logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7698744 B1

PDFFull Text
Date of Patent:
Apr. 13, 2010

Filed:

Dec. 05, 2005

Secure system for allowing the execution of authorized computer program code

Applicants:

Andrew F. Fanton, Westminster, CO (US);

John J. Gandee, Loveland, CO (US);

William H. Lutton, Fort Collins, CO (US);

Edwin L. Harper, Fort Collins, CO (US);

Kurt E. Godwin, Loveland, CO (US);

Anthony A. Rozga, Wellington, CO (US);

Inventors:

Andrew F. Fanton, Westminster, CO (US);

John J. Gandee, Loveland, CO (US);

William H. Lutton, Fort Collins, CO (US);

Edwin L. Harper, Fort Collins, CO (US);

Kurt E. Godwin, Loveland, CO (US);

Anthony A. Rozga, Wellington, CO (US);

Assignee:

Whitecell Software Inc., Fort Collins, CO (US);

Attorney:

Hamilton, DeSanctis & Cha, LLP

Primary Examiner:

Kambiz Zand

Assistant Examiner:

Monjour Rahim

Int. Cl.
CPC ...
G06F 7/04 (2006.01); G06F 17/30 (2006.01);
U.S. Cl.
CPC ...
Abstract

Systems and methods are described for allowing the execution of authorized computer program code and for protecting computer systems and networks from unauthorized code execution. In one embodiment, a multi-level proactive whitelist approach is employed to secure a computer system by allowing only the execution of authorized computer program code thereby protecting the computer system against the execution of malicious code such as viruses, Trojan horses, spy-ware, and/or the like. Various embodiments use a kernel-level driver, which intercepts or 'hooks' certain system Application Programming Interface (API) calls in order to monitor the creation of processes prior to code execution. The kernel-level driver may also intercept and monitor the loading of code modules by running processes, and the passing of non-executable code modules, such as script files, to approved or running code modules via command line options, for example. Once intercepted, a multi-level whitelist approach may be used to authorize the code execution.

Find Patent Forward Citations

Loading…