Integrated file level cryptographical access control
First Claim
1. A system for controlling access to secure computer files, comprising:
- a local computer having a memory, a processor and one or more network connections, further comprising;
an encryption database to store information relating to encrypted files and encryption algorithms;
a user interface communicatively linked to the encryption database;
an administrator interface communicatively linked to the encryption database independently of the user interface; and
a file system gateway communicatively linked to the encryption database.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided herein are systems and methods for an Integrated File Level Cryptographical Access Control (IFLCAC). The system comprises, on a local computer, an encryption database to store information relating to encrypted files and encryption algorithms, a user interface communicatively linked to the encryption database, an administrator interface communicatively linked to the encryption database independently of the user interface, and a file system gateway communicatively linked to the encryption database that resides above and operates independently of the file system and transparently to any calling application on the local computer. Also provided are methods of using the IFLCAC system and a computer program product comprising a memory tangibly storing computer executable instructions for the IFLCAC system and method and one or more computer readable media tangibly storing computer executable instructions for the IFLCAC system and method.
-
Citations
31 Claims
-
1. A system for controlling access to secure computer files, comprising:
a local computer having a memory, a processor and one or more network connections, further comprising; an encryption database to store information relating to encrypted files and encryption algorithms; a user interface communicatively linked to the encryption database; an administrator interface communicatively linked to the encryption database independently of the user interface; and a file system gateway communicatively linked to the encryption database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
22. One or more computer readable media having tangibly stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to perform actions to:
-
a) intercept an application call to request access to a file in a file system on a computer via the file system gateway; b) query the encryption database to determine if the file is secured; c) receive the file security information from the encryption database; d) send the application request down to the file system; e) decrypt any secured file information returned from the file system after acting upon the request; and f) return the decrypted information to the calling application, wherein the processor performs the actions transparently to the calling application. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification