최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0431387 (2009-04-28) |
등록번호 | US-8234477 (2012-07-31) |
우선권정보 | CA-2244626 (1998-07-31) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 15 인용 특허 : 230 |
A method of restricting file access is disclosed wherein a set of file write access commands are determined from data stored within a storage medium. The set of file write access commands are for the entire storage medium. Any matching file write access command provided to the file system for that s
A method of restricting file access is disclosed wherein a set of file write access commands are determined from data stored within a storage medium. The set of file write access commands are for the entire storage medium. Any matching file write access command provided to the file system for that storage medium results in an error message. Other file write access commands are, however, passed onto a device driver for the storage medium and are implemented. In this way commands such as file delete and file overwrite can be disabled for an entire storage medium.
1. A method for applying an operation access privilege to a storage medium, comprises: associating an access privilege with at least a portion of the storage medium;intercepting an attempted operation on said at least a portion of the storage medium, wherein said intercepting occurs regardless of an
1. A method for applying an operation access privilege to a storage medium, comprises: associating an access privilege with at least a portion of the storage medium;intercepting an attempted operation on said at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation;comparing the attempted operation to the access privilege; andallowing, or denying the attempted operation based on comparing the attempted operation to the access privilegewherein at least one of: said associating, said allowing, or said denying is based on enforcing a policy. 2. The method according to claim 1, wherein said allowing or said denying comprises at least one of allowing, or denying the attempted operation based on a content of a logical file associated with said at least a portion of the storage medium. 3. The method according to claim 2, wherein said allowing, or said denying comprises at least one of allowing, or cancelling the attempted operation based on the content of the file. 4. The method according to claim 1, wherein said allowing, or said denying the attempted operation comprises: allowing a create file operation to create a file associated with said at least a portion of the storage medium;evaluating a content of the file; andat least one of allowing, or deleting the file based on said evaluating. 5. The method according to claim 1, wherein said associating the access privilege comprises associating the access privilege with said at least a portion of the storage medium based on a file attribute of a logical file associated with said at least a portion of the storage medium. 6. The method according to claim 1, wherein said enforcing the policy comprises enforcing a retention policy comprising preventing said a least a portion of the storage medium in a retained state from being modified while a retention period of said at least a portion of the storage medium is unexpired. 7. The method according to claim 6, wherein said enforcing a retention policy is enforced for at least one of: a file name, a file attribute, a file path, or a file content, of a logical file associated with said at least a portion of the storage medium. 8. The method according to claim 6, wherein said enforcing a retention policy comprises determining if said at least a portion of the storage medium is eligible to enter the retained state based on a content of said at least a portion of the storage medium. 9. The method according to claim 8, wherein said determining comprises determining if said at least a portion of the storage medium is eligible to enter the retained state based on a content group associated with said at least a portion of the storage medium, the content group associated based on evaluating said at least a portion of the storage medium for pre-defined content. 10. The method according to claim 6, wherein said associating the access privilege comprises holding the retained state. 11. The method according to claim 10, wherein said holding the retained state comprises at least one of: suspending expiration of a retained state portion of the storage medium;suspending an unexpired retained state portion of the storage medium from entering an expired retained state;suspending clearing of a read only attribute of the retained state portion of the storage medium by setting a temporary attribute of the retained state portion of the storage medium; orsuspending deletion of an expired retained state portion of the storage medium. 12. The method according to claim 1, wherein said enforcing the policy comprises enforcing a retention policy comprising triggering one or more background processes when said at least a portion of the storage medium enters a retained state. 13. The method according to claim 12, wherein the one or more background processes comprises at least one of: creating metadata for the retention;identifying the user retaining said at least a portion of the storage medium;storing user identification for the user retaining said at least a portion of the storage medium;identifying the retention policy retaining said at least a portion of the storage medium;storing the retention policy retaining said at least a portion of the storage medium;generating a digital signature of the content of said at least a portion of the storage medium;generating a digital signature comprising a hash of the content of said at least a portion of the storage medium;generating a digital signature of the content of at least one of a default data stream associated with a file associated with said at least a portion of the storage medium or one or more alternate data streams associated with the file associated with said at least a portion of the storage medium;storing the digital signature;determining if any other policies apply;creating at least one of an alternate data stream or an extended attribute to store the metadata;encrypting hash keys for the metadata; orstoring the hash keys. 14. The method according to claim 6, wherein said enforcing the retention policy comprises triggering retention of said at least a portion of the storage medium based on at least one of: the attempted operation;setting a read-only attribute of the file;renaming the file to a file name;renaming the file to a particular name;resizing the file;resizing the file to a particular size;creating an extended attribute associated with the file; orcreating an alternate data stream associated with the file. 15. The method according to claim 6, wherein said enforcing the retention policy comprises enforcing an archive policy comprising queuing said at least a portion of the storage medium to be copied to an alternate media, when said at least a portion of the storage medium is retained. 16. The method according to claim 1, wherein said allowing, or said denying the attempted operation comprises forcing a secure erasure for a delete operation on said at least a portion of the storage medium, wherein the secure erasure comprises at least one of overwriting the content of said at least a portion of the storage medium or overwriting an alternate data stream associated with said at least a portion of the storage medium. 17. The method according to claim 1, wherein said allowing, or said denying comprises at least one of: allowing the operation on a directory if the directory is empty; ordenying the operation on the directory if the directory is not empty. 18. The method according to claim 1, wherein said allowing, or said denying comprises at least one of allowing, or denying the attempted operation based on at least one of an application or a process attempting the attempted operation. 19. The method according to claim 18, wherein said allowing, or said denying the attempted operation based on at least one of the application or the process comprises at least one of: allowing the attempted operation for at least one of a named or a registered process;denying the attempted operation for at least one of the named or the registered process; orallowing the attempted operation for a privileged application, the privileged application comprising an application operable to be authenticated via a digital signature. 20. The method according to claim 1, wherein said enforcing the policy comprises enforcing a policy based on an application, the policy comprising at least one of: enforcing application based intercepting of the attempted operation;disabling an operation option provided to the user;expanding the scope of an operation based on the application; orat least one of allowing, or denying the attempted operation based on validating a child object of a parent object of an attempted operation. 21. The method according to claim 1, wherein said enforcing the policy comprises enforcing a secure time routine, the routine comprising at least one of: using a secure clock;maintaining a system clock comprising using the secure clock;accounting for deviations based on inaccuracies of the secure clock;verifying operation of a secure clock or authenticating the secure clock;at least one of: denying at least one attempted operation,preventing said at least a portion of the storage medium from being retained, orrendering the storage medium read-only, if the secure clock can not be at least one of: verified or authenticated; orrunning the secure clock independent of a server. 22. A method for intercepting attempted access to at least a portion of a storage medium, comprises: receiving at least one of an attempted access operation to gain access to or from, or an attempted write operation to write data to, the at least a portion of the storage medium;intercepting at least one of said attempted access operation or said attempted write operation, prior to permitting or not permitting said operation on the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation;determining whether the attempted operation is permitted based upon at least one of a privilege, a policy, a rule, or a determination; andpermitting, or not permitting the attempted operation based on said determining whether the attempted operation is permitted wherein said at least one permitting or not permitting is based on enforcing said at least one privilege, policy, rule or determination. 23. The method according to claim 22, wherein said at least one privilege, policy, rule or determination comprises analyzing content of said data. 24. The method according to claim 23, wherein said analyzing content comprises determining whether access or storage of said content is permitted based on said at least one privilege, policy, rule, or determination. 25. The method according to claim 23, wherein said determination comprises: determining if an operation is eligible to be executed on a file, based on the content of the file. 26. The method according to claim 25, wherein said content is analyzed for existence of at least one of: a social security number,a credit card number,other private personal information,a type of content,inappropriate content, orharmful content. 27. The method according to claim 26, wherein said harmful content comprises at least one of: a computer virus,malware,adware,spyware,a computer worm,a harmful file, ora malicious file. 28. The method according to claim 27, wherein the method further comprises: preventing said harmful content from at least one of: being created, or being stored. 29. The method according to claim 27, wherein the method further comprises: allowing a file of said harmful content to be created to evaluate the contents of the harmful file, anddeleting the harmful file if the file is determined to be harmful. 30. The method according to claim 22, further comprising: receiving at least one of a restriction or a policy to at least one of allow or disallow, at least one of an application or a process, from performing at least one operation. 31. The method according to claim 22, further comprising receiving a rule, wherein at least one operation normally restricted is allowed by at least one named or registered process. 32. The method according to claim 22, further comprising receiving a rule, wherein at least one operation normally allowed is disallowed by at least one named or registered process. 33. The method according to claim 22, wherein the method comprises: identifying a process belonging to a computer virus, anddisallowing the process belonging to the computer virus from performing any operation. 34. The method according to claim 22, wherein the method comprises: identifying a particular type of a process, andat least one of: allowing the process to perform at least one operation, ordisallowing the process from performing at least one operation, based on the particular type of the process identified. 35. The method according to claim 22, wherein the method comprises at least one trap layer. 36. The method according to claim 35, wherein said at least one trap layer comprises at least one of: a file system layer,a software layer,an application layer,an operating system layer, ora hardware layer. 37. The method according to claim 35, wherein the method comprises executing a trap layer on at least one of: a hardware device,a device running a Windows OS,a device running a UNIX OS,a device running a Mac OS,a device running an OS,a file system,a Windows file system,an NTFS file system,a UNIX file system,a Solaris file system,an Apple file system,a UNIX file system,a physical device,a physical medium device,a storage medium device,a network device,a computing device,a cell phone,a communications device,a handheld device,a computer,a wireless phone device,a telephony device,a phone, ora personal digital assistant (PDA). 38. The method according to claim 22, wherein said determining comprises at least one of: an application based restriction, an application based policy, a process based restriction, a process based policy, a content based restriction, or a content based policy. 39. The method according to claim 22, wherein a restriction or policy for a process may be based on content of one or more files supporting a process. 40. The method according to claim 22, comprising: evaluating content of a file wherein said file launches a process; andlaunching the process to determine at least one restriction or policy for the process. 41. The method according to claim 40, comprising: determining a harmful process belongs to a virus based on said launching; anddisabling at least one operation for said harmful process. 42. The method of claim 22, wherein said intercepting is performed by a file system. 43. The method of claim 22, further comprising at least one of: receiving at least one of said privilege, said policy, said rule, or said determination relating to a given file;assigning metadata to a given file relating to operations permitted on said given file;assigning metadata to a given file relating to validating contents of a given file; orconfirming contents have not been modified or tampered comprising at least one of: a hash, a hash key, an SHA hash, an encryption key, or a digital signature. 44. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising at least one of: interacting between said trap layer and at least one other component;retrieving additional information by said trap layer; ordetermining a role said trap layer will perform comprising whether to at least one of: allow, reject, or modify a request. 45. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising: triggering by said trap layer initiating other actions comprising at least one of: performing a secure erasure,instructing to shred physical file,deleting a given file if said given file can be deleted, orperforming additional operations comprising at least one of: initiating shredding physical contents of a file if file can be deleted,initiating shredding on all delete operations, orinitiating shredding conditional on some files or some volumes, depending on policies. 46. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising: triggering by said trap layer initiating other actions comprising at least one of: intercepting a delete operation, anddetermining when to actually erase contents with a specific pattern, wherein, at least one of:an erasure comprises overwriting at least one of a physical content or segment of a file more than once with a predetermined pattern;an erasure is triggered immediately; oran erasure is tagged when the file is marked for deletion and at least one of: the actual erasure takes place once the file is closed, depending on file system; orthe erasure is performed on file cleanup after the file is closed, and all handles or channels are closed. 47. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising: triggering by said trap layer initiating other actions comprising at least one of: creating file signatures upon certain conditions comprising when the file retention is triggered comprising at least one of: creating said file signature when the file is finally closed and is no longer modified;creating said file signature triggered immediately; orcreating said file signature when the file is in final cleanup and all handles or channels are closed, or contents are flushed from the cache. 48. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising at least one of: triggering by said trap layer initiating other actions comprising at least one of: intercepting at least one of: a plurality of file types; at least one directory; or alternate data streams;interrogating contents of at least one directory to enable additional operations comprising at least one of: determining if said at least one directory is empty, or not,determining whether to allow at least one of rename, or delete operations,determining if the at least one directory is not empty and if not empty, then at least one of: rejecting all delete operations,rejecting all rename operations, or rejecting all move operations, ordetermining if the at least one directory is not empty, and if not empty, then at least one of: allowing all operations, orallowing certain operations;intercepting an open directory for enumeration operation to prevent browsing of at least one directory contents comprising at least one of: allowing file and directory operations that are for a specific file or directory name to succeed, but making operations enumerating contents fail;intercepting similar operations comprising at least one of: modifying security, adding or removing files, changing attributes, or adding or removing directories;intercepting operations to the default data stream portion of a file, or alternate data streams, and conditionally allowing, disallowing, or modifying such requests depending on policies; ordetermining policies dynamically by at least one of: querying a parent directory, querying a parent volume, querying associated policies, defining policies at an individual object level, forcing additional operations, or triggering other operations. 49. The method of claim 22, wherein said intercepting is performed by a trap layer at a level wherein said trap layer automatically encrypts or decrypts contents of a logical storage volume or medium, and at least one of: wherein if the trap layer is unavailable then contents are obscured by the encryption of the contents on the physical volume;wherein if the trap layer determines conditions are normal, then the trap layer allows access to the volume and decrypts contents allowing the actual files to be accessed as a normal file system; orwherein if the trap layer determines that conditions are abnormal, then the trap layer rejects all access requests. 50. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising at least one of: triggering by said trap layer initiating other actions comprising at least one of: intercepting an additional partition, or volume management operations, anddepending on the protection policies, at least one of allows or disallows said volume management operations, or modifies said volume management operations to prohibit any anomalies comprising at least one of: preventing delete or format operations on protected partitions; orintercepting other operations comprising at least one of snapshot creation, or dismount operations, or partition resizing (comprising shrinking or expansion). 51. The method of claim 22, wherein said intercepting is performed by a trap layer further comprising at least one of: wherein said trap layer is implemented in a hardware layer below the file system to at least one of: validate and compare byte streams, or look for digital signatures;wherein said trap layer interacts with additional components on the hardware level to at least one of: determine additional operations or restrictions, or to trigger additional actions within the trap layer, or to trigger additional actions at the hardware layer;wherein said trap layer triggers additional actions on a physical storage device comprising at least one of: triggering certain logical, or physical sectors of the storage medium to become un-readable, un-writable; or un-modifiable;wherein said trap layer enables defining a type of storage technology where certain deficiencies or shortcomings of a given physical medium is exploited to achieve a secure, tamper proof, type of storage medium comprising at least one of: triggering such media with known limitations on the number of re-writes to mark certain sectors as permanently un-modifiable as if the number re-writes have been exhausted;triggering such media with known limitations on the number of re-writes to mark certain sectors as permanently unreadable or corrupt as if the number re-writes have been exhausted or it is physically corrupt;applying to various media types comprising at least one of: flash drives or NAND; ormarking physical media as destroyed and permanently unreadable at the physical hardware level;wherein said trap layer interacts with other components comprising control of system time, comprising at least one of:a. controlling incorporatinge the use of monitoring tools or components that intercept or poll the system time and determine whether system time is within an allowed range or not, comprising at least one of: i. providing a time source that is used that is external or internal to the system to validate the system time relative to at least one of GMT or universal time, orii. allowing for a small deviation by the algorithm, based on the actual time source that allows for variance in time based on how long the clock has been running;b. wherein if the system time is changed beyond an allowed deviation, then external tools provide for at least one of: i. attempting to reset time and date according to average deviation time applied to how long the clock has been running, orii. if such attempt fails, then triggering trap layer to at least one of: locking down at least one storage volume or repository, orpreventing any modifications, or preventing all access; orc. wherein time management system is self learning comprising: monitoring average deviation or maintaining an average on an ongoing basis at a regular interval resulting in an average number of seconds per period and at least one of: i. when the system starts up, the time management component gets the system time and compares it to the time source (clock) and applies the average deviation to how long the clock has been running to determine whether it is within the allowable range or not;ii. when if the extenal clock or time source is unavailable at boot time then the system is considered unsecure and the time is considered unverifiable and hence the system is locked down and all volumes are at least one of: set to read-only, or prevented from access by triggering such states on the trap layer associated with such volumes and partitions;iii. when the system is running, the time management establishes a reference time and polls the system time at a regular interval, knowing what time to expect and hence it not necessarily having to query the time source for any additional time, and in this case any attempt to alter the time outside what is projected is reset accordingly and if the reset fails, then the system is set in an unsecure state and the trap layer is notified accordingly which triggers locking the volume, or taking the volume offline;iv. when in the event the system is set to sleep, and then is woken up, then the time management tools detect that state and take the appropriate action to determine what the correct time is and reset accordingly, and failure to reset triggers an unsecure state and the associated locking of volumes in read-only or preventing all access;v. when in some cases it is necessary to poll the physical external source to validate what the time is regardless of the projected time just in case the time management monitoring tools are unable to determine whether the system was asleep or not; and applies the same algorithm to reset the time accordingly;vi. when in the event the secure time source or clock cannot be validated or queried then the unsecure state is triggered;vii. when under a condition, if the time management tools are shutdown or the the system locks down, and the trap layer prevents any access or modification of the volumes;viii. when time management cannot be overridden, then changing the system motherboard, or BIOS battery cannot overrule the secure time; orix. when the secure time source incorporates additional secure signatures or validation to determine that it is a trusted source, the system cannot be bluffed or spoofed, and such signatures and identifiers incorporate combinations of at least one of a hash code, an encryption, or a unique identified time on the time source itself; ord. wherein time management is incorporated as whole or partially within the trap layer; ore. wherein the system further comprises retention integration comprising secure communication with authorized applications at least one of external to the data management system, or in a partner application, wherein at least one of: wherein, with these definitions, trusted and secure components can have certain privileges that allow the setting of the state of the individual files and directories under certain state and allow exclusive access to managing such state to the trusted applications; orwherein, these controls limit what operations comprising at least one of:file retention manipulation can be performed, when files can be retained, when the retention can be extended, when the file can be excluded from retention, or when the file is to be deleted, or eventually erased by the trap layers. 52. A method for intercepting an attempted download of data to at least a portion of a storage medium, comprising: receiving at least one attempted download operation to receive the data to store the data on the at least a portion of the storage medium;intercepting the at least one attempted download operation, prior to permitting the at least one attempted download operation on the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation;determining whether the at least one attempted download operation is permitted based upon analysis of the content of the data, wherein the analysis identifies harmful content comprising at least one of:a computer virus,malware,adware,spyware,a computer worm,a harmful file,inappropriate content, ora malicious file; andpermitting, or not permitting the at least one attempted download operation based on said determining. 53. The method of claim 52, wherein the analysis is performed on at least one of a same or a different device than the device comprising the storage device. 54. A method for intercepting an attempted operation on at least a portion of a storage medium, comprising: receiving at least one attempted operation to operate on data with respect to the at least a portion of the storage medium;intercepting said at least one attempted operation, prior to permitting said at least one attempted operation with respect to the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation;determining whether the at least one attempted operation is permitted based upon analysis of the content of the data, wherein the analysis identifies content comprising at least one of: a social security number,a credit card number,other private personal information,harmful content,a computer virus,malware,adware,spyware,a computer worm,a harmful file,inappropriate content, ora malicious file; andpermitting, or not permitting the attempted operation based on said determining. 55. The method of claim 54, wherein the analysis is performed on at least one of: a same or a different device than the device comprising the storage device. 56. The method of claim 54, wherein the attempted operation comprises at least one of: reading from,accessing,writing to,sending to, orreceiving from, the at least a portion of the storage device. 57. The method of claim 54, wherein said intercepting comprises: intercepting a request for said at least one attempted operation, and at least one of: waiting for a user intervention, orwaiting for a determination whether the operation should be allowed. 58. The method of claim 54, wherein said intercepting comprises: determining or validating at least one of a signature or another identifier of a file comprising: determining if said file is one of: known origin, or unknown. 59. The method of claim 58, wherein said intercepting comprises: intercepting all operations on the unknown files; anddepending on a policy, determining an action to be taken comprising at least one of: suspending operation until at least one of a user intervention, or an administrator intervention; ordenying and rejecting at least one of said attempted operations on unknown files. 60. The method of claim 44, wherein said intercepting comprises: intercepting said at least one attempted operation; anddepending on at least one policy, at least one of: modifying said at least one attempted operation to at least one of: prevent modification,triggering an action; ortriggering a delete on file close;modifying a privilege on a file open operation to at least one of: removing write access, orprohibiting write access; ormarking a file for deletion, and upon file close automatically deleting the file if the file violates the at least one policy.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.