| 摘要 |
Computer system protection to protect against harmful data from an external computer network ( 60 ) (e.g. the Internet) involves supplying incoming data ( 62 ) to a software checker ( 64 ) as the data enters a computer system (not shown). The checker ( 64 ) routes any suspect data ( 66 ) to an encryptor ( 68 ) which encrypts it to render it unusable and harmless. Encrypted data passes to a computer ( 72 ) in an internal network ( 74 ) and having a desktop quarantine area or sandbox ( 76 ) for suspect data. The computer ( 72 ) runs main desktop applications ( 78 ) receiving encrypted data ( 70 ) for storage and transfer, but not for use in any meaningful way because it is encrypted. Equally well applications ( 78 ) cannot be interfered with by encrypted data ( 70 ) because encryption makes this impossible. On entry into the sandbox ( 76 ), the encrypted data ( 70 ) is decrypted to usable form it then becomes accessible by software ( 204 ) suitable for use in the sandbox ( 76 ) subject to sandbox constraints.
|
