As the components required to build a computer system have reduced in size, new categories of computer systems have emerged. One of the new categories of computer systems is the “palmtop” computer system. A palmtop computer system is a computer that is small enough to be held in the hand of a user and can be “palm-sized.” Most palmtop computer systems are used to implement various Personal Information Management (PIM) applications such as an address book, a daily organizer and electronic notepads, to name a few. Such palmtop computers are currently commercially available an the form of Personal Digital Assistants (PDAs) as well as other forms such as portable telephones and the like.
When the operating systems for such devices (e.g., the Palm™ operating system) were originally developed, such devices were standalone personal information managers that were used with little or no information exchanged with other devices (excluding perhaps a host computer). As the devices evolved, greater interactivity was developed so that the devices can more easily communicate with outside sources of data such as the Internet, Email, infrared communication, etc. As such interactivity becomes more commonplace, the vulnerability of hand-held devices to attacks by viruses increases. Such attacks may not have been initially contemplated in the original design of the operating system, so a mechanism for filtering out viruses is not built in.
Hand-held devices capable of receiving data from an external source (IR port, serial port, modem card, etc) generally keep a registry of device applications and the type of data objects they support. (This registry is called the registry in the Palm operating system, by Palm Computing, Inc., Santa Clara, Calif. and is accessed by the Exchange Manager software. Similar functions are carried out by the ShellExecute function in Microsoft Corporation's (Redmond, Wash.) Windows CE™ as well as in certain web browser programs such as Microsoft Corporation's Pocket Internet Explorer™. These functions similarly access a registry-like file to determine program associations and are considered equivalent for purposes of the present invention.) This registry is used to determine which application(s) will process the incoming data object. The normal process used to associate data objects with applications is illustrated in FIG. 1.
When an incoming data object 20 is received by a hand-held device such as 24, the Exchange Manager (or equivalent software) determines which application is associated with the data object at 28 by reference to a registry 32. The registry, in part, forms a database of data types and the application with which the particular data type is associated. Once the data type is identified as associated with a particular application, the data object is forwarded the designated application 36.
Under this arrangement, a hand-held device can easily be infected by a virus since there is no good mechanism for intercepting the virus within an incoming data object before the virus reaches the target application.