Patent Grant
8539063
1. Field of Invention
The present invention relates generally to computer systems. More particularly, the present invention relates to explicit human input or confirmation for containing networked application client software.
2. Related Art
In a typical computer system, any software running on the system has full network access to, and the service usage of, any networked service or application that is needed directly or indirectly by users of the computer system. Furthermore, networked application client software is herein defined as software that makes use of network-accessible services by using network communication from the client host to the host(s) providing the service(s), and implementing the correct protocol for using such service(s).
Today, there exist numerous techniques for automating and simulating a user in order so networked application client software would specify, request, and use the aforementioned network-accessible services. Although such techniques as creating a human-input script or creating client software that utilizes the same application programming interface (API) as the user-interface software do provide many benefits, the same techniques may also be used to allow malicious or erroneous software to make service requests that are not intended by the user.
One solution to detect malicious usage of networked application client software is to use human interactive proofs. Conventionally, human interactive proofs have been used to gather human input with high assurance that input came from a human rather than software developed to simulate human input. However, human interactive proofs have thus far neither been used to detect whether application software operating on behalf of a user is functioning without the user's knowledge or authorization, nor used within an existing application workflow to obtain human confirmation for an application transaction request.
A second solution is to implement network firewalls that control the ability of networked application client software to send request to networked application server software. In one example of a firewall technique, a firewall acts as a “proxy” for client/server transmission control protocol (TCP) connections, that is, acts as a TCP connection endpoint for a connection with a client and a second connection for a server. A firewall may set up a dialogue with the user in order to notify the user that some software is attempting to traverse the firewall to the host that the user is using. The dialogue is considered successful if the user provides the information expected in the dialogues (e.g. a mouse click on an “OK” button rather than a mouse click on a “Cancel” or “Close” button). However, such dialogue techniques have not been used to provide any assurance of human participation in the dialogue, that is, the data entered on the user's side may well be provided via a script or other forms of automation.
Accordingly, the present invention provides a method and system for containing the capabilities of networked application client software so that it can perform specified transactions only given explicit consent or confirmation of a legitimate user. In one embodiment of the present invention, the consent from the user is obtained by means of dialogues with the user who is using the host executing the networked application client software. The dialogues are performed with one of several techniques for gathering human input, wherein the techniques are designed so it is extremely difficult for software to automate the user's responses to a dialogue, and much more difficult to automate the user's responses reliably for multiple arbitrary dialogues.
The present invention provides a method and system to reduce or eliminate the spread of malicious software via means such as electronic mail or internet messaging that include data attachments. The present invention prevents the spread of such malicious service usage attempts by intercepting a service request, notifying the user of the service request, and subsequently dropping the request if the user denies the request or does not confirm the notification.
The present invention may also be used to prevent unauthorized service usage wherein the service request comes from a non-legitimate user masquerading as a legitimate user. Moreover, the system of the present invention may be used to implement service on user demand in order to contain a workstation to a specific set of services where each channel through which the workstation communicates with a host in order to access a service has been explicitly authorized by a human user. Alternatively, the present invention may be used to implement access on demand to contain a server's usage of other services to only the services that the server needs.
The accompanying drawings that are incorporated in and form a part of this specification illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention:
The following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements. In the following description, specific nomenclature is set forth to provide a thorough understanding of the present invention. It will be apparent to one skilled in the art that the specific details may not be necessary to practice the present invention. Furthermore, various modifications to the embodiments will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. Thus, the present invention is not intended to be limited to the embodiments shown but is to be accorded the widest scope consistent with the principles and features described herein.
Furthermore, the server host 1 is herein defined as a computer that is running a service that may be used directly or indirectly by the user 21 via user/client software 13. The data network 7 is herein defined as an electronic medium used for communication between two or more computers, including communication between the server host 1 and the workstation host 9. The workstation host is herein defined as a computer used by the user 21 to execute client software and make use of services running on the server host 1. The server application software 3 is herein defined as software that runs on the server that implements one or more services. The confirmation interceptor 5 is herein defined as software that intercepts service requests and in some cases obtains user confirmation for service requests. The confirmation agent 19 is herein defined as software used to receive information from the confirmation interceptor 5 and implement a dialogue between the system and the user 21. For example, internet messaging (IM) software may be used as a confirmation agent 19 to provide interaction between the system and the user. The user/client software 13 is herein defined as software comprising user-interface software and client application software. The automated client software 17 is herein defined as software comprising client application logic (i.e. usage and network programming interface). The network programming interface 15 is herein defined as a set of data exchange protocols used to facilitate communication between the server application software 3 and client application software. Moreover, client application software is herein defined as software that runs on workstation host 9 and executes tasks that comprises: implementing an application's network programming interface, using the network programming interface to formulate service requests, sending the requests to the server host 1, and receiving responses from the server host 1 via the data network 7.
A contained system observes several properties including: any software in the contained system can be prevented from using network-accessible services unless the use of such services results from human-originated actions; any software in the contained system can be prevented from using transactions implemented by a specific service unless the use of such transactions result from human-originated actions; and no autonomous software in the contained system can surreptitiously use services and/or transactions.
Moreover, the containment mechanism can be applied selectively to services based on the nature of the service and/or the nature of specific threats or possible harmful effects that could results from the service. For example, malicious software could spread via electronic mail or messaging that includes data attachments, therefore, whenever electronic mail with attachments is sent, the human user is asked to confirm the origin of the request. If malicious software attempts to spread to other hosts by sending itself via electronic mail, the user will be contacted to confirm that he/she has sent the message and its associated data attachment, and the malicious attempt would be thwarted when the human user denies the origin of the electronic mail.
Containment is accomplished in a system by controlling the ability of any software on a host system to use a communication conduit. A conduit is herein defined as a mechanism that has the ability to create a communication session from the local host system to a host system offering a service, wherein the session uses a communication channel for the service. For example, a common pair of conduits used by many workstation hosts are able to communicate over a conduit to a mail server using TCP and port 110 in order to access a POP3 service for receiving mail; the pair may also communicate over a conduit to a mail server using TCP and port 24 to access a simple mail transfer protocol (SMTP) service for sending mail.
An important aspect of conduits in practice is that most hosts have the ability to use a conduit to communicate with most services running on most other hosts. The number of such conduits is large and most of these conduits are rarely used but are available for accidental or intentional abuse with harmful results.
A system is considered contained if there is a containment mechanism that controls the usage of all conduits, and enables the conduits that are actually needed. In a contained system, control is applied both to the ability to make use of a conduit (to make requests for transactions implemented by the server), and to the ability to use conduits to make a specific request.
Referring now back to
The service request message is passed from the workstation host 9 to the confirmation interceptor 5 via the data network 7. The confirmation interceptor 5 then intercepts the service request message and determines whether the requested transaction necessitates user confirmation.
If the requested transaction does require user confirmation to proceed, the confirmation interceptor 5 holds the service request message and sends a confirmation request message to one of several possible devices such as: a confirmation agent on workstation 9, a confirmation agent on a second workstation associated with the user 21, a communication device comprising a confirmation agent connected to the data network 7, or a communication device comprising a confirmation agent connected to a second data network. Although the confirmation interceptor 5 may send a confirmation request message to any of a number of possible devices such as those listed, the confirmation interceptor 5 shown in
The confirmation agent 19 then displays a message to the user, wherein the displayed message prompts the user for the response that the confirmation interceptor requires in order to process the service and/or the transaction requested. Moreover, to obtain the required response, the confirmation agent 19 may query the user by one or more dialogues. The confirmation agent 19 then waits for a user response within a predefined time frame. If the confirmation agent 19 obtains a response within the time frame, the confirmation agent 19 sends the response data back to the confirmation interceptor 5 in the form of a confirmation status message.
Moreover, when the confirmation interceptor 5 receives the response data, the interceptor determines whether the response data is an acceptable confirmation reply. In one example, the confirmation interceptor receives an acceptable confirmation from the user to proceed with the request transaction and forwards the service request message to the server application software 3. Alternatively, if the confirmation interceptor 5 determines that one of the following is true: a) the response is not an acceptable confirmation response; or b) there is no response data; the confirmation interceptor 5 then drops the service request message instead of forwarding the message to the server application software 3.
As shown in
As shown in
As shown in
In this first exemplary embodiment, the service request is logged and the service request message is forwarded onto the server application software in step 57.
In an alternative embodiment, the system operates with user confirmation for service requests. In this alternative embodiment, the service request message is checked to determine whether the message requires a user confirmation in step 45. If the service request message does not require any user confirmation, the service request is logged and the service request message is forwarded onto the server application software in step 57.
In step 45, if it is determined that the service request message does require user confirmation, the message is checked to determine if a specific confirmation agent has been defined as the means to process the service request in step 47.
In step 49, if a confirmation agent has been designated to process the service request, a confirmation request message is then sent to the designated confirmation agent from a confirmation interceptor.
Alternatively, in step 51, if a confirmation agent is not designated to process the service request, a confirmation request message is sent to a default confirmation agent from a confirmation interceptor.
Having received the confirmation request message, the designated or default confirmation agent engages in a dialogue with the user in order to obtain user confirmation, and the designated or default confirmation agent subsequently sends a confirmation status message to the confirmation interceptor, wherein the confirmation status message comprises the content of the user's dialogue information. Moreover, the confirmation status message may comprise: a) an acceptable user response wherein the response is one that is required for the service request, b) an unacceptable user response, or c) no user response wherein the user does not respond within a user or system defined time frame. Case (b) may comprise a well-formed response wherein the user denies the service request, or it may comprise a malformed response such as the result of autonomous client software attempting to impersonate a user.
Furthermore, one or more techniques maybe employed to carry out the dialogue with the user in order to ensure that the response comes from a legitimate user rather than other means such as automation. In one embodiment, a natural language puzzle maybe used wherein human reasoning is necessary to determine the input solicited. For example, one dialogue employing natural language puzzles may solicit an input by asking for the name of a color in the rainbow, wherein the color is adjacent to the color yellow in the rainbow and is not a citrus fruit. The nature of such questions enables a higher probability of explicit user confirmation due to the current inability of software automation to perform human reasoning.
In a second embodiment, the dialogue is presented via a graphical representation of letters that are known to be difficult for optical character recognition. By presenting text as graphics rather than textual data, software automation would be forced to infer the text from the graphical representation of letters and words. In one example, the dialogue may solicit an input with a request such as “to confirm this operation, please type green”. Alternatively, the response may be solicited as selection of graphical items that represent letters or words, thus forming a “virtual keypad”.
In a third embodiment, the dialogue presents a challenge/response request where the request must be computed by using the challenge data in addition to information that the human knows and is not on the computer the user is using. For example, a “2 factor authentication” may be used wherein a separate handheld device is employed to compute the response.
In a fourth embodiment, the interface between the human user and the machine is implemented entirely on a separate device from the workstation the user is using. For example, confirmation may be solicited via a short messaging system to a designated cell phone so that the workstation the user is using would have no information regarding the response solicited. The separate device could be on a different communication network as in the embodiment illustrated in
Referring now back to
In step 59, if the confirmation interceptor determines that the user has denied the service request, the service request is logged but the service request message is not forwarded to the server application software. Conversely, in step 57, if the confirmation interceptor determines that the user has confirmed the service request, the service request is logged and the service request message is forwarded to the server application software.
The foregoing descriptions of specific embodiments of the present invention have been presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed, and obviously many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and its practical application, to thereby enable others skilled in the arts to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the Claims appended hereto and their equivalents.
For example, the confirmation interceptor 5 is illustrated in
Moreover, the confirmation agents such as confirmation agent 19 and confirmation agent 23 may be implemented as special purpose software or existing communication software such as an email client or instant messaging client. The confirmation agent may be implemented using alternative communication devices such as handheld computers, personal digital assistants, 2-way pagers, cell phones, etc. Depending on the device in which a confirmation agent is implemented, the agent may be specific software or confirmation from the user may be solicited by using the native capabilities of the device. For example, telephone confirmation may be obtained via a phone call, the input would then be prompted as a voice response.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4688169 | Joshi | Aug 1987 | A |
| 4982430 | Frezza et al. | Jan 1991 | A |
| 5155847 | Kirouac et al. | Oct 1992 | A |
| 5222134 | Waite et al. | Jun 1993 | A |
| 5390314 | Swanson | Feb 1995 | A |
| 5521849 | Adelson et al. | May 1996 | A |
| 5560008 | Johnson et al. | Sep 1996 | A |
| 5699513 | Feigen et al. | Dec 1997 | A |
| 5778226 | Adams et al. | Jul 1998 | A |
| 5778349 | Okonogi | Jul 1998 | A |
| 5787427 | Benantar et al. | Jul 1998 | A |
| 5842017 | Hookway et al. | Nov 1998 | A |
| 5907709 | Cantey et al. | May 1999 | A |
| 5907860 | Garibay et al. | May 1999 | A |
| 5926832 | Wing et al. | Jul 1999 | A |
| 5974149 | Leppek | Oct 1999 | A |
| 5987610 | Franczek et al. | Nov 1999 | A |
| 5987611 | Freund | Nov 1999 | A |
| 5991881 | Conklin et al. | Nov 1999 | A |
| 6064815 | Hohensee et al. | May 2000 | A |
| 6073142 | Geiger et al. | Jun 2000 | A |
| 6192401 | Modiri et al. | Feb 2001 | B1 |
| 6192475 | Wallace | Feb 2001 | B1 |
| 6256773 | Bowman-Amuah | Jul 2001 | B1 |
| 6275938 | Bond et al. | Aug 2001 | B1 |
| 6321267 | Donaldson | Nov 2001 | B1 |
| 6356957 | Sanchez, II et al. | Mar 2002 | B2 |
| 6393465 | Leeds | May 2002 | B2 |
| 6442686 | McArdle et al. | Aug 2002 | B1 |
| 6449040 | Fujita | Sep 2002 | B1 |
| 6453468 | D'Souza | Sep 2002 | B1 |
| 6460050 | Pace et al. | Oct 2002 | B1 |
| 6587877 | Douglis et al. | Jul 2003 | B1 |
| 6611925 | Spear | Aug 2003 | B1 |
| 6662219 | Nishanov et al. | Dec 2003 | B1 |
| 6748534 | Gryaznov et al. | Jun 2004 | B1 |
| 6769008 | Kumar et al. | Jul 2004 | B1 |
| 6769115 | Oldman | Jul 2004 | B1 |
| 6795966 | Lim et al. | Sep 2004 | B1 |
| 6832227 | Seki et al. | Dec 2004 | B2 |
| 6834301 | Hanchett | Dec 2004 | B1 |
| 6847993 | Novaes et al. | Jan 2005 | B1 |
| 6907600 | Neiger et al. | Jun 2005 | B2 |
| 6930985 | Rathi et al. | Aug 2005 | B1 |
| 6934755 | Saulpaugh et al. | Aug 2005 | B1 |
| 6988101 | Ham et al. | Jan 2006 | B2 |
| 6988124 | Douceur et al. | Jan 2006 | B2 |
| 7007302 | Jagger et al. | Feb 2006 | B1 |
| 7010796 | Strom et al. | Mar 2006 | B1 |
| 7024548 | O'Toole, Jr. | Apr 2006 | B1 |
| 7039949 | Cartmell et al. | May 2006 | B2 |
| 7069330 | McArdle et al. | Jun 2006 | B1 |
| 7082456 | Mani-Meitav et al. | Jul 2006 | B2 |
| 7093239 | van der Made | Aug 2006 | B1 |
| 7124409 | Davis et al. | Oct 2006 | B2 |
| 7139916 | Billingsley et al. | Nov 2006 | B2 |
| 7152148 | Williams et al. | Dec 2006 | B2 |
| 7159036 | Hinchliffe et al. | Jan 2007 | B2 |
| 7203864 | Goin et al. | Apr 2007 | B2 |
| 7251655 | Kaler et al. | Jul 2007 | B2 |
| 7290266 | Gladstone et al. | Oct 2007 | B2 |
| 7330849 | Gerasoulis et al. | Feb 2008 | B2 |
| 7346781 | Cowle et al. | Mar 2008 | B2 |
| 7349931 | Horne | Mar 2008 | B2 |
| 7350204 | Lambert et al. | Mar 2008 | B2 |
| 7353501 | Tang et al. | Apr 2008 | B2 |
| 7363022 | Whelan et al. | Apr 2008 | B2 |
| 7370360 | van der Made | May 2008 | B2 |
| 7406517 | Hunt et al. | Jul 2008 | B2 |
| 7441265 | Staamann et al. | Oct 2008 | B2 |
| 7464408 | Shah et al. | Dec 2008 | B1 |
| 7506155 | Stewart et al. | Mar 2009 | B1 |
| 7506170 | Finnegan | Mar 2009 | B2 |
| 7506364 | Vayman | Mar 2009 | B2 |
| 7546333 | Alon et al. | Jun 2009 | B2 |
| 7546594 | McGuire et al. | Jun 2009 | B2 |
| 7552479 | Conover et al. | Jun 2009 | B1 |
| 7577995 | Chebolu et al. | Aug 2009 | B2 |
| 7603552 | Sebes et al. | Oct 2009 | B1 |
| 7607170 | Chesla | Oct 2009 | B2 |
| 7669195 | Qumei | Feb 2010 | B1 |
| 7685635 | Vega et al. | Mar 2010 | B2 |
| 7698744 | Fanton et al. | Apr 2010 | B2 |
| 7703090 | Napier et al. | Apr 2010 | B2 |
| 7757269 | Roy-Chowdhury et al. | Jul 2010 | B1 |
| 7765538 | Zweifel et al. | Jul 2010 | B2 |
| 7809704 | Surendran et al. | Oct 2010 | B2 |
| 7818377 | Whitney et al. | Oct 2010 | B2 |
| 7823148 | Deshpande et al. | Oct 2010 | B2 |
| 7836504 | Ray et al. | Nov 2010 | B2 |
| 7849507 | Bloch et al. | Dec 2010 | B1 |
| 7865931 | Stone et al. | Jan 2011 | B1 |
| 7908653 | Brickell et al. | Mar 2011 | B2 |
| 7937455 | Saha et al. | May 2011 | B2 |
| 7966659 | Wilkinson et al. | Jun 2011 | B1 |
| 7996836 | McCorkendale et al. | Aug 2011 | B1 |
| 8015388 | Rihan et al. | Sep 2011 | B1 |
| 8015563 | Araujo et al. | Sep 2011 | B2 |
| 8234713 | Roy-Chowdhury et al. | Jul 2012 | B2 |
| 20020056076 | van der Made | May 2002 | A1 |
| 20020069367 | Tindal et al. | Jun 2002 | A1 |
| 20020083175 | Afek et al. | Jun 2002 | A1 |
| 20020099671 | Mastin Crosbie et al. | Jul 2002 | A1 |
| 20030014667 | Kolichtchak | Jan 2003 | A1 |
| 20030023736 | Abkemeier | Jan 2003 | A1 |
| 20030033510 | Dice | Feb 2003 | A1 |
| 20030073894 | Chiang et al. | Apr 2003 | A1 |
| 20030074552 | Olkin et al. | Apr 2003 | A1 |
| 20030120601 | Ouye et al. | Jun 2003 | A1 |
| 20030120811 | Hanson et al. | Jun 2003 | A1 |
| 20030120935 | Teal et al. | Jun 2003 | A1 |
| 20030145232 | Poletto et al. | Jul 2003 | A1 |
| 20030163718 | Johnson et al. | Aug 2003 | A1 |
| 20030167292 | Ross | Sep 2003 | A1 |
| 20030167399 | Audebert et al. | Sep 2003 | A1 |
| 20030200332 | Gupta et al. | Oct 2003 | A1 |
| 20030212902 | van der Made | Nov 2003 | A1 |
| 20030220944 | Schottland et al. | Nov 2003 | A1 |
| 20030221190 | Deshpande et al. | Nov 2003 | A1 |
| 20040003258 | Billingsley et al. | Jan 2004 | A1 |
| 20040015554 | Wilson | Jan 2004 | A1 |
| 20040051736 | Daniell | Mar 2004 | A1 |
| 20040054928 | Hall | Mar 2004 | A1 |
| 20040143749 | Tajalli et al. | Jul 2004 | A1 |
| 20040167906 | Smith et al. | Aug 2004 | A1 |
| 20040230963 | Rothman et al. | Nov 2004 | A1 |
| 20040243678 | Smith | Dec 2004 | A1 |
| 20040255161 | Cavanaugh | Dec 2004 | A1 |
| 20050018651 | Yan et al. | Jan 2005 | A1 |
| 20050086047 | Uchimoto et al. | Apr 2005 | A1 |
| 20050108516 | Balzer et al. | May 2005 | A1 |
| 20050108562 | Khazan et al. | May 2005 | A1 |
| 20050114672 | Duncan et al. | May 2005 | A1 |
| 20050132346 | Tsantilis | Jun 2005 | A1 |
| 20050228990 | Kato et al. | Oct 2005 | A1 |
| 20050235360 | Pearson | Oct 2005 | A1 |
| 20050257207 | Blumfield et al. | Nov 2005 | A1 |
| 20050257265 | Cook et al. | Nov 2005 | A1 |
| 20050260996 | Groenendaal | Nov 2005 | A1 |
| 20050262558 | Usov | Nov 2005 | A1 |
| 20050273858 | Zadok et al. | Dec 2005 | A1 |
| 20050283823 | Okajo et al. | Dec 2005 | A1 |
| 20050289538 | Black-Ziegelbein et al. | Dec 2005 | A1 |
| 20060004875 | Baron et al. | Jan 2006 | A1 |
| 20060015501 | Sanamrad et al. | Jan 2006 | A1 |
| 20060037016 | Saha et al. | Feb 2006 | A1 |
| 20060080656 | Cain et al. | Apr 2006 | A1 |
| 20060085785 | Garrett | Apr 2006 | A1 |
| 20060101277 | Meenan et al. | May 2006 | A1 |
| 20060133223 | Nakamura et al. | Jun 2006 | A1 |
| 20060136910 | Brickell et al. | Jun 2006 | A1 |
| 20060136911 | Robinson et al. | Jun 2006 | A1 |
| 20060195906 | Jin et al. | Aug 2006 | A1 |
| 20060200863 | Ray et al. | Sep 2006 | A1 |
| 20060230314 | Sanjar et al. | Oct 2006 | A1 |
| 20060236398 | Trakic et al. | Oct 2006 | A1 |
| 20060259734 | Sheu et al. | Nov 2006 | A1 |
| 20070011746 | Malpani et al. | Jan 2007 | A1 |
| 20070028303 | Brennan | Feb 2007 | A1 |
| 20070039049 | Kupferman et al. | Feb 2007 | A1 |
| 20070050579 | Hall et al. | Mar 2007 | A1 |
| 20070050764 | Traut | Mar 2007 | A1 |
| 20070074199 | Schoenberg | Mar 2007 | A1 |
| 20070083522 | Nord et al. | Apr 2007 | A1 |
| 20070101435 | Konanka et al. | May 2007 | A1 |
| 20070136579 | Levy et al. | Jun 2007 | A1 |
| 20070143851 | Nicodemus et al. | Jun 2007 | A1 |
| 20070169079 | Keller et al. | Jul 2007 | A1 |
| 20070192329 | Croft et al. | Aug 2007 | A1 |
| 20070220061 | Tirosh et al. | Sep 2007 | A1 |
| 20070220507 | Back et al. | Sep 2007 | A1 |
| 20070253430 | Minami et al. | Nov 2007 | A1 |
| 20070256138 | Gadea et al. | Nov 2007 | A1 |
| 20070271561 | Winner et al. | Nov 2007 | A1 |
| 20070300215 | Bardsley | Dec 2007 | A1 |
| 20080005737 | Saha et al. | Jan 2008 | A1 |
| 20080005798 | Ross | Jan 2008 | A1 |
| 20080010304 | Vempala et al. | Jan 2008 | A1 |
| 20080022384 | Yee et al. | Jan 2008 | A1 |
| 20080034416 | Kumar et al. | Feb 2008 | A1 |
| 20080052468 | Speirs et al. | Feb 2008 | A1 |
| 20080082977 | Araujo et al. | Apr 2008 | A1 |
| 20080120499 | Zimmer et al. | May 2008 | A1 |
| 20080163207 | Reumann et al. | Jul 2008 | A1 |
| 20080163210 | Bowman et al. | Jul 2008 | A1 |
| 20080165952 | Smith et al. | Jul 2008 | A1 |
| 20080184373 | Traut et al. | Jul 2008 | A1 |
| 20080235534 | Matthias et al. | Sep 2008 | A1 |
| 20080294703 | Craft et al. | Nov 2008 | A1 |
| 20080301770 | Kinder | Dec 2008 | A1 |
| 20090007100 | Field et al. | Jan 2009 | A1 |
| 20090038017 | Durham et al. | Feb 2009 | A1 |
| 20090043993 | Ford et al. | Feb 2009 | A1 |
| 20090055693 | Budko et al. | Feb 2009 | A1 |
| 20090113110 | Xiaoxin et al. | Apr 2009 | A1 |
| 20090144300 | Chatley et al. | Jun 2009 | A1 |
| 20090150639 | Ohata | Jun 2009 | A1 |
| 20090249053 | Zimmer et al. | Oct 2009 | A1 |
| 20090249438 | Litvin et al. | Oct 2009 | A1 |
| 20090320140 | Sebes et al. | Dec 2009 | A1 |
| 20100071035 | Budko et al. | Mar 2010 | A1 |
| 20100114825 | Siddegowda | May 2010 | A1 |
| 20100250895 | Adams et al. | Sep 2010 | A1 |
| 20100281133 | Brendel | Nov 2010 | A1 |
| 20100332910 | Qasim et al. | Dec 2010 | A1 |
| 20110029772 | Fanton et al. | Feb 2011 | A1 |
| 20110035423 | Kobayashi et al. | Feb 2011 | A1 |
| 20110047543 | Mohinder | Feb 2011 | A1 |
| 20110078550 | Nabutovsky | Mar 2011 | A1 |
| 20110093842 | Sebes | Apr 2011 | A1 |
| 20110093950 | Bhargava et al. | Apr 2011 | A1 |
| 20120278853 | Chowdhury et al. | Nov 2012 | A1 |
| Number | Date | Country |
|---|---|---|
| 1 482 394 | Dec 2004 | EP |
| 2 037 657 | Mar 2009 | EP |
| WO 9844404 | Oct 1998 | WO |
| WO 0184285 | Nov 2001 | WO |
| WO 2006012197 | Feb 2006 | WO |
| WO 2006124832 | Nov 2006 | WO |
| WO 2008054997 | May 2008 | WO |
| WO 2012015489 | Feb 2010 | WO |
| WO 2011059877 | May 2011 | WO |
| WO 2012015485 | Feb 2012 | WO |
| Entry |
|---|
| Gutzmann, K., “Access control and session management in the HTTP environment”, Internet Computing, IEEE vol. 5, Issue 1, Jan.-Feb. 2001 pp. 26-35. |
| U.S. Appl. No. 11/379,953, entitled “Software Modification by Group to Minimize Breakage,” filed Apr. 24, 2006, Inventor(s): E. John Sebes et al. |
| U.S. Appl. No. 11/277,596, entitled “Execution Environment File Inventory,” filed Mar. 27, 2006, Inventor(s): Rishi Bhargava et al. |
| U.S. Appl. No. 10/806,578, entitled Containment of Network communication, filed Mar. 22, 2004, Inventor(s): E. John Sebes et al. |
| U.S. Appl. No. 10/739,230, entitled “Method and System for Containment of Usage of Language Interfaces,” filed Dec. 17, 2003, Inventor(s): Rosen Sharma et al. |
| U.S. Appl. No. 10/935,772, entitled “Solidifying the Executable Software Set of a Computer,” filed Sep. 7, 2004, Inventor(s): E. John Sebes et al. |
| U.S. Appl. No. 11/060,683, entitled “Distribution and Installation of Solidified Software on a Computer,” Filed Feb. 16, 2005, Inventor(s): Bakul Shah et al. |
| U.S. Appl. No. 11/346,741, entitled “Enforcing Alignment of Approved Changes and Deployed Changes in the Software Change Life-Cycle,” filed Feb. 2, 2006, Inventor(s): Rahul Roy-Chowdhury et al. |
| U.S. Appl. No. 11/182,320, entitled “Classification of Software on Networked Systems,” filed Jul. 14, 2005, Inventor(s): E. John Sebes et al. |
| U.S. Appl. No. 11/400,085, entitled “Program-Based Authorization,” filed Apr. 7, 2006, Inventor(s): Rishi Bhargava et al. |
| U.S. Appl. No. 11/437,317, entitled “Connectivity-Based Authorization,” filed May 18, 2006, Inventor(s): E. John Sebes et al. |
| U.S. Appl. No. 12/290,380, entitled “Application Change Control,” filed Oct. 29, 2008, Inventor(s): Rosen Sharma et al. |
| U.S. Appl. No. 12/008,274, entitled Method and Apparatus for Process Enforced Configuration Management, filed Jan. 9, 2008, Inventor(s): Rishi Bhargava et al. |
| U.S. Appl. No. 12/291,232, entitled “Method of and System for Computer System State Checks,” filed Nov. 7, 2008, inventor(s): Rishi Bhargava et al. |
| U.S. Appl. No. 12/322,220, entitled “Method of and System for Malicious Software Detection Using Critical Address Space Protection,” filed Jan. 29, 2009, Inventor(s): Suman Saraf et al. |
| U.S. Appl. No. 12/322,321, entitled “Method of and System for Computer System Denial-of-Service Protection,” filed Jan. 29, 2009, Inventor(s): Suman Saraf et al. |
| U.S. Appl. No. 12/426,859, entitled “Method of and System for Reverse Mapping Vnode Pointers,” filed Apr. 20, 2009, Inventor(s): Suman Saraf et al. |
| U.S. Appl. No. 12/545,609, entitled “System and Method for Enforcing Security Policies in a Virtual Environment,” filed Aug. 21, 2009, Inventor(s): Amit Dang et al. |
| U.S. Appl. No. 12/545,745, entitled “System and Method for Providing Address Protection in a Virtual Environment,” filed Aug. 21, 2009, Inventor(s): Preet Mohinder. |
| Eli M. Dow, et al., “The Xen Hypervisor,” INFORMIT, dated Apr. 10, 2008, http://www.informit.com/articles/printerfriendly.aspx?p=1187966, printed Aug. 11, 2009 (13 pages). |
| “Xen Architecture Overview,” Xen, dated Feb. 13, 2008, Version 1.2, http://wiki.xensource.com/xenwiki/XenArchitecture?action=AttachFile&do=get&target=Xen+archit ecture—Q1+2008.pdf, printed Aug. 18, 2009 (9 pages). |
| U.S. Appl. No. 12/615,521, entitled “System and Method for Preventing Data Loss Using Virtual Machine Wrapped Applications,” filed Nov. 10, 2009, Inventor(s): Sonali Agarwal, et al. |
| Desktop Management and Control, Website: http://www.vmware.com/solutions/desktop/, Retrieved and printed Oct. 12, 2009, 1 page. |
| Secure Mobile Computing, Website: http://www.vmware.com/solutions/desktop/mobile.html, Retrieved and printed Oct. 12, 2009, 2 pages. |
| U.S. Appl. No. 12/636,414, entitled “System and Method for Managing Virtual Machine Configurations,” filed Dec. 11, 2009, Inventor(s): Harvinder Singh Sawhney, et al. |
| U.S. Appl. No. 12/640,098, entitled “Enforcing Alignment of Approved Changes and Deployed Changes in the Software Change Life-Cycle,” filed Dec. 17, 2009, Inventor(s): Rahul Roy-Chowdhury, et al. |
| U.S. Appl. No. 12/839,856, entitled “Containment of Network Communication,” filed Jul. 20, 2010, Inventor(s) E. John Sebes, et al. |
| U.S. Appl. No. 12/844,892, entitled “System and Method for Protecting Computer Networks Against Malicious Software,” filed Jul. 28, 2010, Inventor(s) Rishi Bhargava, et al. |
| U.S. Appl. No. 12/844,964, entitled “System and Method for Network Level Protection Against Malicious Software,” filed Jul. 28, 2010, Inventor(s) Rishi Bhargava, et al. |
| U.S. Appl. No. 12/880,125, entitled “System and Method for Clustering Host Inventories,” filed Sep. 12, 2010, Inventor(s) Rishi Bhargava, et al. |
| U.S. Appl. No. 12/944,567, entitled “Classification of Software on Networked Systems,” filed Nov. 11, 2010, Inventor(s) E. John Sebes, et al. |
| U.S. Appl. No. 12/903,993, entitled “Method and System for Containment of Usage of Language Interfaces,” filed Oct. 13, 2010, Inventor(s) Rosen Sharma, et al. |
| U.S. Appl. No. 12/946,081, entitled “Method and System for Containment of Usage of Language Interfaces,” filed Nov. 15, Inventor(s) Rosen Sharma, et al. |
| U.S. Appl. No. 12/946,344, entitled “Method and System for Containment of Usage of Language Interfaces,” filed Nov. 15, 2010, Inventor(s) Rosen Sharma, et al. |
| Barrantes et al., “Randomized Instruction Set Emulation to Dispurt Binary Code Injection Attacks,” Oct. 27-31, 2003, ACM, pp. 281-289. |
| Gaurav et al., “Countering Code-Injection Attacks with Instruction-Set Randomization,” Oct. 27-31, 2003, ACM, pp. 272-280. |
| Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority (1 page), International Search Report (4 pages), and Written Opinion (3 pages), mailed Mar. 2, 2011, International Application No. PCT/US2010/055520. |
| Tal Garfinkel, et al., “Terra: A Virtual Machine-Based Platform for Trusted Computing,” XP-002340992, SOSP'03, Oct. 19-22, 2003, 14 pages. |
| U.S. Appl. No. 13/012,138, entitled “System and Method for Selectively Grouping and Managing Program Files,” filed Jan. 24, 2011, Inventor(s) Rishi Bhargava, et al. (04796-1055). |
| U.S. Appl. No. 13/022,148, entitled “Execution Environment File Inventory,” filed Feb. 7, 2011, Inventor(s) Rishi Bhargava, et al. |
| U.S. Appl. No. 13/037,988, entitled “System and Method for Botnet Detection by Comprehensive Email Behavioral Analysis,” filed Mar. 1, 2011, Inventor(s) Sven Krasser, et al. |
| IA-32 Intel® Architecture Software Developer's Manual, vol. 3B; Jun. 2006; pp. 13, 15, 22 and 145-146. |
| Check Point Software Technologies Ltd.: “ZoneAlarm Security Software User Guide Version 9”, Aug. 24, 2009, XP002634548, 259 pages, retrieved from Internet: URL:http://download.zonealarm.com/bin/media/pdf/zaclient91—user—manual.pdf. |
| Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration (1 page), International Search Report (6 pages), and Written Opinion of the International Searching Authority (10 pages) for International Application No. PCT/US2011/020677 mailed Jul. 22, 2011. |
| Notification of Transmittal of the International Search Report and Written Opinion of the International Searching Authority, or the Declaration (1 page), International Search Report (3 pages), and Written Opinion of the International Search Authority (6 pages) for International Application No. PCT/US2011/024869 mailed Jul. 14, 2011. |
| Notification of International Preliminary Report on Patentability and Written Opinion mailed May 24, 2012 for International Application No. PCT/US2010/055520, 5 pages (04796-1047). |
| Sailer et al., sHype: Secure Hypervisor Approach to Trusted Virtualized Systems, IBM research Report, Feb. 2, 2005, 13 pages. |
| U.S. Appl. No. 13/558,181, entitled “Method and Apparatus for Process Enforced Configuration Management,” filed Jul. 25, 2012, Inventor(s) Rishi Bhargava et al. |
| U.S. Appl. No. 13/558,227, entitled “Method and Apparatus for Process Enforced Configuration Management,” filed Jul. 25, 2012, Inventor(s) Rishi Bhargava et al. |
| U.S. Appl. No. 13/558,277, entitled “Method and Apparatus for Process Enforced Configuration Management,” filed Jul. 25, 2012, Inventor(s) Rishi Bhargava et al. |
| Myung-Sup Kim et al., “A load cluster management system using SNMP and web”, [Online], May 2002, pp. 367-378, [Retrieved from Internet on Oct. 24, 2012], <http://onlinelibrary.wiley.com/doi/10.1002/nem.453/pdf>. |
| G. Pruett et al., “BladeCenter systems management software”, [Online], Nov. 2005, pp. 963-975, [Retrieved from Internet on Oct. 24, 2012], <http://citeseerx.lst.psu.edu/viewdoc/download?doi=10.1.1.91.5091&rep=repl&type=pdf>. |
| Philip M. Papadopoulos et al., “NPACI Rocks: tools and techniques for easily deploying manageable Linux clusters” [Online], Aug. 2002, pp. 707-725, [Retrieved from internet on Oct. 24, 2012], <http://onlinelibrary.wiley.com/doi/10.1002/cpe.722/pdf>. |
| Thomas Staub et al., “Secure Remote Management and Software Distribution for Wireless Mesh Networks”, [Online], Sep. 2007, pp. 1-8, [Retrieved from Internet on Oct. 24, 2012], <http://cds.unibe.ch/research/pub—files/B07.pdf>. |
| “What's New: McAfee VirusScan Enterprise, 8.8,” copyright 2010, retrieved on Nov. 23, 2012 at https://kc.mcafee.com/resources/sites/Mcafee/content/live/PRODUCT—DOCUMENTATION/22000/PD22973/en—US/VSE%208.8%20-%20What's%20New.pdf, 4 pages. |
| “McAfee Management for Optimized Virtual Environments,” copyright 2012, retrieved on Nov. 26, 2012 at AntiVirushttp://www.mcafee.com/us/resources/data-sheets/ds-move-anti-virus.pdf, 2 pages. |
| Rivest, R., “The MD5 Message-Digest Algorithm”, RFC 1321, Apr. 1992, retrieved on Dec. 14, 2012 from http://www.ietf.org/rfc/rfc1321.txt, 21 pages. |
| Hinden, R. and B. Haberman, “Unique Local IPv6 Unicast Addresses”, RFC 4193, Oct. 2005, retrieved on Nov. 20, 2012 from http://tools.ietf.org/pdf/rfc4193.pdf, 17 pages. |
| “Secure Hash Standard (SHS)”, Federal Information Processing Standards Publication, FIPS PUB 180-4, Mar. 2012, retrieved on Dec. 14, 2012 from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf, 35 pages. |
| U.S. Appl. No. 13/728,705, filed Dec. 27, 2012, entitled “Herd Based Scan Avoidance System in a Network Environment,” Inventor(s) Venkata Ramanan, et al. |
