System and method for protecting a computer system from malicious software
DC CAFCFirst Claim
1. A method of operating a computer system having at least a first and second electronic data processor capable of executing instructions using a common operating system, comprising the steps of:
- executing instructions in a first logical process within the common operating system using the first electronic data processor, wherein the first logical process is capable of accessing data contained in a first memory space and a second memory space;
executing instructions in a second logical process within the common operating system using the second electronic data processor, wherein the second logical process is capable of accessing data contained in the second memory space, the second logical process being further capable of exchanging data across a network of one or more computers;
displaying, in a windowed format on a display terminal, data from the first logical process and the second logical process, wherein a video processor is adapted to combine data from the first and second logical processes and transmit the combined data to the display terminal;
wherein the computer system is configured such that the second electronic data processor is operating in a protected mode and data residing on the first memory space is protected from corruption by a malware process downloaded from the network and executing as part of the second logical process.
3 Assignments
Litigations
2 Petitions
Accused Products
Abstract
In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.
113 Citations
71 Claims
-
1. A method of operating a computer system having at least a first and second electronic data processor capable of executing instructions using a common operating system, comprising the steps of:
-
executing instructions in a first logical process within the common operating system using the first electronic data processor, wherein the first logical process is capable of accessing data contained in a first memory space and a second memory space; executing instructions in a second logical process within the common operating system using the second electronic data processor, wherein the second logical process is capable of accessing data contained in the second memory space, the second logical process being further capable of exchanging data across a network of one or more computers; displaying, in a windowed format on a display terminal, data from the first logical process and the second logical process, wherein a video processor is adapted to combine data from the first and second logical processes and transmit the combined data to the display terminal; wherein the computer system is configured such that the second electronic data processor is operating in a protected mode and data residing on the first memory space is protected from corruption by a malware process downloaded from the network and executing as part of the second logical process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A multi-processor computer system using a common operating system, comprising:
-
a first electronic data processor capable of executing instructions using the common operating system and communicatively coupled to a first memory space and a second memory space; a second electronic data processor capable of executing instructions using the common operating system and communicatively coupled to the second memory space and to a network interface device, wherein the second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device; a video processor adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format; wherein the computer system is configured such that the second electronic data processor is operating in a protected mode and data residing on the first memory space is protected from corruption by a malware process downloaded from the network and executing on the second electronic data processor. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A multi-processor computer system using a common operating system, comprising:
-
at least a first and second electronic data processor capable of executing instructions using the common operating system; at least a first and second memory space; a video processor; wherein the first and second electronic data processors, first and second memory space, and video processor are configured for performing the steps of; executing instructions in a first logical process with the first electronic data processor, wherein the first logical process is executing within the common operating system and is capable of accessing data contained in the first memory space and the second memory space; executing instructions in a second logical process with the second electronic data processor, wherein the second logical process is executing within the common operating system and is capable of accessing data contained in the second memory space, the second logical process being further capable of exchanging data across a network of one or more computers; displaying, in a windowed format on a display terminal, data from the first logical process and the second logical process, wherein the video processor is adapted to combine data from the first and second logical processes and transmit the combined data to the display terminal; wherein the computer system is configured such that the second electronic data processor is operating in a protected mode and data residing on the first memory space is protected from corruption by a malware process downloaded from the network and executing as part of the second logical process. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A portable computer based system capable of executing instructions using a common operating system and protect critical files from malicious attacks via a network of one or more computers, comprising:
-
a first logical process capable of executing instructions within the common operating system using at least one electronic data processor and further capable of accessing a first memory space, wherein the first memory space contains at least one critical file; and at least one secure browser process capable of executing instructions within the common operating system using the at least one electronic data processor and further capable of accessing a second memory space; the first logical process configured to; accept data entry from a computer user; initialize the at least one secure browser process; and pass data to the at least one secure browser process; the at least one secure browser process configured to; execute instructions from a process potentially containing malware downloaded from the network of one or more computers; access data contained in the second memory space, wherein the process potentially containing malware is capable of accessing the second memory space but is denied access to the first memory space; store at least one temporary internet file on the first or second memory space; block the process potentially containing malware from modifying search requests when accessing a search engine; and generate website video data for display; wherein the portable computer based system is configured such that the at least one critical file residing on the first memory space is protected from corruption by the process potentially containing malware downloaded from the network and executing as part of the at least one secure browser process; wherein the portable computer based system is configured such that the at least one temporary internet file is automatically deleted upon closing the at least one secure browser process. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 54)
-
-
38. A method of operating a portable computer based system capable of executing instructions using a common operating system and protect critical files from malicious attacks via a network of one or more computers, comprising:
-
executing instructions in a first logical process within the common operating system using at least one electronic data processor and accessing a first memory space, wherein the first memory space contains at least one critical file; executing instructions in at least one secure browser process within the common operating system using the at least one electronic data processor and accessing a second memory space; accepting data entry from a computer user in the first logical process; initializing the at least one secure browser process in the first logical process; passing data to the at least one secure browser process in the first logical process; executing instructions from a process potentially containing malware downloaded from the network of one or more computers in the at least one secure browser process; accessing data contained in the second memory space in the at least one secure browser process, wherein the process potentially containing malware accesses the second memory space but is denied access to the first memory space; storing at least one temporary internet file on the first or second memory space in the at least one secure browser process; blocking the process potentially containing malware from modifying search requests when accessing a search engine in the at least one secure browser process; and generating website video data for display in the at least one secure browser process; wherein the portable computer based system is configured such that the at least one critical file residing on the first memory space is protected from corruption by the process potentially containing malware downloaded from the network and executing as part of the at least one secure browser process; wherein the portable computer based system is configured such that the at least one temporary internet file is automatically deleted upon closing the at least one secure browser process. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
55. A computer program product comprising a program code stored in a non-transitory computer readable medium operable on a portable computer based system capable of executing instructions using a common operating system and protect critical files from malicious attacks via a network of one or more computers, configured to:
-
execute instructions in a first logical process within the common operating system using at least one electronic data processor and further configured to access a first memory space, wherein the first memory space contains at least one critical file; execute instructions in at least one secure browser process within the common operating system using the at least one electronic data processor and further configured to access a second memory space; accept data entry from a computer user in the first logical process; initialize the at least one secure browser process in the first logical process; pass data to the at least one secure browser process in the first logical process; execute instructions from a process potentially containing malware downloaded from the network of one or more computers in the at least one secure browser process; access data contained in the second memory space in the at least one secure browser process, wherein the process potentially containing malware is configured to access the second memory space but is denied access to the first memory space; store at least one temporary internet file on the first or second memory space in the at least one secure browser process; block the process potentially containing malware from modifying search requests when accessing a search engine in the at least one secure browser process; and generate website video data for display in the at least one secure browser process; wherein the portable computer based system is configured such that the at least one critical file residing on the first memory space is protected from corruption by the process potentially containing malware downloaded from the network and executing as part of the at least one secure browser process; wherein the portable computer based system is configured such that the at least one temporary internet file is automatically deleted upon closing the at least one secure browser process. - View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71)
-
Specification