The present invention relates to a method and apparatus for checking the validity of data in a data processing network, for example for checking whether the data contains viruses or other unwanted data or whether it has been authorised for or barred from use in the network or a part of it.
In general, data of a computer file or disk sector (such as a computer program) can be checked for unwanted data, or information indicating whether the file has been authorized for or barred from use, by the file being searched for data of a predetermined form. This form may comprise predetermined characteristics such as the presence of certain information anywhere in the file, possibly in any order, or at a certain location in the file, possibly in combination with other such data. For instance, computer viruses are stored in the data of a computer file as a set of virus data which can serve as instructions for the virus to operate. A file can be checked for known viruses by a virus detection procedure which searches the file for characteristics that are known to be indicative of each virus. As the number of known viruses to be checked for increases (around 3000 are currently known) the amount of storage capacity needed to store information defining the characteristics of all the known viruses increases too.
In a computer network of workstations and a file server it is conventional for each workstation to itself check on the validity of the data held by it. However, this means that every workstation must use a portion of its storage capacity to store information defining all the characteristic forms to be searched for. In total this requires a large amount of storage capacity, and as more characteristic forms come to be searched for, for example as new viruses are identified, it may become infeasible for workstations to carry out searching themselves because of the limitations of their operating systems. Also, each workstation must be updated individually to include new characteristics. This is inconvenient where there is a large number of workstations.
WO 93/01550 discloses a system for controlling the use of a licensed product, in which in order to determine whether access can be made to a licensed product stored for access by a licensee's data processor a licence datagram is copied to a licensor's data processor which returns a reply message. The licence datagram contains different data from the licensed product.