SYSTEM AND METHOD FOR DATA STORAGE FIREWALL ON DATA STORAGE UNIT
First Claim
1. A system for protecting files on a file storage unit capable of connecting to an external unit said file storage unit comprising:
- a physical file storage;
an external file interface for communicating with said external unit;
a storage firewall located in between said physical file storage and said external file interface containing file access rules for allowing or blocking requests between said external file interface and said physical file storage;
a policy mode indicator containing a policy mode for altering said file access rules of said storage firewall whereby said storage firewall is capable of allowing or blocking requests made by said external unit depending upon said file access rules and said policy mode of said policy mode unit.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method is introduced for implementing a storage firewall for protecting files when a storage device connects to a digital appliance. A storage device may connect to a number of appliances and is therefore at risk of getting infected with viruses and other malware risking subsequent transfer of these infections to other appliances. The storage device is further at risk of leaking sensitive information or loosing critical information. The storage firewall protects data on a storage device that connects to a digital appliance in various manners using a standard, unencrypted partition and a standard file system. Protected and unprotected files may reside homogeneously on the file system of the storage device. Using the storage firewall, files on digital appliance may be protected from infected files residing on storage device connected to digital appliance. No application is required to be activated on digital appliance when storage device connects to digital appliance. Protection is activated by default and carried out by storage device.
29 Citations
16 Claims
-
1. A system for protecting files on a file storage unit capable of connecting to an external unit said file storage unit comprising:
-
a physical file storage;
an external file interface for communicating with said external unit;
a storage firewall located in between said physical file storage and said external file interface containing file access rules for allowing or blocking requests between said external file interface and said physical file storage;
a policy mode indicator containing a policy mode for altering said file access rules of said storage firewall whereby said storage firewall is capable of allowing or blocking requests made by said external unit depending upon said file access rules and said policy mode of said policy mode unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of protecting files, some of which have restricted access conditions, from an external device the method comprising:
-
a. storing said files homogenously, b. identifying permissions of said stored files as either unrestricted files or restricted access files, c. calculating permissions for said stored files using said identified permissions of said stored files and a current policy mode, d. allowing full file accessibility functionality for said unrestricted files, whilst restricting file accessibility functionality to said restricted files according to said calculated permissions of said stored restricted access files. - View Dependent Claims (10, 11, 12, 13)
-
-
14. File storage device for storing files in blocks for subsequent access, the device comprising:
an externally accessible interface for accessing said files, and an internal inaccessible interface located above said block level access to limit access to certain files according to an indication associated with a respective file of a file access restriction, and an internal policy mode indicator containing a policy mode for altering access restrictions as indicated by said indication associated with a respective file of a file access restriction in respect to said policy mode. - View Dependent Claims (15, 16)
Specification