Abstract

A computing device can receive a notification that a process has interacted with the operating system to perform a predetermined operation on the at least one computing device. In response to the notification, the computing device can capture a current access token from the process. The computing device can perform a comparison of the current access token captured from the process against a stored access token. The computing device can determine that an escalation of privilege attack has occurred based on the comparison of the current access token captured from the process against the stored access token.

IPC Classes  ?

• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 9/445 - Program loading or initiating

Abstract

A computer device performs operations for managing registry access. The computing device can identify a registry operation requested by a user process. The computing device can perform an evaluation of a registry operation requested by the user process using at least one registry access rule. The computing device can generate a custom message to the user process. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 12/14 - Protection against unauthorised use of memory
• G06F 21/60 - Protecting data

Abstract

A computer device for managing privilege delegation to control creation of processes thereon is described. Creation of a process on a computer device is requested according to first privileges. An agent, cooperating with an operating system of the computer device, intercepts the request. The agent determines whether to create the process according to second privileges, different from the first privileges and if permitted, cause the process to be created accordingly. The agent hooks a query provided by the operating system to identify whether a control service is enabled. The agent enquires of the operating system whether to create the process according to the second privileges whereupon the hooked query is invoked. The agent confirms to the operating system that the control service is enabled, such that checks by the operating system are performed as if the operating system were enabled.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/45 - Structures or tools for the administration of authentication
• G06F 21/60 - Protecting data
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computer device, including at least a processor and a memory, can be configured to control process components on a computer device. An agent can intercept a request to instantiate a new process component. The request can originate on the computing device from an instance of a particular process component amongst a set of process components. The agent can determine whether to permit the intercepted request by validating the relationship using a policy with rules as well as and determining a trusted owner is among the set of identified owners. The agent can permit the intercepted if the determination is to permit the intercepted request.

IPC Classes  ?

• G06F 9/445 - Program loading or initiating
• G06F 9/455 - EmulationInterpretationSoftware simulation, e.g. virtualisation or emulation of application or operating system execution engines
• G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• H04L 9/40 - Network security protocols
• G06F 21/31 - User authentication

Abstract

A computer device that manages privilege delegation is disclosed. The computing device can insert a particular command into one or more commands corresponding to a file. The computing device can intercept a request to execute the particular command on the file according to first privileges. The computing device can determine to execute the particular command on the file according to second privileges different from the first privileges based on the request to execute the particular command. The computing device can cause the particular command to be executed on the file according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computer device that manages privilege delegation is disclosed. The computing device can modify a virtual method table to point to a hooking function associated with an agent plugin. The agent plugin can be configured to intercept requests relating to a file using the hooking function. The computing device can intercept a request in a user account of a logged-in user to execute therein a command on the file according to first privileges assigned thereto. The computing device can obtain information related to the request and forward the information to an agent service cooperating with an operating system. The computing device can determine whether to execute the command on the file in the user account according to second privileges different from the first privileges. The computing device can cause the command to be executed on the file in the user account according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computer device performs operations for managing registry access. The computing device can determine a set of registry access rules relevant to the user process. The computing device can perform an evaluation of a registry operation requested by the user process using the set of registry access rules. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 12/14 - Protection against unauthorised use of memory
• G06F 21/60 - Protecting data

Abstract

A computer device that manages privilege delegation is disclosed. The computing device can insert a custom verb command into a plurality of verb commands corresponding to a file. The computing device can intercept a request to execute the custom verb command on the file by intercepting a request to create a context menu. The computer device can obtain information related to the request to execute the custom verb command by obtaining a file identifier of the file from the request to create the context menu. The computer device can determine whether to execute the custom verb command on the file according to second privileges different from the first privileges based on the information related to the request to execute the custom verb command. The computer device can cause the custom verb command to be executed on the file according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computing device can capture a current access token of a user process. The computing device can perform a determination of whether the current access token for the user process differs from a particular access token of a parent process of the user process. The computing device can detect whether the user process has been subject to an escalation of privilege attack based on the determination of whether the current access token for the user process differs from the particular access token. The computing device can performing a mitigation action with respect to the user process in response to detecting that the user process has been subject to the escalation of privilege attack.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 9/445 - Program loading or initiating

Abstract

A computing device can manage installation of an application program using an agent registered with an operating system. The agent can receive a notification in response to a user request to mount a disk image. The disk image can include the application program. The agent can generate metadata associated with the disk image. An action to take can be determined based on the metadata. The application program can be installed using privileges of the agent without changing privileges of an account for the current user.

IPC Classes  ?

• G06F 8/61 - Installation
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/31 - User authentication
• G06F 21/60 - Protecting data

Abstract

A computing device can receive a first notification that a process has started on the at least one computing device. The computing device can record a first access token associated with the process into the token cache. The computing device can receive a second notification that the process has interacted with the operating system to perform at least one of a set of predetermined operations on the at least one computing device. The computing device can capture a second access token from the process. The computing device can perform a comparison of the second access token captured from the process against the first access token recorded into the token cache. The computing device can determine that an escalation of privilege attack has occurred based on the comparison.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 9/445 - Program loading or initiating

Abstract

A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 21/12 - Protecting executable software
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• H04L 9/40 - Network security protocols
• G06F 9/445 - Program loading or initiating
• G06F 9/46 - Multiprogramming arrangements
• H04L 67/564 - Enhancement of application control based on intercepted application data

Abstract

A computer device performs operations for managing registry access, including monitoring a user process on the computer device. The computing device can determine a set of registry access rules relevant to the user process. The computing device can perform an evaluation of a registry operation requested by the user process using the set of registry access rules. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 12/14 - Protection against unauthorised use of memory
• G06F 21/60 - Protecting data

Abstract

A computing device can manage installation of an application program using an agent registered with an operating system. The agent can receive a notification in response to a user request to mount a disk image. The disk image can include the application program. The agent can generate metadata associated with the disk image. An action to take can be determined based on the metadata. The application program can be installed using privileges of the agent without changing privileges of an account for the current user.

IPC Classes  ?

• G06F 8/61 - Installation
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/31 - User authentication
• G06F 21/60 - Protecting data

Abstract

A computing device is disclosed with an agent and operating system executing thereon. The agent can determine that a user account control service is disabled by querying the operating system. In response to determining that the user account control service is disabled, the agent can hook a query provided by the operating system. The agent can receive a request to confirm whether the user account control service is enabled using the query provided by the operating system. The agent can generate a confirmation that the user account control service is enabled. The agent can determine whether to execute a process by performing a privilege check as if the user account control service were enabled based on the confirmation.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 21/45 - Structures or tools for the administration of authentication
• G06F 21/60 - Protecting data

Abstract

A computer device that manages privilege delegation is disclosed. The computing device can insert a custom verb command into a plurality of verb commands corresponding to a file. The computing device can intercept a request to execute the custom verb command on the file by intercepting a request to create a context menu. The computer device can obtain information related to the request to execute the custom verb command by obtaining a file identifier of the file from the request to create the context menu. The computer device can determine whether to execute the custom verb command on the file according to second privileges different from the first privileges based on the information related to the request to execute the custom verb command. The computer device can cause the custom verb command to be executed on the file according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computing device can intercept a request to launch a requested application. The request can be intercepted by a calling process executed by the computing device. The request can include information identifying the requested application. The computing device can determine that a user interaction is required before launching the requested application by consulting a set of application policies based on the information identifying the requested application. The computing device can establish that the calling process is associated with a controlling terminal provided by an operating system in response to determining that the user interaction is required. A process session group containing processes launched within a user session can be selectively associated with the controlling terminal by the operating system. The computing device can perform the user interaction using the controlling terminal in response to establishing that the calling process is associated with the controlling terminal.

IPC Classes  ?

• G06F 9/04 - Arrangements for program control, e.g. control units using record carriers containing only program instructions
• G06F 9/54 - Interprogram communication
• G06F 9/451 - Execution arrangements for user interfaces

Abstract

A computing device can manage installation of an application program using an agent registered with an operating system. The agent can receive a notification in response to a user request to mount a disk image. The disk image can include the application program. The agent can generate a challenge-response to authenticate a current user. An action to take can be determined based on the challenge-response. The application program can be installed using privileges of the agent without changing privileges of an account for the current user.

IPC Classes  ?

• G06F 8/61 - Installation
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/31 - User authentication
• G06F 21/60 - Protecting data

Abstract

A computer device, including at least a processor and a memory, can be configured to control process components on a computer device. An agent can intercept a request to instantiate a new process component in a user account of a logged-in user. The request can originate on the computing device from an instance of a particular process component amongst a set of process components. The user account can be assigned default user privileges by a privilege access management service. The agent can determine whether to permit the intercepted request. The agent can permit the intercepted request if the relationship is validated and if a trusted owner is identified amongst the set of identified owners.

IPC Classes  ?

• G06F 9/445 - Program loading or initiating
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• H04L 9/40 - Network security protocols
• G06F 9/455 - EmulationInterpretationSoftware simulation, e.g. virtualisation or emulation of application or operating system execution engines
• G06F 21/31 - User authentication

Abstract

A policy can be consulted to determine an action to take when a disc image is mounted. The action to take can be based on the contents of an application program stored on the disc image. A notification can be received responsive to a user request to mount the disc image. Based on the determined action to take as specified by the policy, the application program can be installed using the privileges of the agent without changing the privileges of an account of a current user.

IPC Classes  ?

• G06F 8/61 - Installation
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/31 - User authentication
• G06F 21/60 - Protecting data

Abstract

An application control system (ACS) in a computer device intercepts a request to launch a requested application by a calling process, and determines, based on the requested application, that user interaction is required before launch. In response, the ACS establishes whether or not the calling process is associated with a controlling terminal and, if so, performs the user interactions using that controlling terminal. Where the user interactions are successful then the intended application is permitted to launch or, conversely, the intended application may be denied. Other solutions are provided in the event that the calling process is not associated with the controlling terminal.

IPC Classes  ?

• G06F 9/54 - Interprogram communication
• G06F 9/451 - Execution arrangements for user interfaces

Abstract

A computer device has a kernel driver in a kernel mode of the operating system which records an access token as initially associated with a user process. Later, the user process presents its access token when requesting certain operations through the operating system. The kernel driver detects that the user process has been subject to an escalation of privilege attack by evaluating the access token in its presented form as against the initially recorded access token and, in response, performs a mitigation action such as suspending the user process.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 9/445 - Program loading or initiating

Abstract

A computer device performs operations for managing registry access, including monitoring a user process on the computer device and, in response, establishing a set of registry access rules relevant to the user process. Each registry operation requested by the user process is evaluated and, in response, an appropriate action determined. Such action suitably includes at least one of: blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation. In particular, the operations may be performed using a registry filter driver in a kernel mode of an operating system of the computer device.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 12/14 - Protection against unauthorised use of memory
• G06F 21/60 - Protecting data

Abstract

A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 21/12 - Protecting executable software
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• H04L 9/40 - Network security protocols
• G06F 9/445 - Program loading or initiating
• H04L 67/564 - Enhancement of application control based on intercepted application data
• G06F 9/46 - Multiprogramming arrangements

Abstract

Removal or modification of an installed program on a computer device is requested by a calling process in a user account which itself may or may not have administrator privileges. An agent, cooperating with an operating system, intercepts a call to remove or modify the installed program made by the calling process prior to reaching an uninstaller component of the operating system. The agent determines whether or not to allow the remove or modify request and, if permitted, provides a proxy process through which the requested action to remove or modify the installed program is performed.

IPC Classes  ?

• G06F 8/61 - Installation
• G06F 9/451 - Execution arrangements for user interfaces
• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• G06F 21/33 - User authentication using certificates
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 21/60 - Protecting data

Abstract

A computer device and method for managing privilege delegation to control execution of commands on files on the computer device is described. An agent plugin intercepts a request in a user account of a logged-in user to execute a command therein on a file having first privileges assigned thereto, wherein the agent plugin is provided for the file. The agent plugin obtains information related to the request and forwards the information to an agent service cooperating with an operating system of the computer device. The agent service determines whether to execute the command on the file in the user account according to second privileges different from the first privileges. The agent service launches an agent proxy process having the second privileges assigned thereto by the agent service if it is determined to execute the command on the file in the user account according to the second privileges. The agent proxy process causes the command to be executed on the file in the user account by the operating system, according to the second privileges assigned to the agent proxy process.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

There is described a computer device, including at least a processor and a memory, configured to control process components on the computer device, the computer device comprising: an operating system, a privilege access management service cooperating with the operating system and an agent; wherein the agent is configured to: intercept a request to instantiate a new process component in a user account of a logged-in user, wherein the request originates from an instance of a particular process component amongst a set of process components and wherein the user account has assigned thereto default user privileges by the privilege access management service; determine whether to permit the intercepted request including by: validating a relationship between the new process component and the particular process component; and establishing a set of identified owners by identifying owners of the new process component, the particular process and any parents thereof; permit the intercepted request if the relationship is validated and if a trusted owner is identified amongst the set of identified owners; and insert an identifier into the instantiated new process component if the intercepted request is permitted.

IPC Classes  ?

• G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/445 - Program loading or initiating
• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 9/455 - EmulationInterpretationSoftware simulation, e.g. virtualisation or emulation of application or operating system execution engines
• G06F 21/31 - User authentication

Abstract

A user account that does not have administrator privileges may request mounting of a disk image prior to installing a new application. An agent, registered with operating system, receives notification and determines whether or not to allow mounting of the disk image. If so, the agent causes the disk image to be mounted by the operating system. The agent examines the mounted disk image to detect an application bundle. The agent determines whether or not to proceed with installation of the application bundle and, if so, then causes the application bundle to be copied to a privileged system location, thereby installing the application on the computer device.

IPC Classes  ?

• G06F 21/60 - Protecting data
• G06F 8/61 - Installation
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/31 - User authentication

Abstract

Privilege delegation in a computer device is managed by invoking a utility by a first user account. A requested command is captured by an agent plugin which is provided as a plugin to the utility. The agent plugin sends a request message to an agent, which determines an outcome for the requested command including allowing or blocking. If allowed, a reply message from the agent instructs the agent plugin to provide command information to the utility to run the requested command by the operating system with delegated privileges of the second user account. The agent plugin can also be instructed to perform custom messaging, or passively handle the requested command via a child plugin.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• G06F 9/445 - Program loading or initiating
• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system

Abstract

Web resources are accessible by a process on a computer device. Access to the web resources is controlled by a web proxy running in an address space of the process. The web proxy receives a web request for a web resource from the process. The web proxy examines the web request for the web resource and selectively allows or denies access to the web resource. If the web request for the web resource is allowed, the web proxy arranges access to the web resource, for example, directly via an operating system of the computer device or via a registered web proxy.

IPC Classes  ?

• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

Content files are isolated in a sandbox as a content isolation environment formed by a secondary user account. Printing is controlled by an agent via a staging file of a secure file type. The agent intercepts print requests (e.g. print start requests and print end requests) in a printing sub-system of an operating system in order to coordinate and securely control printing of the untrusted content file via the intermediate staging file.

IPC Classes  ?

• H04N 1/44 - Secrecy systems
• G06F 3/00 - Input arrangements for transferring data to be processed into a form capable of being handled by the computerOutput arrangements for transferring data from processing unit to output unit, e.g. interface arrangements

Abstract

A computer system 300 contains an agent 303 which modifies the ordinary behaviour of a native security system 103, such as to allow security decisions with alternate granularity or an alternate set of access rights. The agent 303 intercepts authorisation requests made by applications 109 for resources 110 identified by URIs 111 and sends amended requests to the security system 103. An alternate authorisation mechanism 307 of the agent 303 is invoked by the security system 103, whereupon the agent 303 may selectively allow or deny the request according to the originally presented URI 111.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

A computer device and respective method provides a primary clipboard accessible from a primary user account, while a sandbox is used to isolate and contain a secondary user account. A secondary clipboard is provisioned and associated with the secondary user account. The computer device, via an agent, intercepts requests from the secondary user account such as for cut, copy or paste type clipboard operations which are ordinarily directed toward the primary clipboard, and satisfies those clipboard operation requests instead by using the secondary clipboard.

IPC Classes  ?

• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 21/52 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure

Abstract

A computer device includes hardware with a connected peripheral device such as a camera or a microphone. An operating system is configured to operate the peripheral device using a device driver and a representative device object. An agent is configured to apply security attributes to the device object which permit access from a primary user account while preventing direct access to the device object by a secondary user account in a sandbox. The agent may intercept requests made toward the device object, examine each request, and then satisfy the request, when the request is allowed, by selectively arranging access to the device object from the sandboxed secondary user account.

IPC Classes  ?

• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Abstract

A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

IPC Classes  ?

• G06F 11/30 - Monitoring
• G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 21/12 - Protecting executable software
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
• G06F 12/14 - Protection against unauthorised use of memory

Abstract

b. Access to the or each printer 500 is controlled by an agent 300 on the computer device 200.

IPC Classes  ?

• G06K 15/00 - Arrangements for producing a permanent visual presentation of the output data
• G06F 3/12 - Digital output to print unit
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/48 - Program initiatingProgram switching, e.g. by interrupt
• G06F 17/30 - Information retrieval; Database structures therefor

Abstract

b. Access to the mapped network drive 420 is controlled by an agent 300 on the computer device 200.

IPC Classes  ?

• G06F 11/00 - Error detectionError correctionMonitoring
• G06F 12/14 - Protection against unauthorised use of memory
• G06F 12/16 - Protection against loss of memory contents
• G08B 23/00 - Alarms responsive to unspecified undesired or abnormal conditions
• G06K 15/00 - Arrangements for producing a permanent visual presentation of the output data
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 3/12 - Digital output to print unit
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/48 - Program initiatingProgram switching, e.g. by interrupt
• G06F 17/30 - Information retrieval; Database structures therefor

Abstract

a.

IPC Classes  ?

• G06F 7/04 - Identity comparison, i.e. for like or unlike values
• G06F 17/30 - Information retrieval; Database structures therefor
• H04N 7/16 - Analogue secrecy systemsAnalogue subscription systems
• G06K 15/00 - Arrangements for producing a permanent visual presentation of the output data
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 3/12 - Digital output to print unit
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/48 - Program initiatingProgram switching, e.g. by interrupt

Goods & Services

Computer programs; computer software; downloadable computer software; computer software provided on carriers/digital media. Training services; education services; providing of training in relation to computer software; consultancy, advisory and information services for or in relation to any or all of the aforementioned services in this class. Design and development of computer software; computer software development; computer software technical support services; providing temporary use of non-downloadable computer software; consultancy, advisory and information services for or in relation to any or all of the aforementioned services in this class.

Goods & Services

Computer programs; computer software; downloadable computer software; computer software provided on carriers/digital media. Training services; education services; providing of training in relation to computer software; consultancy, advisory and information services for or in relation to any or all of the aforementioned services in this class. Design and development of computer software; computer software development; computer software technical support services; providing temporary use of non-downloadable computer software; consultancy, advisory and information services for or in relation to any or all of the aforementioned services in this class.

Abstract

A computer device and method are provided to handle COM objects. A COM creating unit (800) intercepts a request for creation of an elevated COM object by a first user process (120a), determines whether the first user process (120a) is entitled to access the COM object, and creates the COM object without elevated privileges. A COM implementing unit (900) intercepts a second user process (120b) that implements the COM object, confirms that the second user process (120b) is entitled to access the COM object and elevates the privilege level of the second user process (120b) to implement the elevated COM object.

IPC Classes  ?

• G06F 21/52 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure

Abstract

A computer device and method are provided to handle COM objects. A COM creating unit intercepts a request for creation of an elevated COM object by a first user process, determines whether the first user process is entitled to access the COM object, and creates the COM object without elevated privileges. A COM implementing unit intercepts a second user process that implements the COM object, confirms that the second user process is entitled to access the COM object and elevates the privilege level of the second user process to implement the elevated COM object.

IPC Classes  ?

• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 21/52 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
• G06F 21/60 - Protecting data
• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
• G06F 9/44 - Arrangements for executing specific programs

Abstract

A computer device (200) includes a download unit (210) which downloads one or more files (302) into a storage device (205). A file logging unit (220) is arranged to record a resource locator (300) identifying a source network location (301) of the file (302), when the file (302) is downloaded, and to associate the resource locator (300) with a first fingerprint (303) of the file (302). A system policy unit (230) stores the resource locator (300) associated with a process control policy (305) relevant to the file (302). A process control unit (240) is arranged to obtain a second fingerprint of the file (302) upon launching a process in a runtime execution environment (203), retrieve the resource locator (300) from the file logging unit (220) by matching the second fingerprint with the first fingerprint (303), retrieve the process control policy (305) from the system policy unit according to the retrieved resource locator (300), and selectively apply process execution privileges which determine execution of the process in the runtime execution environment (203) according to the retrieved process control policy (305).

IPC Classes  ?

• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity

Abstract

A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

IPC Classes  ?

• G06F 11/30 - Monitoring
• G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
• G06F 21/55 - Detecting local intrusion or implementing counter-measures
• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 21/12 - Protecting executable software
• G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
• H04L 29/06 - Communication control; Communication processing characterised by a protocol
• G06F 12/14 - Protection against unauthorised use of memory

Abstract

A computer device and method are described for controlling access to a resource. An execution environment executes a user process with access privileges according to a user security context. A security unit controls access to resources according to the user security context, with the user process making system calls to the security unit. A proxy hook module embedded within the user process intercepts the system call and generates a proxy resource access request. A proxy service module in a privileged security context validates the proxy resource access request from the proxy hook module and, if validated, obtains and returns a resource handle that permits access to the desired resource by the user process.

IPC Classes  ?

• G06F 21/22 - by restricting access to, or manipulation of, programmes or processes
• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
• G06F 21/33 - User authentication using certificates

Abstract

A computer device (200) and method are described for controlling access to a resource (115). An execution environment (203) executes a user process (120) with access privileges according to a user security context (121). A security unit (250) controls access to resources (115, 125) according to the user security context (121a), with the user process (120) making system calls (501 ) to the security unit (250). A proxy hook module (310) embedded within the user process (120) intercepts the system call (501 ) and generates a proxy resource access request (502). A proxy service module (320) in a privileged security context (111 ) validates the proxy resource access request (502) from the proxy hook module (310) and, if validated, obtains and returns a resource handle that permits access to the desired resource (115) by the user process (120).

IPC Classes  ?

• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs

Abstract

A computer device (200) provides an execution environment (203) that supports a plurality of processes (110, 120). A plurality of key resources (115) are associated with a security application (110) that may perform process elevation to grant privileged access rights to a user process (120). A security module (210) is arranged to control access to the key resources (115) using an access control list. An anti-tamper mechanism (240) creates a protection group (117) as a local security group and adds a deny access control entry (116a) to the access control list (116). The anti-tamper mechanism (240) intercepts the user process (120) and creates a revised access token (122b) identifying the user process (120) as a member of the protection group (117). The security module (210) matches the protection group (117) in the revised access token 122b of the user process (120) against the deny access control entry 1 16a in the access control list (116) of the key resources (115) thereby restricting access by the user process (120) even though the user process otherwise has privileges which would allow access to those resources (115).

IPC Classes  ?

• G06F 21/24 - by protecting data directly, e.g. by labelling

Abstract

A computer device provides an execution environment that supports a plurality of processes. A plurality of key resources are associated with a security application that may perform process elevation to grant privileged access rights to a user process. A security module controls access to the key resources using an access control list. An anti-tamper mechanism creates a protection group as a local security group and adds a deny access control entry to the access control list. The anti-tamper mechanism intercepts the user process and creates a revised access token identifying the user process as a member of the protection group. The security module matches the protection group in the revised access token of the user process against the deny access control entry in the access control list of the key resources thereby restricting access by the user process even though the user process otherwise has privileges to access those resources.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
• G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs