Systems and methods for providing real time security and access monitoring of a removable media device
DCFirst Claim
1. A method comprising:
- detecting a removable media device being coupled to an external device port of a digital device, the digital device having an operating system and a file system, the removable media device having a login module;
causing, after detecting the removable media device being coupled to the external device port of the digital device, at least a portion of redirection code to be generated on the digital device by the login module of the removable media device, the redirection code including an interceptor, a data security policy, and a data security process;
intercepting, using the interceptor, a first function call to the operating system or the file system of the digital device before the first function call is executed by the operating system or the file system, the first function call including a request of the operating system or the file system to retrieve data from or write data to the removable media device, the first function call being initiated by a particular user or a particular application; and
performing a set of one or more second function calls in response to intercepting the first function call, the set of one or more second function calls not including the first function call, the set of one or more second function calls including a data-security-based second function call, the data-security-based second function call causing the steps of;
executing the data security process, the data security process determining whether the particular user or the particular application is authorized to retrieve the data from or write the data to the removable media device, and thus whether to allow the first function call based at least on results of the data security process; and
allowing the operating system or the file system to execute the first function call in response to a determination to allow the first function call.
3 Assignments
Litigations
0 Petitions
Accused Products
Abstract
In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.
-
Citations
21 Claims
-
1. A method comprising:
-
detecting a removable media device being coupled to an external device port of a digital device, the digital device having an operating system and a file system, the removable media device having a login module; causing, after detecting the removable media device being coupled to the external device port of the digital device, at least a portion of redirection code to be generated on the digital device by the login module of the removable media device, the redirection code including an interceptor, a data security policy, and a data security process; intercepting, using the interceptor, a first function call to the operating system or the file system of the digital device before the first function call is executed by the operating system or the file system, the first function call including a request of the operating system or the file system to retrieve data from or write data to the removable media device, the first function call being initiated by a particular user or a particular application; and performing a set of one or more second function calls in response to intercepting the first function call, the set of one or more second function calls not including the first function call, the set of one or more second function calls including a data-security-based second function call, the data-security-based second function call causing the steps of; executing the data security process, the data security process determining whether the particular user or the particular application is authorized to retrieve the data from or write the data to the removable media device, and thus whether to allow the first function call based at least on results of the data security process; and allowing the operating system or the file system to execute the first function call in response to a determination to allow the first function call. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 18, 19)
-
-
9. A system comprising:
-
an operating system of a digital device configured to detect a removable media device being coupled to an external device port of the digital device; one or more processors; memory coupled to the one or more processors, the memory storing instructions to instruct the one or more processors to implement; a login module configured to cause, after detecting the removable media device being coupled to the external device port of the digital device, at least a portion of redirection code to be generated on the digital device, the redirection code including an interceptor, a data security policy, and a data security process, the interceptor configured to intercept a first function call to the operating system of the digital device before the first function call is executed by the operating system, the first function call including a request of the operating system to retrieve data from or write data to the removable media device, the first function call being initiated by a particular user or a particular application, the data security process configured to perform a set of one or more second function calls in response to intercepting the first function call, the set of one or more second function calls not including the first function call, the data security policy configured to evaluate data on the removable security device for malware, and the data security policy configured to determine whether to allow the first function call based at least on results of the data security process. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 20, 21)
-
-
17. A non-transitory computer readable media comprising instructions, the instructions executable by a processor to perform a method, the method comprising:
-
detecting a removable media device being coupled to an external device port of a digital device, the digital device having an operating system and a file system, the removable media device having a login module; causing, after detecting the removable media device being coupled to the external device port of the digital device, at least a portion of redirection code to be generated on the digital device by the login module of the removable media device, the redirection code including an interceptor, a data security policy, and a data security process; intercepting, using the interceptor, a first function call to the operating system or the file system of the digital device before the first function call is executed by the operating system or the file system, the first function call including a request of the operating system or the file system to retrieve data from or write data to the removable media device, the first function call being initiated by a particular user or a particular application; and performing a set of one or more second function calls in response to intercepting the first function call, the set of one or more second function calls not including the first function call, the set of one or more second function calls including a data-security-based second function call, the data-security-based second function call causing the steps of; executing the data security process, the data security process determining whether the particular user or the particular application is authorized to retrieve the data from or write the data to the removable media device, and thus whether to allow the first function call based at least on results of the data security process; and allowing the operating system or the file system to execute the first function call in response to a determination to allow the first function call.
-
Specification