Enhanced metadata to authentically report the provenance of a file
First Claim
Patent Images
1. A computing system, comprising:
- a file broker configured to receive a notification, from a first security principal, indicating to write a file to a file system;
a first file utility configured to write the file, the first file utility being accessible to the first security principal via the file broker; and
a second file utility configured to write an identification of the first security principal and a trust level to the file from the first security principal into metadata associated with the file, the second file utility being inaccessible to the first security principal for writing.
1 Assignment
0 Petitions
Accused Products
Abstract
Aspects of the technology described herein can provide enhanced metadata to authentically report the provenance of a file. An exemplary computing device may have a file broker to receive an indication from a first security principal to write a file to a file system. The file broker can use one file utility to write the file, but use another file utility to write an identification of the first security principal and its opinion about the file into metadata associated with the file. Subsequently, the identification of the first security principal and its opinion may be used to authentically report the provenance of the file and applied in other security applications.
-
Citations
20 Claims
-
1. A computing system, comprising:
-
a file broker configured to receive a notification, from a first security principal, indicating to write a file to a file system; a first file utility configured to write the file, the first file utility being accessible to the first security principal via the file broker; and a second file utility configured to write an identification of the first security principal and a trust level to the file from the first security principal into metadata associated with the file, the second file utility being inaccessible to the first security principal for writing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method, comprising:
-
receiving a notification from a security principal to write a file to a file system; recording, via an operating system, a unique identifier of the security principal into metadata associated with the file; retrieving, via the operating system, the unique identifier of the security principal from the metadata; and determining a provenance of the file based at least in part on the unique identifier of the security principal. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. One or more computer storage hardware media comprising computer-implemented instructions that, when used by one or more computing devices, cause the one or more computing devices to:
-
receive a notification from a security principal to write a file to a file system; mandatorily record an identification of the security principal into metadata associated with the file wherein the security principal is prevented from altering the metadata; and write an opinion of the security principal about the file into the metadata associated with the file in response to a request of the security principal to write the opinion. - View Dependent Claims (17, 18, 19, 20)
-
Specification