SYSTEMS AND METHODS FOR FILE ACCESS AUDITING
First Claim
1. A computer-implemented method for forcing file access auditing, the method comprising:
- receiving, by an auditing file system executing on a processor associated with a protected computing device, a request to access a protected file;
receiving, from a remote file access auditing server, a file key that allows access to data within the protected file; and
providing access to data within the protected file in response to the request by using the file key.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for providing an auditing file system for theft-prone devices are disclosed. The auditing file system supports fine-grained file auditing: a user may obtain reliable, explicit evidence that no files have been accessed after a device'"'"'s loss. A user may also disable future file access after a device'"'"'s loss, even in the absence of device network connectivity. In one embodiment, files are encrypted locally but the encryption keys are stored remotely, so that an audit server is queried for encryption keys to access protected files. By configuring the audit server to refuse to return a particular file'"'"'s key, the user can prevent new accesses after the device is lost.
-
Citations
50 Claims
-
1. A computer-implemented method for forcing file access auditing, the method comprising:
-
receiving, by an auditing file system executing on a processor associated with a protected computing device, a request to access a protected file; receiving, from a remote file access auditing server, a file key that allows access to data within the protected file; and providing access to data within the protected file in response to the request by using the file key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14-15. -15. (canceled)
-
16. A computer-implemented method for auditing access requests, the method comprising:
-
receiving, by an access auditing server from a requesting device via a network, a request for a key associated with a protected resource; storing a record of the request in a key access log; and transmitting the key to the requesting device. - View Dependent Claims (17, 18, 19)
-
-
20-21. -21. (canceled)
-
22. A computer-implemented method for auditing file access requests, the method comprising:
-
receiving, by a paired device from a protected device, a request for a file key associated with a protected file; transmitting, by the paired device, a request for the file key to a remote file access auditing server; and transmitting, to the protected device, a file key received from the remote file access auditing server. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29-30. -30. (canceled)
-
31. A computer-implemented method for associating metadata with file access request audit logs, the method comprising registering a file with an auditing file system, wherein the file is associated with metadata, and wherein registering the file includes:
-
allocating, by a client device, an audit ID for the file; and transmitting the audit ID and the metadata to a remote metadata access auditing server. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
-
38-39. -39. (canceled)
-
40. A computer-implemented method for auditing file accesses, the method comprising:
-
allocating, by a client device, an audit ID for a file; transmitting the audit ID to a remote file access auditing server; receiving a file key from the remote file access auditing server; and protecting contents of the file using the file key. - View Dependent Claims (41, 42, 43)
-
-
44-45. -45. (canceled)
-
46. A computer-implemented method for auditing file accesses, the method comprising:
-
allocating, by a client device, an audit ID for a file; generating a file key; protecting contents of the file using the file key; and transmitting the audit ID and the file key to a remote file access auditing server. - View Dependent Claims (47, 48, 49)
-
-
50-51. -51. (canceled)
Specification