US2012054864A1PendingUtilityA1

Security methods and systems

43
Assignee: LINN CHRISTOPHER SCOTTPriority: Apr 22, 2005Filed: Nov 3, 2011Published: Mar 1, 2012
Est. expiryApr 22, 2025(expired)· nominal 20-yr term from priority
G06F 21/56G06F 21/51
43
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

The present invention describes methods for improving security when accessing applications and other executable programs. In one exemplary method, a user is warned if an application that has never been previously run is being launched by the user. Other methods, as well as data processing systems and machine readable media, are also described.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A machine-implemented method comprising:
 downloading a file;   determining if the file contains executable code; and   issuing a warning to the user before allowing the file to be downloaded.   
     
     
         2 . A method as in  claim 1  wherein determining if the file contains executable code is accomplished by looking at the raw data bits in the file. 
     
     
         3 . A machine-implemented method comprising:
 receiving an input to download an application from the Internet to a user's system;   issuing a warning to the user before allowing the application to be downloaded.   
     
     
         4 . A machine-implemented method comprising:
 detecting an attempt to automatically download from the Internet an application to a user's system;   issuing a warning to the user before allowing the application to be downloaded.   
     
     
         5 . A method as in  claim 4  wherein the attempt to download the application may occur without the user's knowledge. 
     
     
         6 . A method as in  claim 4  wherein the application can be any executable code such as a script, dynamically loadable library, applet, or plug-in. 
     
     
         7 . A method as in  claim 4  wherein the user has the option of restricting the scope of the warning. 
     
     
         8 . A machine-implemented method comprising:
 downloading an executable program from the Internet;   detecting an attempt to launch the program without a user request to launch the application; and   issuing a warning to the user before allowing the program to be launched.   
     
     
         9 . A method as in  claim 8  wherein downloading the program occurs in response to a request by the user. 
     
     
         10 . A method as in  claim 8  wherein downloading the program does not occur in response to a request by the user. 
     
     
         11 . A method as in  claim 8  wherein the attempt to launch the program originates from an electronic document with a URL scheme wherein the URL scheme is processed only by the program. 
     
     
         12 . A method as in  claim 8  wherein the attempt to launch the program originates from an electronic document with a URL scheme, wherein the URL scheme is processed automatically by a scripted web page and wherein the user does not request the processing of the URL scheme. 
     
     
         13 . A machine-implemented method comprising:
 receiving an input to download one or more files contained in an archived file;   determining if any of the files contain executable code; and   issuing a warning to a user that one or more of the files contain executable code.   
     
     
         14 . A method as in  claim 13  wherein determining if the archived file contains executable code is done by expanding the archive file into its constituent files and looking at at least some of the raw data bits of each constituent file. 
     
     
         15 . A method as in  claim 14  wherein the constituent files are expanded in a protected storage space where they are inaccessible to the user or other operating system programs. 
     
     
         16 . A method as in  claim 13  wherein the archived file can be a file encoded with any method, such as a disk image, tar file, zip file, stuffed file, or with any other file compression format. 
     
     
         17 . A machine-implemented method comprising:
 downloading an application; and   storing the origin of the application as part of metadata compiled about the application in a metadata database.   
     
     
         18 . A method as in  claim 17  further comprising displaying the metadata, including the origin of the application, in response to a user command. 
     
     
         19 . A method as in  claim 17  wherein the application informs the operating system of the origin of the application. 
     
     
         20 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 downloading a file;   determining if the file contains executable code; and   issuing a warning to the user before allowing the file to be downloaded.   
     
     
         21 . A medium as in  claim 20  wherein determining if the file contains executable code is accomplished by looking at the raw data bits in the file. 
     
     
         22 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 receiving an input to download an application from the Internet to a user's system;   issuing a warning to the user before allowing the application to be downloaded.   
     
     
         23 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 detecting an attempt to automatically download from the Internet an application to a user's system;   issuing a warning to the user before allowing the application to be downloaded.   
     
     
         24 . A medium as in  claim 23  wherein the attempt to download the application may occur without the user's knowledge. 
     
     
         25 . A medium as in  claim 23  wherein the application can be any executable code such as a script, dynamically loadable library, applet, or plug-in. 
     
     
         26 . A medium as in  claim 23  wherein the user has the option of restricting the scope of the warning. 
     
     
         27 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 downloading an executable program from the Internet;   detecting an attempt to launch the program without a user request to launch the application; and   issuing a warning to the user before allowing the program to be launched.   
     
     
         28 . A medium as in  claim 27  wherein downloading the program occurs in response to a request by the user. 
     
     
         29 . A medium as in  claim 27  wherein downloading the program does not occur in response to a request by the user. 
     
     
         30 . A medium as in  claim 27  wherein the attempt to launch the program originates from an electronic document with a URL scheme wherein the URL scheme is processed only by the program. 
     
     
         31 . A medium as in  claim 27  wherein the attempt to launch the program originates from an electronic document with a URL scheme, wherein the URL scheme is processed automatically by a scripted web page and wherein the user does not request the processing of the URL scheme. 
     
     
         32 . A medium as in  claim 27  wherein the user has the option of restricting the scope of the warning. 
     
     
         33 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 receiving an input to download one or more files contained in an archived file;   determining if any of the files contain executable code; and   issuing a warning to a user that one or more of the files contain executable code.   
     
     
         34 . A medium as in  claim 33  wherein determining if the archived file contains executable code is done by expanding the archive file into its constituent files and looking at at least some of the raw data bits of each constituent file. 
     
     
         35 . A medium as in  claim 34  wherein the constituent files are expanded in a protected storage space where they are inaccessible to the user or other operating system programs. 
     
     
         36 . A medium as in  claim 34  wherein the archived file can be a file encoded with any method, such as a disk image, tar file, zip file, stuffed file, or with any other file compression format. 
     
     
         37 . A medium as in  claim 34  wherein the archived file originates from the Internet. 
     
     
         38 . A medium as in  claim 34  wherein the user has the option of restricting the scope of the warning. 
     
     
         39 . A machine readable medium providing instructions which when executed by a system cause the system to perform a method comprising:
 downloading an application; and   storing the origin of the application as part of metadata compiled about the application in a metadata database.   
     
     
         40 . A method as in  claim 39  further comprising displaying the metadata, including the origin of the application, in response to a user command. 
     
     
         41 . A medium as in  claim 39  wherein the origin of the application is a web page or another electronic document coming from the Internet. 
     
     
         42 . A medium as in  claim 39  wherein the application informs the operating system of the origin of the application. 
     
     
         43 . A medium as in  claim 39  wherein the operating system determines the origin of the application. 
     
     
         44 . A data processing system comprising:
 means for downloading a file;   means for determining if the file contains executable code; and   means for issuing a warning to the user before allowing the file to be downloaded.   
     
     
         45 . A data processing system comprising:
 means for receiving an input to download an application from the Internet to a user's system;   means for issuing a warning to the user before allowing the application to be downloaded.   
     
     
         46 . A data processing system comprising:
 means for detecting an attempt to automatically download from the Internet an application to a user's system;   means for issuing a warning to the user before allowing the application to be downloaded.   
     
     
         47 . A data processing system comprising:
 means for downloading an executable program from the Internet;   means for detecting an attempt to launch the program without a user request to launch the application; and   means for issuing a warning to the user before allowing the program to be launched.   
     
     
         48 . A data processing system comprising:
 means for receiving an input to download one or more files contained in an archived file;   means for determining if any of the files contain executable code; and   means for issuing a warning to a user that one or more of the files contain executable code.   
     
     
         49 . A data processing system comprising:
 means for receiving an input to display the contents of part or all of a user's file system; and   means for marking the appearance of a file that is an executable program that has never been launched before by the user.   
     
     
         50 . A data processing system comprising:
 means for marking the appearance of a file in a user's system that, when opened, launches an executable program that has never been launched before by the user.   
     
     
         51 . A data processing system comprising:
 means for marking the appearance of a URL if activating the URL launches an executable program that has never been launched before by a user.   
     
     
         52 . A data processing system comprising:
 means for downloading an application; and   means for storing the origin of the application as part of metadata compiled about the application in a metadata database.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.