최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | UP-0146207 (2002-05-14) |
등록번호 | US-7631184 (2009-12-16) |
발명자 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 29 인용 특허 : 330 |
Improved approaches for securing files that are derived from secured files are disclosed. In general, a secured file can only be accessed by authenticated users with appropriate access rights or privileges. Each secured file is provided with a header portion and a data portion, where the header port
Improved approaches for securing files that are derived from secured files are disclosed. In general, a secured file can only be accessed by authenticated users with appropriate access rights or privileges. Each secured file is provided with a header portion and a data portion, where the header portion contains, or points to, security information. The security information is used to determine whether access to associated data portions of secured files is permitted. These improved approaches can thus impose security on files that are derived from secured files. In one embodiment, files that are deemed derived from a secured file include files that are copies of the secured file. In another embodiment, files that are deemed derived from a secured file include files having content substantially similar to the content of the secured file.
What is claimed is: 1. A method for securing a copy of a secured file, the secured file having a header portion and a data portion, the header portion including at least access rules, and the data portion including at least data of the secured file, the method comprising: determining whether a file
What is claimed is: 1. A method for securing a copy of a secured file, the secured file having a header portion and a data portion, the header portion including at least access rules, and the data portion including at least data of the secured file, the method comprising: determining whether a file being closed is a copy of an existing secured file, wherein the determining comprises comparing a first signature of a portion of the file being closed with a second signature of a like portion of the existing secured file, and wherein when the first signature matches the second signature, the file being closed is deemed to be a copy of the existing secured file; and modifying a header portion of the file being closed to include at least a part of the header portion for the existing secured file when the determining determines that the file being closed is a copy of an existing secured file. 2. The method as recited in claim 1, wherein the modifying operates to include at least the access rules from the header portion of the existing secured file within the header portion of the file. 3. The method as recited in claim 1, wherein the signature is produced using a cyclic redundancy code. 4. The method as recited in claim 1, wherein when the first signature substantially matches the second signature, the file being closed is deemed to be a copy of the existing secured file. 5. The method as recited in claim 1, wherein when the first signature and the second signature are within a predetermined tolerance of being identical, the file being closed is determined to be a copy of the existing secured file. 6. The method as recited in claim 1, wherein the portion of the file being closed for the first signature is a first block of data of the data portion of the file being closed, and wherein the like portion of the existing secured file for the second signature is a first block of data of the data portion of the existing secured file. 7. The method as recited in claim 1, wherein the determining comprises: comparing a first signature of a portion of the file being closed with a second signature of a like portion of the existing secured file; and comparing a first file length for the file being closed with a second file length for the existing secured file. 8. The method as recited in claim 7, wherein when both the first signature matches the second signature and the first file length matches the second file length, the file being closed is deemed to be a copy of the existing secured file. 9. The method as recited in claim 7, wherein when both the first signature substantially matches the second signature and the first file length substantially matches the second file length, the file being closed is deemed to be a copy of the existing secured file. 10. The method as recited in claim 1, wherein the modifying step operates to include at least the access rules from the header portion of the existing secured file within the header portion of the file. 11. The method as recited in claim 1, wherein the method further comprises: encrypting the file being closed unless already encrypted. 12. The method as recited in claim 1, wherein the method further comprises: subsequently receiving, from a requester, a request to access the file to be closed after the file has been closed; and determining whether the requestor is authorized to access the closed file based on at least the access rules within the header portion of the existing secured file. 13. The method as recited in claim 1, wherein the file being closed is being closed with respect to a file system. 14. The method as recited in claim 1, wherein the determining step determines whether the file being closed is at least an approximate copy of the existing secured file. 15. The method as recited in claim 1, wherein the determining step determines whether the file being closed is an exact copy of the existing secured file. 16. A method for securing a copy of a secured file, the secured file having a header portion and a data portion, the header portion including at least access rules, and the data portion including at least data of the secured file, the method comprising: receiving a request to open the secured file, the request being initiated by a requestor associated with user privileges, wherein the requestor is one or more of a user, a group of users, and a user application; computing a first file signature based on at least a portion of the data portion of the secured file; storing the first file signature for the secured file; providing the data portion of the secured file to the requestor; subsequently receiving a request to close another file; computing a second file signature based on at least a portion of the data portion of the another file; determining whether the first file signature substantially matches the second file signature; and modifying the header portion of the another file to include at least the access rules of the secured file when the determining step determines that the first file signature substantially matches the second file signature, thereby securing the another file. 17. The method as recited in claim 16, wherein the method further comprises: encrypting the another file being closed unless already encrypted. 18. The method as recited in claim 16, wherein computing the first file signature is based on a decrypted version of at least a portion of the data portion of the secured file, and wherein computing the second file signature is based on a decrypted version of at least a portion of the data portion of the another file. 19. The method as recited in claim 16, wherein following the receiving and prior to computing the first file signature, the method further comprises: retrieving at least access rules from the header portion of the secured file; and determining whether the request to access the secured file by the requestor is permitted based on a comparison of the retrieved access rules with the user privileges. 20. The method as recited in claim 19, wherein computing the first file signature through the modifying is bypassed to deny the requestor access to the secured file when the determining determines that the requestor is not permitted access to the secured file. 21. The method as recited in claim 19, wherein the providing provides the data portion of the secured file to the requestor only when the determining step determines that the requestor is permitted access to the secured file. 22. The method as recited in claim 16, wherein the providing comprises: decrypting the data portion of the secured file; and providing the decrypted data portion of the secured file to the requestor. 23. The method as recited in claim 16, wherein the storing temporarily stores the first file signature together with at least the access rules of the header portion for the secured file. 24. The method as recited in claim 23, wherein the temporary storage is in a security information table. 25. The method as recited in claim 16, wherein the method further comprises: determining whether the another file is a new file; and wherein the computing a second file signature through the modifying is bypassed such that the another file is not secured when the determining determines that the another file is not a new file. 26. The method as recited in claim 25, wherein the determining operates to determine whether the length of the another file was zero while opened. 27. A method for securing copies of a secured file, the secured file having a header portion and a data portion, the header portion including at least access rules, and the data portion including at least data of the secured file, the method comprising: receiving, from a requester, a request to access the secured file; determining whether the requestor is authorized to access the secured file based on at least the access rules within the header portion of the secured file; when the determining determines that authorization is permitted, computing a file signature for at least a part of the data portion of the secured file, storing the file signature and at least a portion of the header portion in a security information table, decrypting data in the data portion, and returning the decrypted data to the requestor; when the determining determines that authorization is not permitted, denying the requester access to the data portion; determining whether a file being closed is a new file; when the determining determines that the secured file is a new file, computing a new file signature for at least a part of a data portion of the new file, and comparing the new file signature with file signatures stored in the security information table; and when the comparing indicates that the new file signature matches one of the file signatures in the security information table, securing the new file in the same manner by which the secured file is secured. 28. A computer readable medium having stored thereon computer program code that, if executed by a computer, causes the computer to perform a method for securing another file derived from of a secured file, the secured file having a header portion and a data portion, the header portion including at least access rules, and the data portion including at least data of the secured file, the method comprising: receiving a request to open the secured file, the request being initiated by a requestor associated with user privileges, wherein the requestor is one or more of a user, a group of users, and a user application; retrieving at least access rules from the header portion of the secured file; determining whether the request to access the secured file by the requestor is permitted based on a comparison of the retrieved access rules with the user privileges; providing the data portion of the secured file to the requestor when it is determined that the requestor is permitted to access the secured file; computing a first file signature based on at least a portion of the data portion of the secured file; storing the first file signature for the secured file; subsequently receiving a request to close another file; computing a second file signature based on at least a portion of the data portion of the another file; comparing the second file signature to the first file signature to produce comparison information; determining whether the another file should be secured based on the comparison information; and securing the another file when it is determined that the another file should be secured. 29. The computer readable medium as recited in claim 28, wherein the securing the another file modifies the header portion of the another file to include at least the access rules of the secured file. 30. The computer readable medium as recited in claim 29, wherein the securing the another file encrypts the another file being closed unless already encrypted. 31. The computer readable medium as recited in claim 29, wherein the computing the first file signature is based on a decrypted version of at least a portion of the data portion of the secured file, and wherein computing the second file signature does so based on a decrypted version of at least a portion of the data portion of the another file. 32. A method for securing a copy of a secured file having a header portion and a data portion, wherein the header portion includes at least access rules, and wherein the data portion includes at least data of the secured file, the method comprising: receiving a request to open the secured file, wherein the request is associated with a requestor having user privileges, wherein the requestor is one or more of a user, a group of users, and a user application; computing a first file signature based on at least a portion of the data portion of the secured file; storing the first file signature for the secured file; providing the data portion of the secured file to the requestor; subsequently receiving a request to close another file; computing a second file signature based on at least a portion of the data portion of the another file; determining whether the first file signature substantially matches the second file signature, wherein the determining operates to determine whether the length of the another file was zero while opened; modifying the header portion of the another file to include at least the access rules of the secured file when the determining determines that the first file signature substantially matches the second file signature, thereby securing the another file; and determining whether the another file is a new file, wherein the computing a second file signature through the modifying is bypassed such that the another file is not secured when the determining determines that the another file is not a new file.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.