Computer security system and method
US8429429B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 25, 2010 |
| Grant date | Apr 23, 2013 |
| Priority date | — |
| Expiry date | Feb 4, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/53
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method is provided for protecting a computer system, comprising: attaching a security descriptor to a process running on a processor of the computer system; associating with the security descriptor an isolation indicator that indicates the process runs in an isolation mode; calling a system routine by the isolated process that is also callable by a process that is not running in isolation mode; attempting to write to an object of a disk or a registry by the system routine called by the isolated process; determining whether the system routine is requesting the write on behalf of the isolated process or not; if the write is requested on behalf of the isolated process, then performing the write in a pseudo storage area; and if the write is requested on behalf of the non-isolated process, then performing the write in an actual storage area in which the disk or registry resides.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.