| US 7,565,549 B2 | ||
| System and method for the managed security control of processes on a computer system | ||
| Thomas James Satterlee, Felton, Calif. (US); and William Frank Hackenberger, Los Altos, Calif. (US) | ||
| Assigned to International Business Machines Corporation, Armonk, N.Y. (US) | ||
| Filed on Jul. 03, 2007, as Appl. No. 11/824,986. | ||
| Application 11/824986 is a continuation of application No. 10/336299, filed on Jan. 03, 2003. | ||
| Claims priority of provisional application 60/345432, filed on Jan. 04, 2002. | ||
| Prior Publication US 2007/0260880 A1, Nov. 08, 2007 | ||
| Int. Cl. G06F 11/30 (2006.01); H04L 9/00 (2006.01) | ||
| U.S. Cl. 713—187 [713/161; 713/164; 713/165; 713/167; 713/181; 713/182; 713/188; 713/193; 713/194; 726/1; 726/2; 726/22; 726/24] | 12 Claims |
| 5. A computer system for implementing security for a computing device, said system comprising:
a processor, a random access memory, and a storage device;
first program instructions for receiving a notification that a new program is intended for execution on the computing device;
second program instructions for automatically determining whether the new program is substantially the same as a program which
was previously approved for execution on the computing device;
third program instructions, responsive to the new program being substantially the same as the approved program, for permitting
the new program to execute on the computing device similarly to the approved program;
fourth program instructions, responsive to the new program not being substantially the same as the approved program, for monitoring
the execution of the new program at an operating system kernel by permitting the new program to execute on the computing device
while preventing the new program from accessing a specific type of file, using a specific registry setting or making a specific
type of network communication that was permitted to the approved program; and
wherein the first, second, third, and fourth program instructions are stored in the storage device for execution by the processor
via the random access memory.
|