Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-12-22
2000-11-28
Beausoliel, Jr., Robert W.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
714 38, 713164, H04L 936
Patent
active
061548448
ABSTRACT:
A system comprises an inspector and a protection engine. The inspector includes a content inspection engine that uses a set of rules to generate a Downloadable security profile corresponding to a Downloadable, e.g., Java.TM. applets, ActiveX.TM. controls, JavaScript.TM. scripts, or Visual Basic scripts. The content inspection engine links the Downloadable security profile to the Downloadable. The set of rules may include a list of suspicious operations, or a list of suspicious code patterns. The first content inspection engine may link to the Downloadable a certificate that identifies the content inspection engine which created the Downloadable security profile. Additional content inspection engines may generate and link additional Downloadable security profiles to the Downloadable. Each additional Downloadable security profile may also include a certificate that identifies its creating content inspection engine. Each content inspection engine preferably creates a Downloadable ID that identifies the Downloadable to which the Downloadable security profile corresponds. The protection includes a Downloadable interceptor for receiving a Downloadable, a file reader coupled to the interceptor for determining whether the Downloadable includes a Downloadable security profile, an engine coupled to the file reader for determining whether to trust the Downloadable security profile, and a security policy analysis engine coupled to the verification engine for comparing the Downloadable security profile against a security policy if the engine determines that the Downloadable security profile is trustworthy. A Downloadable ID verification engine retrieves the Downloadable ID that identifies the Downloadable to which the Downloadable security profile corresponds, generates the Downloadable ID for the Downloadable and compares the generated Downloadable to the linked Downloadable. The protection engine further includes a certificate authenticator for authenticating the certificate that identifies a content inspection engine which created the Downloadable security profile as from a trusted source. The certificate authenticator can also authenticate a certificate that identifies a developer that created the Downloadable.
REFERENCES:
patent: 5077677 (1991-12-01), Murphy et al.
patent: 5359659 (1994-10-01), Rosenthal
patent: 5361359 (1994-11-01), Tajalli et al.
patent: 5485409 (1996-01-01), Gupta et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5572643 (1996-11-01), Judson
patent: 5623600 (1997-04-01), Ji et al.
patent: 5638446 (1997-06-01), Rubin
patent: 5692047 (1997-11-01), McManis
patent: 5692124 (1997-11-01), Holden et al.
patent: 5720033 (1998-02-01), Deo
patent: 5724425 (1998-03-01), Chang et al.
patent: 5740248 (1998-04-01), Fieres et al.
patent: 5761421 (1998-06-01), van Hoff et al.
patent: 5765205 (1998-06-01), Breslau et al.
patent: 5784459 (1998-07-01), Devarakonda et al.
patent: 5796952 (1998-08-01), Davis et al.
patent: 5805829 (1998-09-01), Cohen et al.
patent: 5832208 (1998-11-01), Chen et al.
patent: 5850559 (1998-12-01), Angelo et al.
patent: 5859966 (1999-01-01), Hayman et al.
patent: 5864683 (1999-01-01), Boebert et al.
patent: 5892904 (1999-04-01), Atkinson et al.
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5974549 (1999-10-01), Golan
patent: 5983348 (1999-11-01), Ji
X.N. Zhang, "Secure Code Distribution," Computer, pp. 76-79, Jun. 1997.
IBM AntiVirus User's Guide Version 2.4, International Business Machines Corporation, Nov. 15, 1995, pp. 6-7.
Jim K. Omura, "Novel Applications of Cryptography in Digital Communications", IEEE Communications Magazine, May, 1990; pp. 21-27.
Norvin Leach et al, "IE 3.0 Applets Will Earn Certification", PC Week, v13, n29, 1998, 2 pages.
Microsoft Authenticode Technology, "Ensuring Accountability and Authenticity for Software Components on the Internet", Microsoft Corporation, Oct. 1996, including contents, Introduction and pp. 1-10.
Web Page, Article "Frequently Asked Questions About Authenticode", Microsoft Corporation, last updated Feb. 17, 1997, URL: http://www.microsoft.com/workshop/security/authcode/signfaq.asp#9, pp. 1-13.
Web page: http://iel.ihs.com:80/cgi-bin/iel.sub.13 cgi?se . . .2ehts%26ViewTemplate%3ddocview%5fb%2ehts, Okamato, E. et al., "ID-Based Authentication System For Computer Virus Detection", IEEE/IEE Electronic Library online, Electronics Letters, vol. 26, Issue 15, ISSN 0013-5194, Jul. 19, 1990, Abstract and pp. 1169-1170.
"Finjan Announces a Personal Java.TM. Firewall for Web Browsers--the SurfinShield.TM. 1.6", Press Release of Finjan Releases SurfinShield, Oct. 21, 1996, 2 pages.
"Finjan Software Releases SurfinBoard, Industry's First JAVA Security Product For the World Wide Web", Article published on the Internet by Finjan Software, Ltd., Jul. 29, 1996, 1 page.
"Powerful PC Security for the New World of Java.TM. and Downloadables, Surfin Shield.TM." Article published on the Internet by Finjan Software Ltd., 1996, 2 pages.
"Company Profile Finjan--Safe Surfing, The Java Security solutions Provider" Article published on the Internet by Finjan Software Ltd., Oct. 31, 1996, 3 pages.
"Finjan Announces Major Power Boost and New Features for SurfinShield.TM. 2.0" Las Vegas Convention Center/Pavillion 5 P5551, Nov. 18, 1996, 3 pages.
"Java Security: Issues & Solutions" Article published on the Internet by Finjan Software Ltd., 1996, 8 pages.
"Products" Article published on the Internet, 7 pages.
Mark LaDue, "Online Business Consultant" Article published on the Internet, Home Page, Inc. 1996, 4 pages.
Gal Nachshon
Touboul Shlomo
Beausoliel, Jr. Robert W.
Finjan Software Ltd.
Revak Christopher A.
LandOfFree
System and method for attaching a downloadable security profile does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for attaching a downloadable security profile , we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for attaching a downloadable security profile will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1736041