Secure system for allowing the execution of authorized computer program code

Assignee

• WhiteCell Software, Inc. · US

Inventors

• Andrew F. Fanton · Westminster, US
• John J. Gandee · Loveland, US
• William H. Lutton · Fort Collins, US
• Edwin L. Harper · Platteville, US
• Kurt E. Godwin · Loveland, US
• Anthony A. Rozga · Wellington, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99944
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods are described for allowing the execution of authorized computer program code and for protecting computer systems and networks from unauthorized code execution. In one embodiment, a multi-level proactive whitelist approach is employed to secure a computer system by allowing only the execution of authorized computer program code thereby protecting the computer system against the execution of malicious code such as viruses, Trojan horses, spy-ware, and/or the like. Various embodiments use a kernel-level driver, which intercepts or “hooks” certain system Application Programming Interface (API) calls in order to monitor the creation of processes prior to code execution. The kernel-level driver may also intercept and monitor the loading of code modules by running processes, and the passing of non-executable code modules, such as script files, to approved or running code modules via command line options, for example. Once intercepted, a multi-level whitelist approach may be used to authorize the code execution.