최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0242185 (2002-09-11) |
등록번호 | US-7512810 (2009-03-31) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 39 인용 특허 : 306 |
An improved system and approaches for protecting secured files when being used by an application (e.g., network browser) that potentially transmits the files over a network to unknown external locations are disclosed. According to one aspect, access to secured files is restricted so that unsecured v
An improved system and approaches for protecting secured files when being used by an application (e.g., network browser) that potentially transmits the files over a network to unknown external locations are disclosed. According to one aspect, access to secured files is restricted so that unsecured versions of the secured files are not able to be transmitted over a network (e.g., the Internet) to unauthorized destinations. In one embodiment, in opening a file for use by a network browser, the network browser receives a secured (e.g., encrypted) version of the secured file when the destination location (e.g., destination address) for the network browser is not trusted, but receives an unsecured (e.g., unencrypted) version of the secured file when the destination location for the network browser is trusted. According to another aspect, processes operating on a computer system are monitored to determine destination locations, if any, of said processes, and then using such destination locations to determine whether to permit the processes to open files in a secure or unsecured manner.
What is claimed is: 1. A method comprising: (a) receiving a request for access to a secured file, wherein the request is initiated by a requestor, and wherein the request is associated with a process associated with a computer system; (b) determining whether the process is a trusted process, wherei
What is claimed is: 1. A method comprising: (a) receiving a request for access to a secured file, wherein the request is initiated by a requestor, and wherein the request is associated with a process associated with a computer system; (b) determining whether the process is a trusted process, wherein the determination is based on trust of the process and trust of an external destination of the process, wherein the external destination of the process is based on one or more of a destination address associated with the process and a current Universal Resource Locator (URL) associated with the process; (c) determining whether the requestor is permitted to access an unsecured version of the secured file; and (d) upon successful determination in steps (b) and (c), unsecuring the secured file to produce the unsecured version of the secured file, thereby permitting access to the unsecured version of the secured file. 2. The method as recited in claim 1, wherein the method further comprises: (e) permitting access to the secured file when the determining (b) determines that the process is not trusted. 3. The method as recited in claim 2, wherein the method further comprises: (f) denying access to the secured file when the determining (b) determines that the process is trusted and the determining (c) determines that the requestor is not permitted to access an unsecured version of the secured file. 4. The method as recited in claim 3, wherein the process pertains to a network browser operating on the computer system. 5. The method as recited in claim 1, wherein the method further comprises: (e) denying access to the secured file when the determining (b) determines that the process is trusted and the determining (c) determines that the requester is not permitted to access an unsecured version of the secured file. 6. The method as recited in claim 1, wherein: the process has a current destination address associated therewith; and the determining (b) of whether the process is trusted by the file security system is determined based on at least the current destination address. 7. The method as recited in claim 6, wherein the current destination address is determined by monitoring a current destination address for each of a plurality of processes operating on the computer system. 8. The method as recited in claim 7, wherein when a process being monitored for a current destination address has multiple windows, the current destination address for the process pertains to one of the windows in a foreground position. 9. The method as recited in claim 1, wherein the determining (b) of whether the process is trusted by the file security system comprises: (b1) identifying a process name and a current destination address for the process; and (b2) comparing the process name and the current destination address with a predetermined list of trusted processes and destination addresses. 10. The method as recited in claim 9, wherein step (b) further comprises: (b3) concluding that the process is trusted when the comparing (b2) determines that the process name and the current destination address are present within the list of trusted processes and destination addresses. 11. The method as recited in claim 1, wherein the process pertains to a network browser operating on the computer system. 12. A method comprising: (a) receiving a file open request to open a secured file, the request being initiated by a requester and being associated with a process; (b) determining whether the process is a trusted process wherein the determination is based on trust of the process and trust of an external destination of the process, wherein the external destination of the process is based on one or more of a destination location associated with the process and a current Universal Resource Locator (URL) associated with the process; (c) determining whether the requester is permitted to open an unsecured version of the secured file; (d) permitting the secured file to be opened for limited use by the requestor when the process is determined not to be trusted; and (e) upon successful determination in steps (b) and (c), permitting the unsecured version of the secured file to be opened for use by the requestor. 13. The method as recited in claim 12, wherein the method further comprises: preventing the secured file or the unsecured version of the secured file from being opened for use by the requestor when the requestor lacks permission. 14. The method as recited in claim 12, wherein the secured file is secured through encryption. 15. The method as recited in claim 12, wherein: the process has a current Universal Resource Locator (URL) associated therewith, and the determining of whether the process is trusted by the file security system is determined based on at least the current URL. 16. The method as recited in claim 15, wherein the process pertains to a network browser operating on the computer system. 17. The method as recited in claim 15, wherein the current URL is determined by monitoring a current URL for each of a plurality of processes operating on the computer system. 18. The method as recited in claim 17, wherein when a process being monitored for a current URL has multiple windows, the current URL for the process pertains to one of the windows in a foreground position. 19. The method as recited in claim 15, wherein the determining of whether the process is trusted by the file security system comprises: identifying a process name and a current Universal Resource Locator (URL) for the process; and comparing the process name and the current URL with a predetermined list of trusted processes and URLs. 20. The method as recited in claim 12, wherein the determining of whether the process is trusted by the file security system comprises: identifying a process name and a current Universal Resource Locator (URL) for the process, and comparing the process name and the current URL with a predetermined list of trusted processes and URLs. 21. The method as recited in claim 20, wherein the method further comprises: concluding that the process is trusted when the comparing determines that the process name and the current URL are present within the list of trusted processes and URLs. 22. The method as recited in claim 12, wherein the process pertains to a network browser operating on the computer system. 23. A computer readable storage medium having computer program code recorded thereon, that when executed by a processor, causes a processor to limit access to a file secured by a file security system, the computer readable storage medium comprising: computer program code enabling a processor to receive a request for access to a secured file, wherein the request is initiated by a requester, and wherein the request is associated with a process; computer program code enabling the processor to determine whether the process is trusted wherein the determination is based on trust of the process and trust of an external destination of the process, wherein the external destination of the process is based on one or more of a destination address associated with the process and a current Universal Resource Locator (URL) associated with the process; computer program code enabling the processor to determine whether the requestor is permitted to access an unsecured version of the secured file; and computer program code enabling the processor to unsecure the secured file to produce an unsecured version of the secured file, thereby permitting access to the unsecured version of the secured file. 24. The computer readable storage medium as recited in claim 23, wherein the process pertains to a network browser operating on the computer system. 25. The computer readable storage medium as recited in claim 23, wherein the computer program code enabling the processor to determine whether the process is trusted by the file security system comprises: computer program code enabling the processor to identify a process name and a current destination address for the process; computer program code enabling the processor to compare the process name and the current destination address with a predetermined list of trusted processes and destination addresses; and computer program code enabling the processor to conclude that the process is trusted when the computer program code enabling the processor to compare determines that the process name and the current destination address are present within the list of trusted processes and destination addresses. 26. The computer readable storage medium as recited in claim 23, wherein the process has a current destination address associated therewith, and wherein the computer program code enabling the processor to determine determines whether the process is trusted by the file security system based on at least the current destination address. 27. The computer readable storage medium as recited in claim 26, wherein the current destination address is determined by monitoring a current destination address for each of a plurality of processes operating on the computer system. 28. The computer readable storage medium as recited in claim 27, wherein when a process being monitored for a current destination address has multiple windows, the current destination address for the process pertains to one of the windows in a foreground position. 29. The computer readable storage medium as recited in claim 26, wherein the computer readable storage medium further comprises: computer program code enabling the processor to permit access to the secured file when the computer program code enables the processor to determine determines that the process is not trusted; and computer program code enabling the processor to deny access to the secured file when the computer program code enables the processor to determine that the process is trusted and the computer program code enabling the processor to determine that the requester is not permitted to access an unsecured version of the secured file. 30. The computer readable storage medium as recited in claim 26, wherein the current destination address is one of a Universal Resource Identifier (URI) or a Universal Resource Locator (URL). 31. A computer system providing file security, comprising: an access control system configured to limit access to stored files based on at least access rules and trusted criteria, wherein the trusted criteria includes trust of the process and trust of an external destination of the process, wherein the external destination of the process is based on one or more of a destination address associated with the process and a current Universal Resource Locator (URL) associated with the process; a process configured to operate on the computer system; and a destination monitor configured to monitor an external destination of the process, wherein the access control module permits access to the stored, secured files only when the access rules are satisfied and the process, as well as the external destination, satisfy the trusted criteria. 32. The computer system as recited in claim 31, wherein the process pertains to a network browser operating on the computer system. 33. The computer system as recited in claim 32, wherein the destination monitor examines a resource being displayed in a foreground window of the network browser to determine the external destination that is being or is to be accessed by the network browser.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.