Network based file storage system monitor

US 10,437,791 B1
Filed: 02/09/2016
Issued: 10/08/2019
Est. Priority Date: 02/09/2016
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method of monitoring files in a plurality of network based file storage systems, the method comprising:

at a monitoring computing device;

requesting user authorization to access a data archive associated with a user on the plurality of network based file storage systems;

receiving the user authorization to access the data archive associated with the user on the plurality of network based file storage systems;

periodically determining, over a network and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems;

monitoring a particular one of the one or more file system elements to determine an unauthorized access of the particular one of the one or more file system elements based upon the information about changes to the one or more file system elements;

determining, based upon a fingerprint of the particular one of the one or more file system elements, a set of users that have stored the particular one of the one or more file system elements in a plurality of data archives, each of the data archives associated with a respective user of the set of users on the plurality of network based file storage systems; and

responsive to deter mining an unauthorized access of the particular one of the one or more file system elements, providing a graphical user interface (GUI) with a list of the set of users and an indication that the unauthorized access occurred.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed in some examples are methods, systems, and machine readable mediums which monitor, archive, and version file system elements stored in one or more different network based file storage systems for one or more different users. Any changes to file system elements stored in the network based file storage systems are recorded and versioned. The system may allow users to revert to a previous version of a file system element, recover a deleted file system element, and the system allows for audits to determine which users placed a file system element in which network based file storage systems and determine which users had access to the file system element in the network based file storage systems. As a result, the disclosed system improves the end-user experience by providing versioning and auditing capabilities as well as allowing organizations to monitor and control their digital property in network based file storage systems.

Citations

19 Claims

1. A computer implemented method of monitoring files in a plurality of network based file storage systems, the method comprising:
- at a monitoring computing device;
  
  requesting user authorization to access a data archive associated with a user on the plurality of network based file storage systems;
  
  receiving the user authorization to access the data archive associated with the user on the plurality of network based file storage systems;
  
  periodically determining, over a network and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems;
  
  monitoring a particular one of the one or more file system elements to determine an unauthorized access of the particular one of the one or more file system elements based upon the information about changes to the one or more file system elements;
  
  determining, based upon a fingerprint of the particular one of the one or more file system elements, a set of users that have stored the particular one of the one or more file system elements in a plurality of data archives, each of the data archives associated with a respective user of the set of users on the plurality of network based file storage systems; and
  
  responsive to deter mining an unauthorized access of the particular one of the one or more file system elements, providing a graphical user interface (GUI) with a list of the set of users and an indication that the unauthorized access occurred.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - determining a first file path in a first format, for a first file system element of the one or more file system elements that is indicated as having changed in the information about changes, the first file path based upon second file path information in a second format corresponding to a source network based file storage system of the plurality of network based file storage systems;
      
      modifying an archive in a data storage device managed by the monitoring computing device using the first file path; and
      
      storing a copy of the first file system element in the archive at the first file path.
  - 3. The method of claim 2, wherein modifying the archive comprises storing a copy of the first file system element at the first file path as a second version of the file system element along with a previous version of the file system element.
  - 4. The method of claim 2, wherein the information about changes comprises, for each particular one of the set of one or more file system elements, a unique identifier for the particular one of the one or more file system elements and a unique identifier of a parent file system element in the network based file storage system.
  - 5. The method of claim 4, wherein determining the first file path in the first format for the first file system element of the one or more file system elements comprises:
    - executing a processing function to process metadata of an input file system element, the input file system element initially being the first file system element, the processing function;
      
      determining a parent file system element of the input file system element;
      
      recursively calling the processing function with the parent file system element of the input file system element as the input file system element until an input file system element has a parent that is a root of a file system of the network based file storage system or until an input file system element has a parent whose full path in the first format is known; and
      
      upon unwinding of the recursion, adding a name of the input file system element to a path, the path at each step of the unwinding being a full path of the input file system element in the first format, the path at the last unwinding being the first file path for the first file system element.
  - 6. The method of claim 5, wherein determining the parent file system element of the input file system element comprises:
    - determining that the input file system element is included in the information about changes; and
      
      identifying a unique identifier of the parent file system element from metadata associated with the input file system element in the information about changes.
  - 7. The method of claim 5, wherein determining the parent file system element of the input file system element comprises:
    - determining that the input file system element is not included in the information about changes; and
      
      using a second request to request metadata associated with the input file system element, the metadata including a unique identifier of the parent file system element of the input file system element and the name of the input file system element.
  - 8. The method of claim 1, comprising:
    - determining from a second network based file storage system second information about changes to one or more file system elements stored on the second network based file storage system;
      
      monitoring a second particular one of the one or more file system elements to determine an unauthorized access of the particular one of the one or more file system elements; and
      
      responsive to determining an unauthorized access of the second particular one of the one or more file system elements, providing a second indication in the GUI that the unauthorized access occurred.
  - 9. The method of claim 1, wherein providing the graphical user interface (GUI) with the list of the set of users comprises providing a list of users that have ever had the particular one of the one or more file system elements stored at any time.
  - 10. The method of claim 1, whereindetermining the unauthorized access comprises:
    - determining, based upon a fingerprint of a second file system element, which of a plurality of users has stored a specified version of the second file system element on either the network based file storage system or second network based file storage system; and
      
      wherein the method comprises displaying in a graphical user interface (GUI) a list of the plurality of users that have stored the specified version of the second file system element on either the network based file storage system or second network based file storage system.
  - 11. The method of claim 1, comprising:
    - responsive to determining the unauthorized access deleting the particular one of the one or more file system elements from the network based file storage system.
  - 12. The method of claim 1, wherein determining over the network, and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems comprises:
    - requesting the information about the changes from a particular one of the plurality of network based file storage systems.
  - 13. The method of claim 1, wherein determining over the network, and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems comprises:
    - receiving a push notification containing the list of changes from a particular one of the plurality of network based file storage systems.

14. A non-transitory machine readable medium, comprising instructions, which when performed by the machine, cause the machine to perform the operations comprising:
- at a monitoring computing device;
  
  requesting user authorization to access a data archive associated with a user on the plurality of network based file storage systems;
  
  receiving the user authorization to access the data archive associated with the user on the plurality of network based file storage systems;
  
  periodically determining, over a network and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems;
  
  monitoring a particular one of the one or more file system elements to determine an unauthorized access of the particular one of the one or more file system elements based upon the information about changes to the one or more file system elements;
  
  determining, based upon a fingerprint of the particular one of the one or more file system elements, a set of users that have stored the particular one of the one or more file system elements in a plurality of data archives, each of the data archives associated with a respective user of the set of users on the plurality of network based file storage systems; and
  
  responsive to determining an unauthorized access of the particular one of the one or more file system elements, providing a graphical user interface (GUI) with a list of the set of users and an indication that the unauthorized access occurred.
- View Dependent Claims (15, 16)
- - 15. The non-transitory machine readable medium of claim 14, wherein providing the graphical user interface (GUI) with the list of the set of users comprises providing a list of users that have ever had the particular one of the one or more file system elements stored at any time.
  - 16. The non-transitory machine readable medium of claim 14, comprising:
    - responsive to determining the unauthorized access deleting the particular one of the one or more file system elements from the network based file storage system.

17. A system comprising:
- a processor;
  
  a memory, including instructions, which when performed by the processor causes the system to perform the operations comprising;
  
  at a monitoring computing device;
  
  requesting user authorization to access a data archive associated with a user on the plurality of network based file storage systems;
  
  receiving the user authorization to access the data archive associated with the user on the plurality of network based file storage systems;
  
  periodically determining, over a network and using the authorization, from the plurality of network based file storage systems, information about changes to one or more file system elements stored on the plurality of network based file storage systems;
  
  monitoring a particular one of the one or more file system elements to determine an unauthorized access of the particular one of the one or more file system elements based upon the information about changes to the one or more file system elements;
  
  determining, based upon a fingerprint of the particular one of the one or more file system elements, a set of users that have stored the particular one of the one or more file system elements in a plurality of data archives, each of the data archives associated with a respective user of the set of users on the plurality of network based file storage systems; and
  
  responsive to determining an unauthorized access of the particular one of the one or more file system elements, providing a graphical user interface (GUI) with a list of the set of users and an indication that the unauthorized access occurred.
- View Dependent Claims (18, 19)
- - 18. The system of claim 17, wherein providing the graphical user interface (GUI) with the list of the set of users comprises providing a list of users that have ever had the particular one of the one or more file system elements stored at any time.
  - 19. The system of claim 17, further to perform operations comprising:
    - responsive to determining the unauthorized access deleting the particular one of the one or more file system elements from the network based file storage system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Crashplan Group LLC
Original Assignee
Code 42 Software Incorporated
Inventors
Bebchuk, Bradley, Clark, Peter, Howie, Jeffrey, Johnson, Marc Everett, Lindsay-Levine, Samuel, Mainz, Erik, Lindquist, Peter, Coopet, Mitch
Primary Examiner(s)
Thai, Hanh B

Application Number

US15/019,357
Time in Patent Office

1,337 Days
Field of Search

707781, 707821-822, 707736-740
US Class Current
CPC Class Codes

G06F 16/113   Details of archiving lifecy...

G06F 16/1734   Details of monitoring file ...

G06F 16/1824   implemented using Network-a...

G06F 16/1873   Versioning file systems, te...

G06F 16/2358   Change logging, detection, ...

Network based file storage system monitor

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Network based file storage system monitor

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links