System and method for enforcing a security context on a downloadable
First Claim
1. A method for computer security, comprising:
- receiving content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;
scanning CODE-A to derive a profile thereof;
determining, based on the derived profile of CODE-A, an appropriate computer account from among a plurality of computer accounts, under which CODE-A may be processed by the client computer, wherein each computer account of the plurality of computer accounts has associated therewith a security context within which an executable run under such account is processed;
combining (i) information about the determined computer account name and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
) into combined code (“
CODE-C”
); and
forwarding CODE-C to the client computer for processing.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for computer security, including receiving content including potentially malicious executable code (“CODE-A”), intended for downloading at a client computer, scanning CODE-A to derive a profile thereof, determining, based on the derived profile of CODE-A, an appropriate computer account from among a plurality of computer accounts, under which CODE-A may be processed by the client computer, wherein each computer account of the plurality of computer accounts has associated therewith a security context within which an executable run under such account is processed, combining (i) information about the determined computer account name and (ii) CODE-A, with executable wrapper code (“CODE-B”) into combined code (“CODE-C”), and forwarding CODE-C to the client computer for processing. A system and a computer-readable storage medium are also described and claimed.
45 Citations
36 Claims
-
1. A method for computer security, comprising:
-
receiving content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;scanning CODE-A to derive a profile thereof; determining, based on the derived profile of CODE-A, an appropriate computer account from among a plurality of computer accounts, under which CODE-A may be processed by the client computer, wherein each computer account of the plurality of computer accounts has associated therewith a security context within which an executable run under such account is processed; combining (i) information about the determined computer account name and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
) into combined code (“
CODE-C”
); andforwarding CODE-C to the client computer for processing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer security system for a gateway computer, comprising:
-
a receiver for receiving content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;a code profiler, coupled with said receiver, for scanning CODE-A and deriving a profile thereof; a security context generator, coupled with said code profiler, for determining, based on the profile of CODE-A derived by said profiler, an appropriate computer account from among a plurality of computer accounts, under which CODE-A may be processed by the client computer, wherein each computer account of the plurality of computer accounts has associated therewith a security context within which an executable run under such account is processed; a code packager, coupled with said security context generator, for packaging (i) information about the computer account determined by said security context generator and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
), into a combined code (“
CODE-C”
); anda transmitter, coupled with said code packager, for forwarding CODE-C to the client computer for processing. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer-readable storage medium storing program code for causing at least one computing device to:
-
receive content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;scan CODE-A to derive a profile thereof; determine, based on the derived profile of CODE-A, an appropriate computer account from among a plurality of computer accounts, under which CODE-A may be processed by the client computer, wherein each computer account of the plurality of computer accounts has associated therewith a security context within which an executable is processed; combine (i) information about the determined computer account name and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
) into combined code (“
CODE-C”
); andforward CODE-C to the client computer for processing.
-
-
22. A method for computer security, comprising:
-
downloading, by a computer, executable code (“
CODE-C”
), where CODE-C includes (i) wrapper executable code (“
CODE-B”
), (ii) potentially malicious executable code (“
CODE-A”
), and (iii) information about a computer account for CODE-A; andprocessing, by the computer, CODE-B, comprising; extracting CODE-A from within CODE-C; extracting the information about the computer account for CODE-A from within CODE-C; and processing CODE-A within a security context associated with the computer account for CODE-A. - View Dependent Claims (23, 24, 25, 26, 27)
-
-
28. A computer security system, comprising:
-
a receiver within a computer, for downloading executable code (“
CODE-C”
), where Code C includes (i) wrapper executable code (“
CODE-B”
), (ii) potentially malicious executable code (“
CODE-A”
), and (iii) information about a computer account for CODE-A;a code extractor within the computer, coupled with said receiver, for extracting CODE-A from within CODE-C; a computer account extractor within the computer, coupled with said receiver, for extracting the information about the computer account name for CODE-A from within CODE-C; and a processor within the computer, coupled with said code extractor and said computer account extractor, for processing CODE-A within a security context associated with the computer account for CODE-A. - View Dependent Claims (29, 30, 31, 32)
-
-
33. A computer-readable storage medium storing program code for causing at least one computing device to:
-
download executable code (“
CODE-C”
), where CODE-C includes (i) wrapper executable code (“
CODE-B”
), (ii) potentially malicious executable code (“
CODE-A”
), and (iii) information about a computer account for CODE-A; andprocess Code B, comprising; extracting CODE-A from within CODE-C; extracting the information about the computer account name for CODE-A from within CODE-C; and processing CODE-A within a security context associated with the computer account for CODE-A.
-
-
34. A method for computer security, comprising:
-
receiving content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;receiving a predetermined computer account name that has associated therewith a security context within which an executable run under such account is processed; scanning CODE-A to derive a profile thereof; combining (i) information about the determined computer account name and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
) into combined code (“
CODE-C”
); andforwarding CODE-C to the client computer for processing.
-
-
35. A computer security system for a gateway computer, comprising:
-
a receiver for receiving content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;a code profiler, coupled with said receiver, for scanning CODE-A and deriving a profile thereof; and a code packager, coupled with said security context generator, for packaging (i) information about a predetermined computer account, the computer account having associated therewith a security context within which an executable run under such account is processed, and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
), into a combined code (“
CODE-C”
); anda transmitter, coupled with said code packager, for forwarding CODE-C to the client computer for processing.
-
-
36. A computer-readable storage medium storing program code for causing at least one computing device to:
-
receive content including potentially malicious executable code (“
CODE-A”
), intended for downloading at a client computer;receive a predetermined computer account name that has associated therewith a security context within which an executable run under such account is processed; scan CODE-A to derive a profile thereof; combine (i) information about the determined computer account name and (ii) CODE-A, with (iii) executable wrapper code (“
CODE-B”
) into combined code (“
CODE-C”
); andforward CODE-C to the client computer for processing.
-
Specification