A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs fro
A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs from execution and monitor the concurrent usage of other computer programs.
대표청구항▼
We claim: 1. A computer program product comprising a computer program stored on a computer storage medium when executed operable to control a computer to computer to generate audit data indicative of a request to execute a computer program, said computer program comprising: (i) computer virus scann
We claim: 1. A computer program product comprising a computer program stored on a computer storage medium when executed operable to control a computer to computer to generate audit data indicative of a request to execute a computer program, said computer program comprising: (i) computer virus scanner logic, responsive to a computer virus scan request including data identifying a computer file to be scanned for computer viruses, for performing a computer virus scan and for generating a scan result; (ii) audit data generator logic separate from said computer virus scanner logic and being triggered by said computer virus scanner logic prior to said generating said scan result, and responsive to said data identifying said computer file to be scanned that is received from said computer virus scanner logic for simultaneously performing additional operations in parallel with said computer virus scan, said additional operations including identifying a request to execute a computer program associated with said computer file to be scanned for computer viruses by said computer virus scanner logic and, in response to identification of said request to execute said computer program, generating audit data identifying said computer program; wherein said audit data generator logic is responsive to data identifying one or more banned computer programs to identify a request to execute a banned computer program; and (iii) concurrent usage logic for performing a concurrent usage check for identifying a request to execute a further computer program that would result in said further computer program concurrently executing upon more than a predetermined number of computers upon a computer network; wherein said predetermined number varies with time; wherein if said concurrent usage check indicates that said request to execute said further computer program would result in more than said predetermined number of computers upon said computer network concurrently executing said computer program, then said request to execute said further computer program is denied. 2. A computer program product as claimed in claim 1, wherein a file access request to an operating system triggers generation of said computer virus scan request. 3. A computer program product as claimed in claim 1, wherein, it a request to execute a banned computer program is identified, then one or more banned program actions are triggered, said banned program actions including one or more of: (i) said banned computer program is deleted; (ii) said banned computer program is disabled; (iii) said banned program is encrypted and replaced by a stub program; and (iv) an alert indicating detection of said banned computer program is issued. 4. A computer program product as claimed in claim 1, wherein said data identifying one or more banned computer programs is a permitted computer program list with any computer program not included within said permitted computer program list being a banned computer program. 5. A computer program product as claimed in claim 1, wherein a user message is displayed when execution of said further computer program is prevented. 6. A computer program product as claimed in claim 1, wherein at certain times said predetermined number is zero. 7. A computer program product as claimed in claim 1, wherein said audit data generator logic calculates a checksum value from said computer file, said checksum value being used in identification of said computer file as a particular computer program. 8. A computer program product as claimed in claim 7, wherein said audit data generator logic stores said calculated checksum value and uses said stored calculated checksum values instead of recalculating said checksum value when said computer tile subject to a subsequent access without any intervening change having been made to said computer file. 9. A computer program product as claimed in claim 1, wherein said audit data generator logic is responsive to a non-user specified database of data indicative of particular computer programs. 10. A computer program product as claimed in claim 1, wherein said audit data generator logic is responsive to a user specified database of data indicative of particular computer programs. 11. A computer program product as claimed in claim 1, wherein said computer virus scan request results from an on-access scan. 12. A computer program product as claimed in claim 1, wherein said computer virus scan request results from an on-demand scan. 13. A computer program product as claimed in claim 1, wherein local audit data is stored upon a computer within a computer network until said computer is polled by a remote computer upon said computer network whereupon said local audit data is sent to said remote computer. 14. A computer program product as claimed in claim 13, wherein said remote computer generates a consolidated audit report for a plurality of computers upon said computer network. 15. A computer program product as claimed in claim 1, wherein said computer virus scanner logic generates said scan result after receiving a reply from said audit data generator logic. 16. A computer program product as claimed in claim 1, wherein said computer virus scanner logic generates said scan result as a function of a reply from said audit data generator logic. 17. A computer program product as claimed in claim 1, wherein a reply from said audit data generator logic is not used by said computer virus scanner logic if said scan result includes a failure. 18. A computer program product as claimed in claim 1, wherein said data identifying said computer file is sent to said audit data generator logic prior to performing said computer virus scan. 19. A method of generating audit data indicative era request to execute a computer program, said method comprising the steps of: (i) responsive to a computer virus scan request within a computer virus scanner, performing a computer virus scan and generating a scan result, said computer virus scan request including data identifying a computer file to be scanned for computer viruses; (ii) triggering operation of an audit data, generator which is separate from said computer virus scanner, using said computer virus scanner prior to said generating said scan result, said audit dam generator being responsive to said data identifying said computer file to be scanned that is received from said computer virus scanner for simultaneously performing additional operations in parallel with said computer virus scan, said additional operations including identifying a request to execute a computer program associated with said computer file to be scanned for computer viruses by said computer virus scanner; wherein said audit data generator logic is responsive to data identifying one or more banned computer programs to identify a request to execute a banned computer program; and (ii) in response to identification of said request to execute said computer program, generating audit data identifying said computer program; and (iv) performing a concurrent usage check for identifying a request to execute a further computer program that would result in said further computer program concurrently executing upon more than a predetermined number of computers upon computer network; wherein said predetermined number varies with time; wherein if said concurrent usage check indicates that said request to execute said further computer program would result in more than said predetermined number of computers upon said computer network concurrently executing said computer program, then said request to execute said further computer program is denied. 20. A method as claimed in claim 19, wherein a file access request to an operating system triggers generation of said computer virus scan request. 21. A method as claimed in claim 19, wherein, if a request to execute a banned computer program is identified, then one or more banned program actions are triggered, said banned program actions including one or more of: (i) said banned computer program is deleted; (ii) said banned computer program is disabled; (iii) said banned program is encrypted and replaced by a stub program; and (iv) an alert indicating detection of said banned computer program is issued. 22. A method as claimed in claim 19, wherein said data identifying one or more banned computer programs is a permitted computer program list with any computer program not included within said permitted computer program list being a banned computer program. 23. A method as claimed in claim 19, wherein a user message is displayed when execution of said further computer program is prevented. 24. A method as claimed in claim 19, wherein at certain times said predetermined number is zero. 25. A method as claimed in claim 19, wherein said audit data generator calculates a checksum value from said computer file, said checksum value being used in identification of said computer file as a particular computer program. 26. A method as claimed in claim 25, wherein said audit data generator stores said calculated checksum value and uses said stored calculated checksum values instead of recalculating said checksum value when said computer file subject to a subsequent access without any intervening change having been made to said computer file. 27. A method as claimed in claim 19, wherein said audit data generator is responsive to a non-user specified database of data indicative of particular computer programs. 28. A method as claimed in claim 19, wherein said audit data generator is responsive to a user specified database of data indicative of particular computer programs. 29. A method as claimed in claim 19, wherein said computer virus scan request results from an on-access scan. 30. A method as claimed in claim 19, wherein said computer virus scan request results from an on-demand scan. 31. A method as claimed in claim 19, wherein local audit data is stored upon a computer within a computer network until said computer is polled by a remote computer upon said computer network whereupon said local audit data is sent to said remote computer. 32. A method as claimed in claim 31, wherein said remote computer generates a consolidated audit report for a plurality of computers upon said computer network. 33. Apparatus for generating audit data indicative of a request to execute a computer prepare, said apparatus comprising: (i) a computer virus scanner, responsive to a computer virus scan request, for performing a computer virus scan and for generating a scan result, said computer virus scan request including data identifying a computer file to be scanned for computer viruses; (ii) an audit data generator separate from said computer virus scanner and being triggered by said computer virus scanner prior to said generating said scan result, and responsive to said data identifying said computer file to be scanned that is received from said computer virus scanner for simultaneously performing additional operations in parallel with said computer virus scan, said additional operations including identifying a request to execute a computer program associated with said computer file to be scanned for computer viruses by said computer virus scanner and, in response to identification of said request to execute said computer program, generating audit data identifying said computer program; wherein said audit data generator logic is responsive to data identifying one or more banned computer programs to identify a request to execute a banned computer program; and concurrent usage monitor for performing a concurrent usage check for identifying a request to execute a further computer program that would result in said further computer program concurrently executing upon more than a predetermined number of computers upon a computer network; wherein said predetermined number varies with time; wherein if said concurrent usage check indicates that said request to execute said further computer program would result in more than said predetermined number of computers upon said computer network concurrently executing said computer program, then said request to execute said further computer program is denied. 34. Apparatus as claimed in claim 33, wherein a file access request to an operating system triggers generation of said computer virus scan request. 35. Apparatus as claimed in claim 33, wherein, if a request to execute a banned computer program is identified, then one or more banned program actions are triggered, said banned program actions including one or more of: (i) said banned computer program is deleted; (ii) said banned computer program is disabled; (iii) said banned program is encrypted and replaced by a stub program; and (iv) an alert indicating detection of said banned computer program is issued. 36. Apparatus as claimed in claim 33, wherein said data identifying one or more banned computer programs is a permitted computer program list with any computer program not included within said permitted computer program list being a banned computer program. 37. Apparatus as claimed in claim 33, wherein a user message is displayed when execution of said further computer program is prevented. 38. Apparatus as claimed in claim 33, wherein at certain times said predetermined number is zero. 39. Apparatus as claimed in claim 33, wherein said audit data generator calculates a checksum value from said computer file, said checksum value being used in identification of said computer file as a particular computer program. 40. Apparatus as claimed in claim 39, wherein said audit data generator stores said calculated checksum value and uses said stored calculated checksum values instead of recalculating said checksum value when said computer file subject to a subsequent access without any intervening change having been made to said computer file. 41. Apparatus as claimed in claim 33, wherein said audit data generator is responsive to a non-user specified database of data indicative of particular computer programs. 42. Apparatus as claimed in claim 33, wherein said audit data generator is responsive to a user specified database of data indicative of particular computer programs. 43. Apparatus as claimed in claim 33, wherein said computer virus scan request results from an on-access scan. 44. Apparatus as claimed in claim 33, wherein said computer virus scan request results from an on-demand scan. 45. Apparatus as claimed in claim 33, wherein local audit data is stored upon a computer within a computer network until said computer is polled by a remote computer upon said computer network whereupon said local audit data is sent to said remote computer. 46. Apparatus as claimed in claim 45, wherein said remote computer generates a consolidated audit report for a plurality of computers upon said computer network.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (9)
Shiakallis Peter Paul, Computer system for providing improved security for stored information.
Bates, Cary Lee; Crenshaw, Robert James; Day, Paul Reuben; Santosuosso, John Matthew, Virus checking and reporting for computer database search results.
Zaitsev, Oleg V.; Grebennikov, Nikolay A.; Monastyrsky, Alexey V.; Pavlyushchik, Mikhail A., System and method for security rating of computer processes.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.