Detection and Management of Controlled Files

US 20090094679A1
Filed: 06/22/2007
Published: 04/09/2009
Est. Priority Date: 06/22/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a security policy from a remote server, said security policy defining at least one protected element and a disposition action for a file containing said protected element;

scanning a file system for said at least one protected element;

finding a first file containing said protected element; and

performing said disposition action on said first file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A remote device may receive a policy definition, search a file system for files that are to be protected, and disposition identified files to protect the files. After completing the protection, a report is generated and transmitted to a centralized location. The policy definition may include keywords, directory paths, metadata, or other information that may be used to identify files for protection. After identification, the files may be dispositioned by removal, tagging, encrypting, applying rights management, or other actions.

Citations

20 Claims

1. A method comprising:
- receiving a security policy from a remote server, said security policy defining at least one protected element and a disposition action for a file containing said protected element;
  
  scanning a file system for said at least one protected element;
  
  finding a first file containing said protected element; and
  
  performing said disposition action on said first file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, said security policy further comprising a disposition action for a directory for said file.
  - 3. The method of claim 1, said at least one protected element comprising at least one of a group composed of:
    - a keyword;
      
      a file name extension;
      
      a link to a protected object;
      
      a filename; and
      
      a metadata element.
  - 4. The method of claim 3, said metadata element comprising at least one of a group composed of:
    - tags for said file; and
      
      properties for said file.
  - 5. The method of claim 1, said disposition action comprising at least one of a group composed of:
    - encrypting said file;
      
      deleting said file;
      
      applying rights management to said file;
      
      modifying metadata for said file; and
      
      applying security descriptors to said file.
  - 6. The method of claim 1 further comprising:
    - generating a report based on said scanning and said performing said disposition action.
  - 7. The method of claim 6 further comprising:
    - transmitting said report to said remote server.
  - 8. A computer readable medium comprising computer executable instructions adapted to perform the method of claim 1.

9. A method comprising:
- defining a security policy, said security policy defining at least one protected element and a disposition for a file containing said at least one protected element;
  
  transferring said security policy to a remote device, said remote device being adapted to;
  
  scan a file system for said at least one protected element to find a first file; and
  
  apply said security policy to said first file;
  
  receive a report from said remote device, said report being based on said scanning and said applying.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, said at least one protected element comprising at least one of a group composed of:
    - a keyword;
      
      a file name extension;
      
      a link to a protected object;
      
      a filename; and
      
      a metadata element.
  - 11. The method of claim 9, said security policy being pulled by said remote device.
  - 12. The method of claim 9, said disposition action comprising at least one of a group composed of:
    - encrypting said file;
      
      deleting said file;
      
      applying rights management to said file;
      
      modifying metadata for said file; and
      
      applying security descriptors to said file.
  - 13. A computer readable medium comprising computer executable instructions adapted to perform the method of claim 9.

14. A system comprising:
- a policy generator adapted to generate a security policy defining at least one protected element and a disposition for a file containing said protected element;
  
  a file scanner operable on a remote device and adapted to;
  
  scan a file system for said at least one protected element to find a first file; and
  
  apply said security policy to said first file.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14, said at least one protected element comprising at least one of a group composed of:
    - a keyword;
      
      a file name extension;
      
      a link to a protected object;
      
      a filename; and
      
      a metadata element.
  - 16. The system of claim 14, said policy generator being connected to said remote device by a network.
  - 17. The system of claim 14, said disposition action comprising at least one of a group composed of:
    - encrypting said file;
      
      deleting said file;
      
      applying rights management to said file;
      
      modifying metadata for said file; and
      
      applying security descriptors to said file.
  - 18. The system of claim 14, said file scanner further adapted to:
    - generate a report based on said scanning.
  - 19. The system of claim 18 further comprising:
    - a report database adapted to store said report.
  - 20. The system of claim 14 being comprised in computer executable instructions on a computer readable media.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Canning, William, Smith-Lonergan, Michael

Granted Patent

US 8,332,907 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/6218 to a system of files or obj...

Detection and Management of Controlled Files

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Detection and Management of Controlled Files

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links