Patents Assigned to Symantec
  • Techniques for improving dirty page logging
    Patent number: 7962703
    Abstract: Techniques for improving dirty page logging are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for memory logging comprising the steps of determining for one or more pages of memory if the pages of memory are likely to be modified in a subsequent epoch, performing a first operation on the pages of memory that are likely to be modified in a subsequent epoch, and performing a second operation on the pages of memory that are not likely to be modified in a subsequent epoch, wherein the first operation and the second operation are dissimilar.
    Type: Grant
    Filed: August 8, 2007
    Date of Patent: June 14, 2011
    Assignee: Symantec Corporation
    Inventors: Dharmesh R. Shah, Anurag Agarwal, Ankur Arora, Nitin Madan, Sureshbabu Basavayya, Ashish Puri, Srikanth S. Mahabalarao, Gurbir Singh Dhaliwal
  • Responding to detected application vulnerability exploits
    Patent number: 7962961
    Abstract: A security module detects attempted exploitations of vulnerabilities of an application executing on a computer. A robust function of the application having native error handling functionality is identified. The security module wraps the robust function with an exception handler that catches a “security violation” exception. The exception handler returns an error code of a type that is handled by the application's native error handling functionality. The security module also hooks the application. When a hook is followed, the security module determines whether a vulnerability in the application is being exploited. If an attempted exploit is detected, the security module throws the security violation exception. The application's native error handling functionality unwinds the call stack for the application until it reaches the exception handler wrapping the robust function.
    Type: Grant
    Filed: December 13, 2007
    Date of Patent: June 14, 2011
    Assignee: Symantec Corporation
    Inventors: Kent E. Griffin, Tzi-cker Chiueh, Sourabh Satish
  • Techniques for creating checkpoints
    Patent number: 7962710
    Abstract: Techniques for creating checkpoints are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for creating file system checkpoints comprising the steps of modifying a first data block and a second data block with a first transaction, associating the first data block with a first stamp, and associating the second data block with a second stamp, wherein the first stamp and the second stamp are substantially similar.
    Type: Grant
    Filed: August 8, 2007
    Date of Patent: June 14, 2011
    Assignee: Symantec Corporation
    Inventors: Dilip Madhusudan Ranade, Niranjan S. Pendharkar, Aalop S. Shah
  • Method and apparatus for searching a storage system for confidential data
    Patent number: 7958102
    Abstract: Method and apparatus for searching a storage system for confidential data is described. One aspect of the invention relates to searching a computer for confidential data related to user. User information comprising the confidential data is obtained from a digital identity for the user. A rule that provides a secure representation of the user information is generated. A storage system in the computer is searched using the rule to detect one or more instances of the user information within at least one file.
    Type: Grant
    Filed: March 28, 2007
    Date of Patent: June 7, 2011
    Assignee: Symantec Corporation
    Inventors: Sourabh Satish, Brian Hernacki
  • System and method for switching to a new coordinator resource
    Patent number: 7953890
    Abstract: Various embodiments of methods and systems for dynamically switching to a new coordinator resource are disclosed. In one embodiment, a method involves receiving information identifying a new coordinator resource for use by a cluster; detecting whether each of the nodes within the cluster is committing to use the new coordinator resource; and switching from an existing coordinator resource to the new coordinator resource, in response to detecting that each of the nodes within the cluster is committing to use the new coordinator resource. This method can be performed concurrently with normal cluster operations, and thus the cluster need not be disabled to perform the switchover.
    Type: Grant
    Filed: January 27, 2006
    Date of Patent: May 31, 2011
    Assignee: Symantec Operating Corporation
    Inventors: Amol S. Katkar, Grace Jing Chen, Viraj R. Kamat, Shardul Divatia
  • System and method for assigning symbolic names to data streams
    Patent number: 7953879
    Abstract: Various embodiments of methods and systems for assigning symbolic names to data streams within a file are disclosed. In one embodiment, a method involves receiving a request to access a file that includes multiple data streams and then selecting one of the data streams to be accessed, based on the symbolic name. In response to identifying that one of the data streams is associated with the symbolic name, that data stream is accessed.
    Type: Grant
    Filed: January 31, 2006
    Date of Patent: May 31, 2011
    Assignee: Symantec Operating Corporation
    Inventors: Sree Hari Nagaralu, Murali Nagaraj, Nookala Sunder Phani Kumar
  • DISTRIBUTED STORAGE THROUGH A VOLUME DEVICE ARCHITECTURE
    Publication number: 20110125951
    Abstract: A volume manager I/O method and system. The method includes determining a storage extent mapping of storage functionality of a plurality of storage devices and generating a logical disk extent based on the storage extent mapping. The logical disk extent is exported to a volume device component that is communicatively coupled to implement I/O for an application. An I/O request from the application is received via the volume device component. The I/O request is executed in accordance with the logical disk extent.
    Type: Application
    Filed: February 26, 2010
    Publication date: May 26, 2011
    Applicant: SYMANTEC CORPORATION
    Inventor: Christopher Youngworth
  • SYSTEM AND METHOD FOR AUTHORIZATION AND MANAGEMENT OF CONNECTIONS AND ATTACHMENT OF RESOURCES
    Publication number: 20110126268
    Abstract: Embodiments of the present invention are directed to a method and system for authorization management and resource attachment. The method includes receiving, within an electronic system, a notification of an emulated device operable to be provisioned and updating an authorization record of an authorization record datastore. The updating of the authorization record comprises updating routing information related to communication of the emulated device and a virtual device. The method further includes receiving a request for initial instantiation or reconnection of the emulated device with the virtual device and determining whether the emulated device and the virtual device are allowed to communicate based on the authorization record datastore. A response to the request for instantiation or reconnection can then be sent.
    Type: Application
    Filed: February 26, 2010
    Publication date: May 26, 2011
    Applicant: SYMANTEC CORPORATION
    Inventor: Christopher Youngworth
  • SYSTEM AND METHOD FOR VIRTUAL DEVICE COMMUNICATION FILTERING
    Publication number: 20110126269
    Abstract: Embodiments of the present invention are directed to a method and system for virtual device communication filtering. The method includes receiving, within an electronic system, an instantiation request for a first virtual device and determining whether the first virtual device and a second virtual device are allowed to communicate based on an authorization record datastore. The method further includes modifying an authorization record of the authorization record datastore. The modifying comprises setting an indicator of a data filtering module to filter communication between the first virtual device and the second virtual device. A response can then be sent to the instantiation request.
    Type: Application
    Filed: February 26, 2010
    Publication date: May 26, 2011
    Applicant: SYMANTEC CORPORATION
    Inventor: Christopher Youngworth
  • Driver load manager and method
    Patent number: 7950057
    Abstract: A method includes determining that a driver load address is in a system service dispatch table (SSDT) addressable area. The method further includes determining whether the driver is authorized to be in the SSDT addressable area. If the driver is authorized to be in the SSDT addressable area, the driver is loaded in the SSDT addressable area and is able to hook operating system functions. Conversely, if the driver is not authorized to be in the SSDT addressable area, the driver is loaded outside the SSDT addressable area and is not able to hook operating system functions. In this manner, only authorized drivers are allowed to hook operating system functions.
    Type: Grant
    Filed: December 21, 2006
    Date of Patent: May 24, 2011
    Assignee: Symantec Corporation
    Inventors: Mark Kennedy, Bruce McCorkendale
  • Rapidly traversing disc volumes during file content examination
    Patent number: 7949665
    Abstract: Methods, apparatuses, and computer-readable media for rapidly traversing movable storage media during file content examination for malicious computer code. An embodiment of the inventive method comprises the steps of: accessing an enumerated list of electronic files (220) stored on a movable storage medium (420); identifying at least one batch of electronic files (320) stored on the movable storage medium (420); associating each electronic file stored on the movable storage medium (420) within the batch of electronic files with a physical file location on the movable storage medium (310); creating a sorted list electronic files by the file's physical location on the movable storage medium (330); and examining the identified batch of electronic files on the movable storage medium (420) according to the sorted list (340).
    Type: Grant
    Filed: November 19, 2004
    Date of Patent: May 24, 2011
    Assignee: Symantec Corporation
    Inventors: John Millard, Cassio Goldschmidt
  • Controlling access to profile information in a social network
    Patent number: 7949611
    Abstract: Systems and methods for controlling access to relationship information in a social network are described. One described method comprises receiving a request from an observer for relationship information indicating at least a first relationship between a target in a social network and a second entity in the social network, identifying at least a first privacy rule for the first relationship, and outputting at least part of the relationship information to the observer if the first privacy rule is satisfied.
    Type: Grant
    Filed: May 5, 2010
    Date of Patent: May 24, 2011
    Assignee: Symantec Corporation
    Inventors: Thomas Alan Nielsen, Ellen Spertus, Alexandre Drobychev
  • Method and apparatus for suppressing e-mail security artifacts
    Patent number: 7950060
    Abstract: Method and apparatus for suppressing e-mail security artifacts is described. An aspect of the invention relates to processing e-mail addresses stored in an address book repository on a computer. A request for one or more e-mail addresses is received from a source. Authenticity of the source is verified. The one or more e-mail addresses is (are) obtained from the address book repository. The one or more e-mail addresses is (are) filtered to remove one or more honeypot e-mail addresses. The one or more e-mail addresses is (are) forwarded as filtered to the source if the source is authentic. The one or more e-mail addresses is (are) forwarded as obtained to the source if the source is not authentic. Accordingly, the honeypot addresses are not filtered if the source is not authentic.
    Type: Grant
    Filed: September 28, 2007
    Date of Patent: May 24, 2011
    Assignee: Symantec Corporation
    Inventors: Mark Kennedy, Bruce McCorkendale
  • Behavior based processing of a new version or variant of a previously characterized program
    Patent number: 7950056
    Abstract: Behavior based processing of a new version or variant of a previously characterized program is disclosed. An indication is received that a process with respect to which a trust decision was made previously has undergone a change. The process is allowed to continue to engage, after the change, in a network behavior associated with the process prior to the change, without first prompting a user, subsequent to the change, to provide an input indicating whether the changed process is to be allowed to engage in the network behavior subsequent to the change.
    Type: Grant
    Filed: June 30, 2006
    Date of Patent: May 24, 2011
    Assignee: Symantec Corporation
    Inventors: Sourabh Satish, Brian Hernacki
  • RESTRICTING ACCESS TO OBJECT BASED STORAGE
    Publication number: 20110119460
    Abstract: A method, in one embodiment, can include a server receiving a message to deactivate a partition key of an object based storage system. A token of the object based storage system is signed by the partition key. The object based storage system includes the server. Additionally, after receiving the message, the server can deactivate the partition key to block access to a partition of the object based storage system by a client. The server includes the partition.
    Type: Application
    Filed: November 16, 2009
    Publication date: May 19, 2011
    Applicant: Symantec Corporation
    Inventor: Shriram Wankhade
  • SELECTIVE FILE SYSTEM CACHING BASED UPON A CONFIGURABLE CACHE MAP
    Publication number: 20110119228
    Abstract: A method for implementing selective file system caching. The method includes receiving I/O requests from an application and comparing each of the I/O requests with a configurable cache map, wherein the configurable cache map controls a selective caching based on an I/O type and a file type. Each of the I/O requests are processed to render caching decisions based on the configurable cache map. Selective caching is then implemented on each of the I/O requests in accordance with the caching decisions.
    Type: Application
    Filed: November 16, 2009
    Publication date: May 19, 2011
    Applicant: SYMANTEC CORPORATION
    Inventors: Edwin Menze, Raghupathi Malige, Bala Kumaresan, Tillmann Reusse
  • FILE SYSTEM QUOTA AND RESERVATION
    Publication number: 20110119461
    Abstract: A method, in one embodiment, can include allowing storage allocation of data of a file system within an object based storage system. Furthermore, the method can include determining if storage allocation usage for the file system is below a threshold. If the storage allocation usage for the file system is not below the threshold, a client is requested to flush its dirty data associated with the file system. After requesting a client flush, the method can include determining the storage allocation usage for the file system. In addition, the method can include determining periodically if the storage allocation usage has reached a quota. If the quota is reached, the quota is enforced for the data of the file system.
    Type: Application
    Filed: November 16, 2009
    Publication date: May 19, 2011
    Applicant: SYMANTEC CORPORATION
    Inventors: Samir Desai, Shriram Wankhade
  • Method and system for running an application in a clean operating environment using a layered computing system
    Patent number: 7945897
    Abstract: The disclosure is directed to computing systems that provide access to the content of layers. Layers may include, for example, application layers, baseline layers, data layers, patch layers, application patch layers, and sublayers. Prioritization schemes, including prioritization by layer type, by assigned priority weights, by access type, by sub-layers and by read-write indicators are provided. Layers may contain file reference information including exclusion or inclusion entries indicating what files may be written. Paths recorded in layers may also embed variables to true paths on a layered system. Detailed information on various example embodiments are provided in the Detailed Description, and the invention is defined by the appended claims.
    Type: Grant
    Filed: September 28, 2006
    Date of Patent: May 17, 2011
    Assignee: Symantec Corporation
    Inventor: Randall R. Cook
  • Method to identify buffer overflows and RLIBC attacks
    Patent number: 7945953
    Abstract: A method and system detect buffer overflows and RLIBC attacks by determining if a critical call initiating function is a “potential threat”. In one embodiment, a critical call initiating function is considered a potential threat if the value of the return address of the critical call initiating function points to a location in memory between the location of the highest Thread Environment Block (TEB) or Process Environment Block (PEB) and the location of the lowest Thread Environment Block (TEB) or PEB. In another embodiment, a critical call initiating function making a call to a predefined critical operating system function is considered a potential threat if the value of the return address of the critical call initiating function points to the beginning of a new function with a zero offset.
    Type: Grant
    Filed: July 6, 2005
    Date of Patent: May 17, 2011
    Assignee: Symantec Corporation
    Inventors: Govind Salinas, Matthew Conover, Sourabh Satish
  • Systems and Methods for Processing and Managing Object-Related Data for use by a Plurality of Applications
    Publication number: 20110113466
    Abstract: A computer-implemented method for indexing data for use by a plurality of applications may include receiving a data object at a first application of a plurality of applications. The method may include tokenizing the common-form data object to extract tokens from the data object and creating an index of the tokens extracted from the data object, the index being formatted to be utilized by each of the plurality of applications. The method may further include storing the index in a database that is accessible by the plurality of applications. The plurality of applications may comprise two or more application types. Various other methods and systems are also disclosed.
    Type: Application
    Filed: November 6, 2009
    Publication date: May 12, 2011
    Applicant: Symantec Corporation
    Inventors: Russell Stringham, Eduardo Suarez