System and method of protecting files from unauthorized modification or deletion

US 20080120727A1
Filed: 06/22/2007
Published: 05/22/2008
Est. Priority Date: 11/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a write request for a file;

creating a temporary file associated with the file in response to the write request, the temporary file having a setting to restrict write access to only a component that created or opens the temporary file; and

closing the temporary file to enable a component that initiated the write request to access the temporary file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment of the invention, a method comprises receiving a write request for a file. A temporary file associated with the file is created in response to the write request. A write-lock is applied to the temporary file, namely the file includes a setting that restricts write access to only a component that created or opens the temporary file. Thereafter, the temporary file is closed to disable the write-lock and to enable a component that initiated the write request to access the temporary file.

44 Citations

View as Search Results

17 Claims

1. A method comprising:
- receiving a write request for a file;
  
  creating a temporary file associated with the file in response to the write request, the temporary file having a setting to restrict write access to only a component that created or opens the temporary file; and
  
  closing the temporary file to enable a component that initiated the write request to access the temporary file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising receiving authentication data when the temporary file is opened by the component that initiated the write request.
  - 3. The method of claim 2 further comprising receiving notification that data has been written to the temporary file.
  - 4. The method of claim 3 further comprising:
    - reading the data written to the temporary file;
      
      generating a write data value based on the data written to the temporary file; and
      
      comparing the write data value with the authentication data.
  - 5. The method of claim 4 further comprising updating the file with the write data if a match is detected between the write data value and the authentication data.
  - 6. The method of claim 5 wherein the reading of the data written to the temporary file comprises creating a second temporary file with read access, reading the data written to the temporary file and closing the second temporary file.
  - 7. The method of claim 1 further comprising:
    - receiving a read request for the file;
      
      creating a second temporary file with write access allowed exclusively for a security agent responsible for controlling secured access to data;
      
      writing data from a data backup component of the security agent to the second temporary file, the data backup component including the data that corresponds to data currently in the file; and
      
      opening the second temporary file with read access to read the data.
  - 8. The method of claim 7 further comprising closing the second temporary file after the data has been read.
  - 9. The method of claim 1, wherein the receiving of the write request includes receiving a command including a password and a filename, the password being information used to authentication origination of subsequent commands before creating the temporary file.

10. Software stored in machine-readable medium of a computing device and, when executed, protect both static and dynamic files stored within the computing device from unauthorized modification or deletion, the software comprising:
- a communication component adapted to control communications with and receive a Write command associated with a file from a program; and
  
  a security agent operating as an intermediary between the program and an operating system of the computing device, the security agent to receive the Write command and to create a first temporary file associated with the file, the first temporary file is created with file-sharing settings that restrict write access of the first temporary file by only the security agent.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The software of claim 10 wherein the security agent creates the first temporary file that also precludes a write or read access to the first temporary file by any component other than the security agent.
  - 12. The software of claim 10 wherein the security agent to notify the program that the Write command cannot be fulfilled if the security agent cannot create the first temporary file.
  - 13. The software of claim 10 wherein the security agent to receive a Read command and to initiate an operation to create a second temporary file to obtain data written to the first temporary file during the Write command.
  - 14. The software of claim 10 further comprising a command handler component to parse the Write command and return a status of operation message that includes a result value to identify whether the Write command was processed correctly.

15. A computing device, comprising:
- a processor;
  
  a hard disk drive to store an operating system; and
  
  a security agent stored within the hard disk drive, the security agent operating as an intermediary between a component of the computing device and the operating system, the security agent to create and use temporary files associated with a file to be modified in order to protect the file from unauthorized modification or deletion.
- View Dependent Claims (16, 17)
- - 16. The computing device of claim 15 wherein the security agent to create a first temporary file in response to a Write command from the component, the first temporary file having a setting to restrict write access to only a component that created or opens the file.
  - 17. The computing device of claim 15 wherein the security agent to create a first temporary file in response to a Read command from the component, the first temporary file having a setting to deny write access and allow read access of the first temporary file by a plurality of components within the computing device including the component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Lee, Charles, Hall, David N.

Granted Patent

US 8,239,674 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/30
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 2221/2147 Locking files

System and method of protecting files from unauthorized modification or deletion

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of protecting files from unauthorized modification or deletion

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links