Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2000-03-30
2004-10-12
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S152000, C713S176000, C717S178000
Reexamination Certificate
active
06804780
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates generally to computer networks, and more particularly provides a system and method for protecting a computer and a network from hostile Downloadables.
2. Description of the Background Art
The Internet is currently a collection of over 100,000 individual computer networks owned by governments, universities, nonprofit groups and companies, and is expanding at an accelerating rate. Because the Internet is public, the Internet has become a major source of many system damaging and system fatal application programs, commonly referred to as “viruses.”
Accordingly, programmers continue to design computer and computer network security systems for blocking these viruses from attacking both individual and network computers. On the most part, these security systems have been relatively successful. However, these security systems are not configured to recognize computer viruses which have been attached to or configured as Downloadable application programs, commonly referred to as “Downloadables.” A Downloadable is an executable application program, which is downloaded from a source computer and run on the destination computer. Downloadable is typically requested by an ongoing process such as by an Internet browser or web engine. Examples of Downloadables include Java™ applets designed for use in the Java™ distributing environment developed by Sun Microsystems, Inc., JavaScript scripts also developed by Sun Microsystems, Inc., ActiveX™ controls designed for use in the ActiveX™ distributing environment developed by the Microsoft Corporation, and Visual Basic also developed by the Microsoft Corporation. Therefore, a system and method are needed to protect a network from hostile Downloadables.
SUMMARY OF THE INVENTION
The present invention provides a system for protecting a network from suspicious Downloadables. The system comprises a security policy, an interface for receiving a Downloadable, and a comparator, coupled to the interface, for applying the security policy to the Downloadable to determine if the security policy has been violated. The Downloadable may include a Java™ applet, an ActiveX™ control, a JavaScript™ script, or a Visual Basic script. The security policy may include a default security policy to be applied regardless of the client to whom the Downloadable is addressed, a specific security policy to be applied based on the client or the group to which the client belongs, or a specific policy to be applied based on the client/group and on the particular Downloadable received. The system uses an ID generator to compute a Downloadable ID identifying the Downloadable, preferably, by fetching all components of the Downloadable and performing a hashing function on the Downloadable including the fetched components.
Further, the security policy may indicate several tests to perform, including (1) a comparison with known hostile and non-hostile Downloadables; (2) a comparison with Downloadables to be blocked or allowed per administrative override; (3) a comparison of the Downloadable security profile data against access control lists; (4) a comparison of a certificate embodied in the Downloadable against trusted certificates; and (5) a comparison of the URL from which the Downloadable originated against trusted and untrusted URLs. Based on these tests, a logical engine can determine whether to allow or block the Downloadable.
The present invention further provides a method for protecting a computer from suspicious Downloadables. The method comprises the steps of receiving a Downloadable, comparing the Downloadable against a security policy to determine if the security policy has been violated, and discarding the Downloadable if the security policy has been violated.
It will be appreciated that the system and method of the present invention may provide computer protection from known hostile Downloadables. The system and method of the present invention may identify Downloadables that perform operations deemed suspicious. The system and method of the present invention may examine the Downloadable code to determine whether the code contains any suspicious operations, and thus may allow or block the Downloadable accordingly.
REFERENCES:
patent: 5077677 (1991-12-01), Murphy et al.
patent: 5359659 (1994-10-01), Rosenthal
patent: 5361359 (1994-11-01), Tajalli et al.
patent: 5485409 (1996-01-01), Gupta et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5572643 (1996-11-01), Judson
patent: 5579509 (1996-11-01), Furtney et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5623600 (1997-04-01), Ji et al.
patent: 5638446 (1997-06-01), Rubin
patent: 5692047 (1997-11-01), McManis
patent: 5692124 (1997-11-01), Holden et al.
patent: 5720033 (1998-02-01), Deo
patent: 5724425 (1998-03-01), Chang et al.
patent: 5740248 (1998-04-01), Fieres et al.
patent: 5761421 (1998-06-01), van Hoff et al.
patent: 5765205 (1998-06-01), Breslau et al.
patent: 5784459 (1998-07-01), Devarakonda et al.
patent: 5796952 (1998-08-01), Davis et al.
patent: 5805829 (1998-09-01), Cohen et al.
patent: 5832208 (1998-11-01), Chen et al.
patent: 5832274 (1998-11-01), Cutler et al.
patent: 5850559 (1998-12-01), Angelo et al.
patent: 5859966 (1999-01-01), Hayman et al.
patent: 5864683 (1999-01-01), Boebert et al.
patent: 5892904 (1999-04-01), Atkinson et al.
patent: 5951698 (1999-09-01), Chen et al.
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5974549 (1999-10-01), Golan
patent: 5978484 (1999-11-01), Apperson et al.
patent: 5983348 (1999-11-01), Ji
patent: 6092194 (2000-07-01), Touboul
patent: 6154844 (2000-11-01), Touboul et al.
patent: 6339829 (2002-01-01), Beadle et al.
patent: 1091276 (2001-04-01), None
patent: 1132796 (2001-09-01), None
Khare, “Microsoft Authenticode Analyzed” Jul. 22, 1996, xent.com/FoRK-archive/summer96/0338.html, p. 1-2.*
“Release Notes for the Microsfot ActiveX Development Kit”, Aug. 13, 1996, activex.adsp.or.jp/inetsdk/readme.txt, p. 1-10.*
“Microsoft ActiveX Software Development Kit” Aug. 12, 1996, activex.adsp.or.jp/inetsdk/help/overview.htm, p. 1-6.*
Doyle et al, “Microsoft Press Computer Dictionary” 1993, Microsoft Press, 2nd Edition, p. 137-138.*
Schmitt, “.EXE. files, OS-2 style” Nov. 1988, PC Tech Journal via dialog search, vol. 6, #11, p. 76-78.*
Jim K. Omura, “Novel Applications of Cryptography in Digital Communications”, IEEE Communications Magazine, May, 1990; pp. 21-29.
Okamoto, E. et al., “ID-Based Authentication System For Computer Virus Detection”, IEEE/IEE Electronic Library online, Electronics Letters, vol. 26, Issue 15, ISSN 0013/5194, Jul. 19, 1990, Abstract and pp. 1169-1170. URL: http://iel.ihs.com:80/cgi-bin/iel_cgi?se . . . 2ehts%26ViewTemplate%3ddocview%5fb%2ehts.
IBM AntiVirus User's Guide Version 2.4, International Business Machines Corporation, Nov. 15, 1995, pp. 6-7.
Norvin Leach et al, “IE 3.0 Applets Will Earn Certification”, PC Week, vol. 13, No. 29, Jul. 22, 1996, 2 pages.
“Finjan Software Releases SurfinBoard, Industry's First JAVA Security Product For the World Wide Web”, Article published on the Internet by Finjan Softwre Ltd., Jul. 29, 1996, 1 page.
“Powerful PC Security for the New World of Java™ and Downloadables, Surfin Shield™” Article published on the Internet by Finjan Software Ltd., 1996, 2 Pages.
Microsoft® Authenticode Technology, “Ensuring Accountability and Authenticity for Software Components on the Internet”, Microsoft Corporation, Oct. 1996, including Abstract, Contents, Introduction and pp. 1-10.
“Finjan Announces a Personal Java™ Firewall For Web Browsers—the SurfinShield™ 1.6 (formerly known as SurfinBoard)”, Press Release of Finjan Releases SurfinShield 1.6, Oct. 21, 1996, 2 pages.
Company Profile “Finjan—Safe Surfing, The Java Security Solutions Provider”, Article published on the Internet by Finjan Software Ltd., Oct. 31, 1996, 3 pages.
“Finjan Announces Major Power Boost and New Features for SurfinShield™ 2.0” Las Vegas Convention Center/Pavilion 5 P5551, Nov. 18, 1996, 3 pages.
“Java Security: Issues & Solutions” Article published on the Inte
Finjan Software Ltd.
Revak Christopher
Sheikh Ayaz
Squire Sanders & Dempsey L.L.P.
LandOfFree
System and method for protecting a computer and a network... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for protecting a computer and a network..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for protecting a computer and a network... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3268007