System and method for intelligence based security
First Claim
1. A method for securing data, comprising:
- dynamically updating one or more intelligent security rules, each rule including at least one qualifier and at least one attribute;
maintaining the one or more intelligent security rules for use by an intelligent security filter operable to leverage the one or more intelligent security rules; and
encrypting data with the intelligent security filter in accordance with the one or more intelligent security rules in response to detection of a triggering file operation.
19 Assignments
0 Petitions
Accused Products
Abstract
Included in the present disclosure are a system, method and program of instructions operable to protect vital information by combining information about a user and what they are allowed to see with information about essential files that need to be protected on an information handling system. Using intelligent security rules, essential information may be encrypted without encrypting the entire operating system or application files. According to aspects of the present disclosure, shared data, user data, temporary files, paging files, the password hash that is stored in the registry, and data stored on removable media may be protected.
78 Citations
29 Claims
-
1. A method for securing data, comprising:
-
dynamically updating one or more intelligent security rules, each rule including at least one qualifier and at least one attribute;
maintaining the one or more intelligent security rules for use by an intelligent security filter operable to leverage the one or more intelligent security rules; and
encrypting data with the intelligent security filter in accordance with the one or more intelligent security rules in response to detection of a triggering file operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for securing data, comprising:
-
at least one processor;
a memory operably associated with the at least one processor; and
a program of instructions storable in the memory and executable by the processor, the program of instructions including at least one instruction operable to apply one or more security measures to data identified by one or more of a pathname, data type, file type, file system owner, file system attributes and running process attributes and owner, maintain the one or more security measures applicable to data while the data is not in use and remove the one or more security measures from data in response to an authorized request for access to the data. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A program of instructions embodied in a computer readable medium, the program of instruction including at least one instruction implementing a method for securing data, comprising:
-
storing a representation of data used by one or more programs in a secure location;
enabling removal of the representation from the secure location in response to a successful login;
placing the representation in a program accessible area in response to an application call requesting access to data represented by the representation; and
removing the representation from the program accessible area when the data represented by the representation is not in use. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A method for securing an information handling system, comprising:
-
removing one or more user credentials from a customary storage location;
storing the one or more user credentials in a secure location, the secure location separate from a customary user credential storage location; and
restoring the one or more user credentials to their customary location in response to an application call requiring access to the one or more user credentials, the user credentials restored to the customary location while in use. - View Dependent Claims (28, 29)
-
Specification