US2014208107A1PendingUtilityA1

Systems and methods for implementing application control security

43
Assignee: LUMENSION SECURITY INCPriority: Oct 11, 2010Filed: Mar 26, 2014Published: Jul 24, 2014
Est. expiryOct 11, 2030(~4.2 yrs left)· nominal 20-yr term from priority
G06F 2221/2153G06F 21/34G06F 21/51G06F 21/6218H04L 63/0428
43
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Systems and methods for implementing application control security are disclosed. In one embodiment, a system includes a first device, a decrypted white-list, and an executable program. The first device may be in electrical communication with a memory containing an encrypted white-list. The encrypted white-list may be decrypted using an identifier of a second device. The executable program may be referenced in the decrypted white-list.

Claims

exact text as granted — not AI-modified
1 . A method comprising:
 (a) storing, on a first computerized device, at least an unencrypted first white-list and an encrypted second white-list;   (b) receiving at the first computerized device, and from a second device, all or part of a unique identifier of the second device;   (c) decrypting, at the first computerized device, the encrypted second white-list using all or part of the unique identifier of the second device, thereby creating a decrypted second white-list;   (d) determining whether an executable program is referenced in the decrypted second white-list; and   (e) based on the determining step, allowing or disallowing execution by the first computerized device of the executable program.   
     
     
         2 . The method of  claim 1 , wherein the first computerized device and the second device have access to a network, the method comprising:
 transmitting a request onto the network, and performing the receiving step (b) in response to the transmitting step.   
     
     
         3 . The method of  claim 2 , wherein the request is an address resolution protocol. 
     
     
         4 . The method of  claim 1 , comprising:
 disallowing, prior to the receiving step (b), execution of the executable program on the first computerized device.   
     
     
         5 . The method of  claim 1 , comprising:
 creating an unencrypted second white-list;   receiving all or part of the unique identifier of the second device;   encrypting the unencrypted second white-list via all or part of the unique identifier of the second device; thereby creating the encrypted second white-list.   
     
     
         6 . The method of  claim 1 , comprising:
 transmitting, prior to the receiving step (b), the unique identifier of the second device to the first computerized device.   
     
     
         7 . The method of  claim 1 , wherein the unique identifier of the second device is dreived from a biometric, reader. 
     
     
         8 . The method of  claim 1 :
 wherein a partitioned white-list comprises the unencrypted first white-list and the encrypted second white-list;   wherein the partitioned white-list is partitioned into at least a first partition and a second partition;   wherein the first partition comprises the unencrypted first white-list; and   wherein the second partition comprises the encrypted second white-list.   
     
     
         9 . The method of  claim 1 , wherein the first device receives the encrypted second white-list from a memory in electrical communication with the first computerized device. 
     
     
         10 . The method of  claim 9 , comprising: deleting the second encrypted white-list from the memory. 
     
     
         11 . The method of  claim 1 , wherein the first device and the second device are both mobile devices. 
     
     
         12 . A method comprising:
 (a) storing, on a first computerized device, at least an unencrypted first white-list and an encrypted second white-list;   (b) receiving at the first computerized device and from a second device all or part of a unique identifier of the second device;   (c) receiving at the first computerized device and from a third device all or part of a unique identifier of the third device;   (d) creating by the first computerized device a composite identifier from at least a portion of the unique identifier of the second device and from at least a portion of the unique identifier of the third device;   (e) decrypting, at the first computerized device, the encrypted second white-list using all or part of the composite identifier, thereby creating a decrypted second white-list;   (f) determining whether an executable program is referenced in the decrypted second white-list; and   (g) based on the determining step, allowing or disallowing execution by the first computerized device of the executable program.   
     
     
         13 . The method of  claim 12 , wherein the third device is a mobile device. 
     
     
         14 . A system comprising:
 (a) a first computerized device, wherein the first device is adapted to store at least an unencrypted first white-list and an encrypted second white-list;   (b) a second device adapted to transmit a unique identifier of the second device;
 wherein first computerized device is adapted to decrypt the encrypted second white-list using all or part of a unique identifier of a second device, thereby creating a decrypted second white-list; and 
   (c) an executable program, wherein the executable program is referenced in the decrypted second white-list.   
     
     
         15 . The system of  claim 14 , wherein:
 the first device comprises a partitioned white-list;
 wherein the partitioned white-list comprises:
 (i) a first partition, wherein the first partition comprises the unencrypted first white-list; and 
 (ii) a second partition, wherein the second partition comprises the encrypted second white-list. 
 
   
     
     
         16 . The system of  claim 14 , wherein the first device and the second device are both mobile devices. 
     
     
         17 . The system of  claim 16 , wherein the encrypted white-list is decrypted using a composite identifier comprising all or part of the unique identifier of the second device and all or part of a unique identifier of a third device. 
     
     
         18 . The system of  claim 17 , wherein the third device is a mobile device. 
     
     
         19 . The system of  claim 14 , wherein the system comprises a plurality of executable programs;
 wherein a first executable program is referenced in the unencrypted first white-list;   wherein a second executable program is the executable program referenced in the encrypted second white-list.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.