is allowed to be loaded and executed if its hash value matches a hash value of an approved code modules within the global whitelist.
REFERENCES:
patent: 5257381 (1993-10-01), Cook
patent: 5283856 (1994-02-01), Gross et al.
patent: 5293629 (1994-03-01), Conley et al.
patent: 5311591 (1994-05-01), Fischer
patent: 5398196 (1995-03-01), Chambers
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5452442 (1995-09-01), Kephart
patent: 5475839 (1995-12-01), Watson et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5684875 (1997-11-01), Ellenberger
patent: 5696822 (1997-12-01), Nachenberg
patent: 5752058 (1998-05-01), Van De Vanter
patent: 5826013 (1998-10-01), Nachenberg
patent: 5951698 (1999-09-01), Chen et al.
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5960170 (1999-09-01), Chen et al.
patent: 5974141 (1999-10-01), Saito
patent: 5978917 (1999-11-01), Chi
patent: 6006035 (1999-12-01), Nabahi
patent: 6006329 (1999-12-01), Chi
patent: 6094731 (2000-07-01), Waldin et al.
patent: 6108799 (2000-08-01), Boulay et al.
patent: 6230288 (2001-05-01), Kuo et al.
patent: 6577920 (2003-06-01), Hypponen et al.
patent: 6823460 (2004-11-01), Hollander et al.
patent: 6986050 (2006-01-01), Hypponen
patent: 7020895 (2006-03-01), Albrecht
patent: 7114185 (2006-09-01), Moore et al.
patent: 7184554 (2007-02-01), Freese
patent: 7266845 (2007-09-01), Hypponen
patent: 7293177 (2007-11-01), Lahti et al.
patent: 7319751 (2008-01-01), Kirichenko
patent: 7398389 (2008-07-01), Teal et al.
patent: 7398553 (2008-07-01), Li
patent: 7480683 (2009-01-01), Thomas et al.
patent: 7487495 (2009-02-01), Usov
patent: 7516489 (2009-04-01), Lahti
patent: 7529374 (2009-05-01), Huttunen
patent: 7533131 (2009-05-01), Thomas et al.
patent: 7539828 (2009-05-01), Lomnes
patent: 7698744 (2010-04-01), Fanton et al.
patent: 7865947 (2011-01-01), Fanton et al.
patent: 2002/0070272 (2002-06-01), Gressel et al.
patent: 2002/0073330 (2002-06-01), Chandnani et al.
patent: 2002/0099952 (2002-07-01), Lambert et al.
patent: 2002/0129277 (2002-09-01), Caccavale
patent: 2002/0178374 (2002-11-01), Swimmer et al.
patent: 2003/0074574 (2003-04-01), Hursey et al.
patent: 2003/0135756 (2003-07-01), Verma
patent: 2003/0135791 (2003-07-01), Natvig
patent: 2003/0172167 (2003-09-01), Judge et al.
patent: 2003/0177394 (2003-09-01), Dozortsev
patent: 2003/0212902 (2003-11-01), Van der Made
patent: 2004/0015712 (2004-01-01), Szor
patent: 2004/0034794 (2004-02-01), Mayer et al.
patent: 2004/0044906 (2004-03-01), England et al.
patent: 2004/0098607 (2004-05-01), Alagna et al.
patent: 2004/0153918 (2004-08-01), Tanaka et al.
patent: 2004/0158730 (2004-08-01), Sarkar
patent: 2004/0172551 (2004-09-01), Fielding et al.
patent: 2004/0187023 (2004-09-01), Alagna et al.
patent: 2004/0199763 (2004-10-01), Freund
patent: 2004/0205167 (2004-10-01), Grumann
patent: 2004/0225877 (2004-11-01), Huang
patent: 2004/0243829 (2004-12-01), Jordan
patent: 2004/0255163 (2004-12-01), Swimmer et al.
patent: 2005/0022018 (2005-01-01), Szor
patent: 2005/0060566 (2005-03-01), Chebolu et al.
patent: 2005/0060581 (2005-03-01), Chebolu et al.
patent: 2005/0065935 (2005-03-01), Chebolu et al.
patent: 2005/0066290 (2005-03-01), Chebolu et al.
patent: 2005/0102601 (2005-05-01), Wells
patent: 2005/0108516 (2005-05-01), Balzer et al.
patent: 2005/0120242 (2005-06-01), Mayer et al.
patent: 2005/0149726 (2005-07-01), Joshi et al.
patent: 2005/0166268 (2005-07-01), Szor
patent: 2005/0262558 (2005-11-01), Usov
patent: 2006/0095971 (2006-05-01), Costea et al.
patent: 2006/0130141 (2006-06-01), Kramer et al.
patent: 2006/0147043 (2006-07-01), Mann et al.
patent: 2006/0174344 (2006-08-01), Costea et al.
patent: 2006/0242685 (2006-10-01), Heard et al.
patent: 2007/0208689 (2007-09-01), Park
patent: 2011/0167050 (2011-07-01), Fanton
patent: 2011/0167259 (2011-07-01), Fanton
patent: 2011/0167260 (2011-07-01), Fanton
patent: 2011/0167261 (2011-07-01), Fanton
Enterprise Application Whitelisting, “Achieving PCI Compliance at the Point of Sale Using Bit9 Parity™ to Protect Cardholder Data.” Bit9Parity. 5 pages. www.bit9.com.
Enterprise Application Whitelisting, “What is That Application?” Bit9Parity. 2 pages. www.bit9.com.
Enterprise Application Whitelisting, “Simplify Desktop Management through Enterprise Application Whitelisting” Bit9Parity. 2 pages. www.bit9.com.
Enterprise Application Whitelisting, “In Software We Trust.” Bit9Parity. 2 pages. www.bit9.com.
“F-Secure DeepGuard™—A Proactive Response to the Evolving Threat Scenario.” F-Secure. Nov. 2006. 11 pages.
“F-Secure DeepGuard™ 2.0.” F-Secure. Sep 2008. 13 pages.
Leyden, J., “SecureWave Revamps Alternative to Desktop AV [printer-friendly] • The Register.” http://www.theregister.co.uk/2004/03/30/securewave—revamps—alternative—to—desktop/pri...Mar. 2004. 2 pages.
“From Zero-day to Real-time—How McAfee Artemis Technology Combats Real-Time Cybercrime With Community Threat Intelligence.” McAfee. www.mcafee.com. 9 pages.
“McAfee Artemis Technology—Always-On, Real-Time Protection.” McAfee. www.mcafee.com. 3 pages.
Solidcore S3 Control—Embedded. Certification Report. NSS Labs. Sep. 2008. 32 pages.
“Runtime Control the Perfect Antivirus Solution—Be prepared and decrease your risk from today's targeted attacks and threat landscape.” Solidcore. 4 pages.
Virtualized Laptop and Desktop Management Viewfinity Compliance and Security. ViewFinity. 5 pages.
“S3 Control Product Comparison.” Solidcore. 1 page.
“Prevx 3.0.” PC Magazine. www.pcmag.com. May 2009. 3 pages.
“BOUNCER by CoreTrace™—High-Security / Easy-Change Application Whitelisting.” coreTrace. 4 pages, 2009.
True Endpoint Security—A Matter of 180 degrees. coreTrace. Jul. 2008. 9 pages.
“White Paper: Application Whitelisting and Energy Systems—A Good Match?” coreTrace, 6 pages, 2009.
“Bouncer by CoreTrace™—Provides True Endpoint Security with Rapid Breakeven.” coreTrace. Jul. 2008. 10 pages.
“Regulatory Compliance Protecting PCI Systems and Data.” coreTrace. 2 pages, 2009.
“CoreTrace Continues to Knock Down Application Whitelisting Barriers.” EMA. 3 pages, 2009.
Luallen, M. E., et al. “Malicious Software Prevention for NERC CIP-007 Compliance: Protective Controls for Operating Systems and Supporting Applications.” 8 pages.
Wakeham, R., “White Paper—Hardening Critical Systems at Electrical Utilities—Meeting Regulatory Requirements Through Endpoint Controls.” NetSPI. 5 pages.
Ogren, E., “The Tenets of Endpoint Control.” Ogren Group. 7 pages, 2008.
“Product Data Sheet.” Faronics Anti-Executable™. 2 pages.
“Faronics Anti-Executable Enterprise.” Faronics Anti-Executable™. Oct. 2009. 4 pages.
“Anti-Executable Key Features.” Faronics Anti-Executable™. http://www.faronics.com/html/AEFeatures.asp. 2 pages.
“Faronics Anti-Executable Standard.” Faronics Anti-Executable™. Oct. 2009. 3 pages.
“Faronics Anti-Execu
Fanton Andrew F.
Gandee John J.
Godwin Kurt E.
Harper Edwin L.
Lutton William H.
Fortinet, Inc.
Hamilton DeSanctis & Cha, LLP
Truong Thanhnga
LandOfFree
Cloud-based application whitelisting does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Cloud-based application whitelisting, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Cloud-based application whitelisting will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4303291