Securing decrypted files in a shared environment
First Claim
1. A method for securing decrypted files in a shared environment comprising the steps of:
- receiving a service request to open a document by a first driver in a kernel space;
issuing a call to a second driver in said kernel space to read a first file of said document located in a shared area, wherein said first file comprises encrypted data of said document;
transferring said encrypted data of said document to said first driver;
decrypting said encrypted data of said document; and
storing said decrypted data in a second file located in a non-shared area.
3 Assignments
0 Petitions
Accused Products
Abstract
A method, system and computer program product for securing decrypted files in a shared environment. A filter driver in a kernel space may be configured to control service requests to encrypted files stored in a shared area, e.g., a shared directory on a disk unit, accessible by multiple users. The filter driver may receive a service request to open an encrypted document in the shared area issued from an authorized user. Upon receiving the encrypted data, the filter driver may decrypt the encrypted data. The filter driver may subsequently store the decrypted data in a file in a non-shared area, e.g., a non-shared directory. The non-shared area may be accessible only by the authorized user that requested access to the encrypted file. By storing the decrypted data in a file in the non-shared area, a file once decrypted may be protected in a file sharing environment.
43 Citations
33 Claims
-
1. A method for securing decrypted files in a shared environment comprising the steps of:
-
receiving a service request to open a document by a first driver in a kernel space;
issuing a call to a second driver in said kernel space to read a first file of said document located in a shared area, wherein said first file comprises encrypted data of said document;
transferring said encrypted data of said document to said first driver;
decrypting said encrypted data of said document; and
storing said decrypted data in a second file located in a non-shared area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer program product having a computer readable medium having computer program logic recorded thereon for securing decrypted files in a shared environment, comprising:
-
programming operable for receiving a service request to open a document by a first driver in a kernel space;
programming operable for issuing a call to a second driver in said kernel space to read a first file of said document located in a shared area, wherein said first file comprises encrypted data of said document;
programming operable for transferring said encrypted data of said document to said first driver;
programming operable for decrypting said encrypted data of said document; and
programming operable for storing said decrypted data in a second file located in a non-shared area. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system, comprising:
-
a processor;
a memory unit coupled to said processor, wherein said memory unit is operable for storing a computer program operable for securing decrypted files in a shared environment, wherein the computer program is operable for performing the following programming steps;
receiving a service request to open a document by a first driver in a kernel space;
issuing a call to a second driver in said kernel space to read a first file of said document located in a shared area, wherein said first file comprises encrypted data of said document;
transferring said encrypted data of said document to said first driver;
decrypting said encrypted data of said document; and
storing said decrypted data in a second file located in a non-shared area. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification