Data processing: software development – installation – and managem – Software upgrading or updating – Network
Reexamination Certificate
2001-06-08
2008-03-25
Chavis, John (Department: 2193)
Data processing: software development, installation, and managem
Software upgrading or updating
Network
C726S021000
Reexamination Certificate
active
07350204
ABSTRACT:
A system and method that automatically, transparently and securely controls software execution by identifying and classifying software, and locating a rule and associated security level for executing executable software. The security level may disallow the software's execution, restrict the execution to some extent, or allow unrestricted execution. To restrict software, a restricted access token may be computed that reduces software's access to resources, and/or removes privileges, relative to a user's normal access token. The rules that control execution for a given machine or user may be maintained in a restriction policy, e.g., locally maintained and/or in a group policy object distributable over a network. Software may be identified/classified by a hash of its content, by a digital signature, by its file system or network path, and/or by its URL zone. For software having multiple classifications, a precedence mechanism is provided to establish the applicable rule/security level.
REFERENCES:
patent: 4713753 (1987-12-01), Boebert et al.
patent: 4805222 (1989-02-01), Young et al.
patent: 4926476 (1990-05-01), Covey
patent: 5367624 (1994-11-01), Cooper
patent: 5481700 (1996-01-01), Thuraisingham
patent: 5819091 (1998-10-01), Arendt et al.
patent: 5915025 (1999-06-01), Taguchi et al.
patent: 5958051 (1999-09-01), Renaud et al.
patent: 5978484 (1999-11-01), Apperson et al.
patent: 5983349 (1999-11-01), Kodama et al.
patent: 5991519 (1999-11-01), Benhammou et al.
patent: 6295605 (2001-09-01), Dockter et al.
patent: 6378069 (2002-04-01), Sandler et al.
patent: 6405202 (2002-06-01), Britton et al.
patent: 6775779 (2004-08-01), England et al.
patent: 6931540 (2005-08-01), Edwards et al.
patent: 6981281 (2005-12-01), LaMacchia et al.
patent: 7028180 (2006-04-01), Aull et al.
patent: 7051366 (2006-05-01), LaMacchia et al.
patent: 7076557 (2006-07-01), LaMacchia et al.
patent: 2001/0049793 (2001-12-01), Sugimoto
patent: 2003/0225698 (2003-12-01), Stefik et al.
patent: 2004/0068721 (2004-04-01), O'Neil et al.
patent: 2005/0203819 (2005-09-01), Rogers et al.
patent: 2006/0031686 (2006-02-01), Atallah et al.
U.S. Appl. No. 09/598,814, filed Jun. 21, 2000, Brain Lamacchia, “Applying a Permission Grant Set to a Call Stack During Runtime”.
Garg Praerit
Lambert John J.
Lawson Jeffrey A.
Chavis John
Workman Nydegger
LandOfFree
Policies for secure software execution does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Policies for secure software execution, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Policies for secure software execution will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3973450