Global Patent Index - EP 1305688 A2

EP 1305688 A2 20030502 - SYSTEM AND METHOD FOR COMPREHENSIVE GENERAL GENERIC PROTECTION FOR COMPUTERS AGAINST MALICIOUS PROGRAMS THAT MAY STEAL INFORMATION AND/OR CAUSE DAMAGES

Title (en)

SYSTEM AND METHOD FOR COMPREHENSIVE GENERAL GENERIC PROTECTION FOR COMPUTERS AGAINST MALICIOUS PROGRAMS THAT MAY STEAL INFORMATION AND/OR CAUSE DAMAGES

Title (de)

SYSTEM UND VERFAHREN FÜR DEN UMFASSENDEN ALLGEMEINEN GENERISCHEN SCHUTZ FÜR COMPUTER VOR BÖSARTIGEN PROGRAMMEN, DIE INFORMATIONEN STEHLEN UND/ODER SCHÄDEN VERURSACHEN KÖNNEN

Title (fr)

SYSTEME ET PROCEDE DE PROTECTION GENERIQUE GENERALE COMPLETE D'ORDINATEURS CONTRE DES PROGRAMMES PERNICIEUX POUVANT VOLER DES INFORMATIONS ET/OU PROVOQUER DES DEGATS

Publication

EP 1305688 A2 20030502 (EN)

Application

EP 01936773 A 20010528

Priority

  • IL 0100487 W 20010528
  • IL 13641400 A 20000528
  • US 20959300 P 20000606
  • US 28401901 P 20010415

Abstract (en)

[origin: WO0192981A2] Malicious software attacks (such as stealing data, changing data or destroying data) on personal computers and/or servers and/or other computerized gadgets (especially through the Internet) are becoming more and more common and more and more dangerous, causing damages of tens of billions of dollars each year. The state-of the-art solutions are inherently limited because they solve only a limited number of problems on the surface, instead of going deeply into the roots of the problem. The most common solutions are Anti-viruses and Network firewalls. Anti-viruses are limited because they can only detect known viruses or worms that have already been identified (usually after they have already attacked many computers). Network firewalls are based on packet filtering, which is limited in principle, since the rules of which packets to accept or not may contain for example subjective decisions based on trusting certain sites or certain applications. However, once security is breached for any reason, for example due to an error or intended deception, a hostile application may take over the computer or server or the entire network and create unlimited damages (directly or by opening the door to additional malicious applications). They are also not effective against security holes for example in browsers or e-mail programs or in the operating system itself. According to an article in ZDnet from Jan 24, 2001, security holes in critical applications are discovered so often that just keeping up with all the patches is impractical. Also, without proper generic protection for example against Trojan horses, which can identify any malicious program without prior knowledge about it, even VPNs (Virtual Private Networks) and other form of data encryption, including digital signatures, are not really safe because the info can be stolen before or below the encryption. The present invention creates a general generic comprehensive solution by going deeply into the roots of the problem. One of the biggest absurdities of the state-of-the-art situation is that by default programs are allowed to do whatever they like to other programs or to their data files or to critical files of the operating system, which is as absurd as letting a guest in a hotel bother any other guests as he pleases, steal their property or copy it or destroy it, destroy their rooms, etc., or for example have free access to the hotel's safe or electronic switchboard or phone or elevator control room. The present concept is based on automatic segregation between programs: It is like limiting each guest by default to his room and limiting by default his access to the Hotel's strategic resources, so that only by explicit permission each guest can get additional privileges.

IPC 1-7

G06F 1/00

IPC 8 full level

G06F 21/56 (2013.01)

CPC (source: EP)

G06F 21/554 (2013.01)

Citation (search report)

See references of WO 0192981A2

Designated contracting state (EPC)

AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

DOCDB simple family (publication)

WO 0192981 A2 20011206; WO 0192981 A3 20020425; AU 6263201 A 20011211; CA 2424352 A1 20011206; CN 1444742 A 20030924; EP 1305688 A2 20030502; GB 0230154 D0 20030205; GB 0506281 D0 20050504; GB 2380303 A 20030402; GB 2380303 B 20050914; GB 2411988 A 20050914; GB 2411988 B 20051019; HK 1084738 A1 20060804; HK 1084739 A1 20060804; JP 2003535414 A 20031125

DOCDB simple family (application)

IL 0100487 W 20010528; AU 6263201 A 20010528; CA 2424352 A 20010528; CN 01813512 A 20010528; EP 01936773 A 20010528; GB 0230154 A 20010528; GB 0506281 A 20050329; HK 06102974 A 20060307; HK 06102975 A 20060307; JP 2002501128 A 20010528