Aladdin Knowledge Systems has been granted U.S. patent 7,047,369, covering an application operating environment in which dangerous, unacceptable and/or suspect activities of Internet-enabled applications may be defined and prevented from causing harm.
The invention allows safe usage of computers connected to the Internet, efficiently thwarting common Internet-borne threats such as spyware, Trojans, exploits and more. This important patent, related to the Aladdin eSafe content security solution, significantly strengthens host-based and network security. The invention covered by this patent allows automatic or manual learning of safe behavior for host-based applications, especially Internet-enabled applications. A special table of allowed activities is built in real-time for each monitored application, which is later used by the enforcement module to create a "sandbox" protection environment that blocks invalid access attempts to system resources.
The patent, dated September 25, 1997, states the protection process "is done by providing a definition table identifying the types of access and actions that the application is allowed and preventing it from carrying out other types of access and actions. The definition table may be built up using a learning process during use of the application. The environment also provides a means of checking information output to a network against a list of confidential information."
This type of host-based security would be most relevant to systems that grant administrative privileges to applications launched by users, allowing them unlimited access to the operating system and/or hardware resources. Implementation of such security methodology would be commonly found in Operating Systems, Internet browsers, personal firewalls and anti- virus / anti-spyware products.
Related links: (Open in a new window.)
www.aladdin.com/
patft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=7
047
369.PN.&OS=PN/7
047
369&RS=PN/7
047
369
h2
h2
Taken from Information Security Bulletin.