Patent application number | Description | Published |
20100287620 | COMPUTER SYSTEM LOCK-DOWN - Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, a method is provided for locking down a computer system. A customized, local whitelist database is stored with a memory of the computer system. The whitelist database forms a part of an authentication system operable within the computer system and contains therein cryptographic hash values of code modules expressly approved for execution by the computer system. A kernel mode driver of the authentication system intercepts a request to create a process associated with a code module. The authentication system determines whether to authorize the request by causing a cryptographic hash value of the code module to be authenticated against the whitelist database. The authentication system allows the code module to be loaded and executed within the computer system if the cryptographic hash value matches one of the cryptographic hash values. | 11-11-2010 |
20110029772 | CLOUD-BASED APPLICATION WHITELISTING - Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, an in-memory cache is maintained having entries containing execution authorization information regarding recently used modules. After authenticating a module, its execution authorization information is added to the cache. Activity relating to a module is intercepted. A hash value of the module is generated. The module is authenticated with reference to a multi-level whitelist including a global whitelist, a local whitelist and the cache. The authentication includes first consulting the cache and if the module is not found, then looking up its hash value in the local whitelist and if it is not found, then looking it up in the global whitelist. Finally, the module is allowed to be loaded and executed if its hash value matches a hash value of an approved code modules within the global whitelist. | 02-03-2011 |
20110167050 | SECURE SYSTEM FOR ALLOWING THE EXECUTION OF AUTHORIZED COMPUTER PROGRAM CODE - Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, file or operating system activity relating to a code module is intercepted. A cryptographic hash value of the code module is authenticated with reference to a multi-level whitelist, which includes a remote global whitelist and a local whitelist. The remote global whitelist is maintained by a trusted service provider and contains cryptographic hash values of approved code modules known not to contain malicious code. The local whitelist is accessible by computer systems within the LAN and contains cryptographic hash values of a subset of the approved code modules. The cryptographic hash value is checked against the local whitelist. If no match is found, it is checked against the global whitelist. The code module is allowed to be loaded and executed if the cryptographic hash value corresponds to an approved code module. | 07-07-2011 |
20110167259 | SOFTWARE LICENSE ENFORCEMENT - Systems and methods for performing software license enforcement are provided. According to one embodiment, file or operating system activity relating to a code module are intercepted by a kernel mode driver of a computer system. The kernel mode driver causes a cryptographic hash value of the code module to be authenticated with reference to a local whitelist containing cryptographic hash values of approved code modules known not to contain malicious code. The local whitelist also contains licensing control information. If the cryptographic hash value matches a cryptographic hash value of an approved code module, then (i) authority to execute the code module is further validated if the licensing control information so indicates by performing a license check regarding the code module; and (ii) the code module is allowed to be loaded and executed within the computer system if the authority is affirmed by the license check. | 07-07-2011 |
20110167260 | COMPUTER SYSTEM LOCK-DOWN - Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, a method is provided for locking down a computer system. A customized, local whitelist database is stored with a memory of the computer system. The whitelist database forms a part of an authentication system operable within the computer system and contains therein cryptographic hash values of code modules expressly approved for execution by the computer system. A kernel mode driver of the authentication system intercepts file system or operating system activity relating to a code module. The authentication system determines whether to authorize the request by causing a cryptographic hash value of the code module to be authenticated against the whitelist database. The authentication system allows the code module to be loaded and executed within the computer system if the cryptographic hash value matches one of the cryptographic hash values. | 07-07-2011 |
20110167261 | SELECTIVE AUTHORIZATION OF THE LOADING OF DEPENDENT CODE MODULES BY RUNNING PROCESSES - Systems and methods for selective authorization of dependent code modules are provided. According to one embodiment, file system or operating system activity relating to a first code module is initiated by a running process associated with a second code module. The file system or operating system activity is intercepted by a kernel mode driver of a computer system. The kernel mode driver selectively authorizes loading of the first code module by the running process based at least in part on one or more attributes of the second code module. | 07-07-2011 |
20120072725 | CLOUD-BASED APPLICATION WHITELISTING - Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, an in-memory cache is maintained having entries containing execution authorization information regarding recently used modules. After verifying a module, its execution authorization information is added to the cache. Activity relating to a module is intercepted. A hash value of the module is generated. The module is verified with reference to a multi-level whitelist including a global whitelist, a local whitelist and the cache. The verification includes first consulting the cache and if the module is not found, then looking up its hash value in the local whitelist and if it is not found, then looking it up in the global whitelist. Finally, the module is allowed to be executed if the code module is approved by the multi-level whitelist database architecture. | 03-22-2012 |
20120078863 | APPLICATION CONTROL CONSTRAINT ENFORCEMENT - Systems and methods for performing application control constraint enforcement are provided. According to one embodiment, file system or operating system activity of a computer system is intercepted relating to a code module. A cryptographic hash value of the code module is checked against a local whitelist database containing cryptographic hash values of approved code modules, which are known not to contain viruses or malicious code. The local whitelist database also contains execution constraint information. When the cryptographic hash value matches one of the cryptographic hash values of approved code modules, authority of the computer system or an end user of the computer system to execute the code module is further validated if the execution constraint information so indicates by performing a constraint check regarding the code module. If the authority is affirmed by the constraint check, then allowing the code module to be executed. | 03-29-2012 |
20120191972 | SELECTIVE AUTHORIZATION OF THE LOADING OF DEPENDENT CODE MODULES BY RUNNING PROCESSES - Systems and methods for selective authorization of dependent code modules are provided. According to one embodiment, a kernel mode driver of a computer system intercepts file system or operating system activity, by a running process, relating to a dependent code module. Loading of the dependent code module is selectively authorized by authenticating a cryptographic hash value of the dependent code module with reference to a multi-level whitelist. The multi-level whitelist includes a global whitelist database remote from the computer system, maintained by a trusted service provider and which contains cryptographic hash values of approved code modules known not to contain viruses or malicious code; and a local whitelist database that includes cryptographic hash values of a subset of the approved code modules. The running process is allowed to load the dependent code module when the cryptographic hash value matches one of the cryptographic hash values of the approved code modules. | 07-26-2012 |
20130297946 | SELECTIVE AUTHORIZATION OF THE LOADING OF DEPENDENT CODE MODULES BY RUNNING PROCESSES - Systems and methods for selective authorization of dependent code modules are provided. According to one embodiment, responsive to a monitored file system or operating system event initiated by an active process, a real-time authentication process is performed or bypassed on a code module to which the monitored event relates with reference to a multi-level whitelist. The multi-level whitelist includes a global whitelist database remote from the computer system, maintained by a trusted service provider and which contains cryptographic hash values of approved code modules; and a local whitelist database that includes cryptographic hash values of a subset of the approved code modules. The active process is allowed to load the code module when the authentication process is bypassed or when the cryptographic hash value of the code module matches one of the cryptographic hash values of approved code modules within the multi-level whitelist. | 11-07-2013 |
20140075187 | SELECTIVE AUTHORIZATION OF THE LOADING OF DEPENDENT CODE MODULES BY RUNNING PROCESSES - Systems and methods for selective authorization of dependent code modules are provided. According to one embodiment, responsive to a monitored file system or operating system event initiated by an active process, a real-time authentication process is performed or bypassed on a code module to which the monitored event relates with reference to a whitelist that includes cryptographic hash values of approved code modules, which are known not to contain viruses or malicious code. The active process is allowed to load the code module when the authentication process is bypassed or when the cryptographic hash value of the code module matches one of the cryptographic hash values of approved code modules within the whitelist. | 03-13-2014 |
20140082355 | SECURE SYSTEM FOR ALLOWING THE EXECUTION OF AUTHORIZED COMPUTER PROGRAM CODE - Systems and methods for selective authorization of code modules are provided. According to one embodiment, a whitelist containing cryptographic hash values of code modules that are approved for loading into memory of a computer system and execution on the computer system is maintained by a kernel mode driver of the computer system. At least a subset of the cryptographic hash values has been included within the whitelist based upon results of application of one or more behavior analysis techniques to a corresponding subset of code modules. The kernel mode driver monitors a set of events occurring within one or more of a file system accessible by the computer system and an operating system that manages resources of the computer system. The kernel mode driver causes a cryptographic hash value of a code module relating to an observed event of the set of events to be authenticated with reference to the whitelist. When the cryptographic hash value matches one of the cryptographic hash values of approved code modules within the whitelist, the code module is allowed to be loaded and executed within the computer system. | 03-20-2014 |
20140115323 | SECURE SYSTEM FOR ALLOWING THE EXECUTION OF AUTHORIZED COMPUTER PROGRAM CODE - Systems and methods for selective authorization of code modules are provided. According to one embodiment, a trusted service provider maintain a cloud-based whitelist containing cryptographic hash values including those of code modules that are approved for execution on computer systems of subscribers of the service provider. A code module information query, including a cryptographic hash value of a code module, is received from a computer system of a subscriber by the service provider. If the cryptographic hash value matches one the cryptographic hash values contained within the cloud-based whitelist and the code module is an approved code module, then the service provider responds with an indication that the code module is authorized for execution; otherwise, it (i) responds with an indication that the code module is an unknown code module; and (ii) causes one or more behavior analysis techniques to be performed on the code module. | 04-24-2014 |
20140181511 | SECURE SYSTEM FOR ALLOWING THE EXECUTION OF AUTHORIZED COMPUTER PROGRAM CODE - Systems and methods for selective authorization of code modules are provided. According to one embodiment, file system or operating system activity relating to a code module is intercepted by a kernel mode driver of a computer system. The code module is selectively authorized by authenticating a cryptographic hash value of the code module with reference to a multi-level whitelist. The multi-level whitelist includes (i) a global whitelist database remote from the computer system that is maintained by a trusted service provider and that contains cryptographic hash values of approved code modules, which are known not to contain viruses or malicious code and (ii) a local whitelist database containing cryptographic hash values of at least a subset of the approved code modules. The activity relating to the code module is allowed when the cryptographic hash value matches one of the cryptographic hash values of approved code modules within the multi-level whitelist. | 06-26-2014 |
20150026463 | SECURE SYSTEM FOR ALLOWING THE EXECUTION OF AUTHORIZED COMPUTER PROGRAM CODE - Systems and methods for selective authorization of code modules are provided. According to one embodiment, file system or operating system activity relating to a code module is intercepted by a kernel mode driver of a computer system. The code module is selectively authorized by the kernel mode driver by authenticating a content authenticator of the code module with reference to a multi-level whitelist. The multi-level whitelist includes (i) a global whitelist database remote from the computer system that contains content authenticators of approved code modules that are known not to contain viruses or malicious code and (ii) a local whitelist database containing content authenticators of at least a subset of the approved code modules. The activity relating to the code module is allowed when the content authenticator matches one of the content authenticators of approved code modules within the multi-level whitelist. | 01-22-2015 |
Patent application number | Description | Published |
20080275469 | Tack anchor systems, bone anchor systems, and methods of use - Systems, apparatuses and methods for securing tissue to bone using tack anchors, bone anchoring systems are described. The tack anchor may include a body and a securing element. The body may include one or more compressible flanges, an opening and, a cavity. The cavity may include an opening near or proximate the flanges, and be configured to receive a suture. The securing element may be configured to slide into the opening of the body to secure a portion of one or more sutures in the cavity such that the ends of the sutures are accessible through the cavity opening. In some embodiments, tack anchor tool for insertion of a tack anchor into tissue and/or bone is described. | 11-06-2008 |
20100016893 | METHOD AND APPARATUS FOR ENHANCING THE FIXATION OF BONE AND SOFT TISSUE ANCHORS - Apparatus for enhancing the fixation of an anchor in a body part, wherein the body part comprises an interior portion and an exterior surface, and wherein the anchor is disposed within the interior portion of the body part, the apparatus comprising:
| 01-21-2010 |
20110238113 | RING CINCH ASSEMBLY TO ATTACH BONE TO TISSUE - Systems, apparatuses and methods for securing tissue to bone using a bone anchoring system are described. Methods and apparatuses may allow transformation between locked and unlocked states, thereby allowing adjustment of the tension in the suture. The apparatus and/or methods may allow unidirectional movement of a suture, while preventing slippage or movement of the suture and tissue in the opposite direction. Ends of a suture may be individually tensioned to adjust positioning of a tissue with respect to a bone. | 09-29-2011 |
20140288597 | TACK ANCHOR SYSTEMS, BONE ANCHOR SYSTEMS, AND METHODS OF USE - Systems, apparatuses and methods for securing tissue to bone using tack anchors, bone anchoring systems are described. The tack anchor may include a body and a securing element. The body may include one or more compressible flanges, an opening and, a cavity. The cavity may include an opening near or proximate the flanges, and be configured to receive a suture. The securing element may be configured to slide into the opening of the body to secure a portion of one or more sutures in the cavity such that the ends of the sutures are accessible through the cavity opening. In some embodiments, tack anchor tool for insertion of a tack anchor into tissue and/or bone is described. | 09-25-2014 |
20140296911 | BONE ANCHOR INSTALLER AND METHOD OF USE - Systems, apparatuses and methods for securing tissue to bone using a bone anchoring system are described. Methods and apparatuses may allow transformation between locked and unlocked states, thereby allowing adjustment of the tension in the suture. The apparatus and/or methods may allow unidirectional movement of a suture, while preventing slippage or movement of the suture and tissue in the opposite direction. Ends of a suture may be individually tensioned to adjust positioning of a tissue with respect to a bone. | 10-02-2014 |
20140316443 | METHOD AND APPARATUS FOR PASSING SUTURE - A device is disclosed that can pierce and hold tissue and then pass suture through tissue. The device can have a shuttle that can removably attach to a suture and jaws that can be rotatably opened and closed with respect to each other. A method for using the device to repeatedly pass the suture through the tissue without removing the suture or device from the target site is also disclosed. | 10-23-2014 |