Selective authorization of the loading of dependent code modules by running processes

Assignee

• Fortinet, Inc. · US

Inventors

• Andrew F. Fanton · Westminster, US
• John J. Gandee · Loveland, US
• William H. Lutton · Fort Collins, US
• Edwin L. Harper · Platteville, US
• Kurt E. Godwin · Loveland, US
• Anthony A. Rozga · Wellington, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99944
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for selective authorization of dependent code modules are provided. According to one embodiment, responsive to a monitored file system or operating system event initiated by an active process, a real-time authentication process is performed or bypassed on a code module to which the monitored event relates with reference to a multi-level whitelist. The multi-level whitelist includes a global whitelist database remote from the computer system, maintained by a trusted service provider and which contains cryptographic hash values of approved code modules; and a local whitelist database that includes cryptographic hash values of a subset of the approved code modules. The active process is allowed to load the code module when the authentication process is bypassed or when the cryptographic hash value of the code module matches one of the cryptographic hash values of approved code modules within the multi-level whitelist.