Secure system for allowing the execution of authorized computer program code

Assignee

• Fortinet, Inc. · US

Inventors

• Andrew F. Fanton · Westminster, US
• John J. Gandee · Loveland, US
• William H. Lutton · Fort Collins, US
• Edwin L. Harper · Platteville, US
• Kurt E. Godwin · Loveland, US
• Anthony A. Rozga · Wellington, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99944
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for selective authorization of code modules are provided. According to one embodiment, file system or operating system activity relating to a code module is intercepted by a kernel mode driver of a computer system. The code module is selectively authorized by the kernel mode driver by authenticating a content authenticator of the code module with reference to a multi-level whitelist. The multi-level whitelist includes (i) a global whitelist database remote from the computer system that contains content authenticators of approved code modules that are known not to contain viruses or malicious code and (ii) a local whitelist database containing content authenticators of at least a subset of the approved code modules. The activity relating to the code module is allowed when the content authenticator matches one of the content authenticators of approved code modules within the multi-level whitelist.