| 发明名称 | System and method for providing a secured operating system execution environment | ||
| 摘要 | In one embodiment, a system for launching a security architecture includes an electronic device comprising a processor and one or more operating systems, a security agent, and a launching module. The launching module comprises a boot manager and a secured launching agent. The boot manager is configured to boot the secured launching agent before booting the operating systems, and the secured launching agent is configured to load a security agent. The security agent is configured to execute at a level below all operating systems of the electronic device, intercept a request to access a resource of the electronic device, the request originating from the operational level of one of one or more operating systems of the electronic device, and determine if a request is indicative of malware. In some embodiments, the secured launching agent may be configured to determine whether the security agent is infected with malware prior to loading the security agent. | ||
| 申请公布号 | US9087199(B2) | 申请公布日期 | 2015.07.21 |
| 申请号 | US201113077227 | 申请日期 | 2011.03.31 |
| 申请人 | McAfee, Inc. | 发明人 | Sallam Ahmed Said |
| 分类号 | G06F11/00;G06F12/14;G06F12/16;G08B23/00;G06F9/00;G06F15/177;G06F21/57;G06F9/455;G06F21/55;G06F21/56 | 主分类号 | G06F11/00 |
| 代理机构 | Baker Botts L.L.P. | 代理人 | Baker Botts L.L.P. |
| 主权项 | 1. A system, comprising: an electronic device comprising a processor and one or more operating systems; a security agent configured to: execute at a higher priority than all operating systems of the electronic device;intercept, at a higher priority than all operating systems of the electronic device, a request to access a resource of the electronic device, the resource including one or more files associated with the security agent;determine, at a higher priority than all operating systems of the electronic device, whether the request is indicative of malware, including: utilizing a disk mapping bitmap containing metadata corresponding to the one or more files associated with the security agent to determine that the request is for the one or more files associated with the security agent, the metadata specifying a plurality of sectors on a storage device where each of the one or more files are stored;determining that the requestor is unauthorized; andbased upon a determination that the request is for the sectors on the storage device specified in the disk mapping bitmap and upon a determination that the requestor is unauthorized, determining that the request is indicative of malware and denying the request;and a launching module comprising: a secured launching agent configured to launch the security agent; anda boot manager configured to boot the secured launching agent before booting the one or more operating systems. | ||
| 地址 | Santa Clara CA US | ||