Computer system lock-down

Assignee

• WhiteCell Software, Inc. · US

Inventors

• Andrew F. Fanton · Westminster, US
• John J. Gandee · Loveland, US
• William H. Lutton · Fort Collins, US
• Edwin L. Harper · Platteville, US
• Kurt E. Godwin · Loveland, US
• Anthony A. Rozga · Wellington, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99944
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for allowing authorized code to execute on a computer system are provided. According to one embodiment, a method is provided for locking down a computer system. A customized, local whitelist database is stored with a memory of the computer system. The whitelist database forms a part of an authentication system operable within the computer system and contains therein cryptographic hash values of code modules expressly approved for execution by the computer system. A kernel mode driver of the authentication system intercepts a request to create a process associated with a code module. The authentication system determines whether to authorize the request by causing a cryptographic hash value of the code module to be authenticated against the whitelist database. The authentication system allows the code module to be loaded and executed within the computer system if the cryptographic hash value matches one of the cryptographic hash values.