METHOD AND APPARATUS FOR PROTECTING FILE

US 20140089684A1
Filed: 11/26/2013
Published: 03/27/2014
Est. Priority Date: 08/15/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method for protecting a file, comprising:

generating a secure file header by using an original file header of a file to be protected, wherein when no permission is granted, the secure file header is capable of restricting accessing content of a file where the secure file header is located; and

replacing the secure file header with the original file header of the file to be protected to convert the file to be protected to a secure file.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention provide a method and a system for protecting a file, which belong to the field of information security. The method includes: replacing a secure file header of a file to be protected with its original file header to convert the file to be protected to a secure file; and preventing, by the secure file header of the secure file acquired by the conversion, another peripheral from performing an access operation on content of the secure file. By using this method, in a terminal device such as an Android mobile phone or a computer, without affecting normal use by a subscriber, the protection of files such as multimedia files can be realized and content of a protected secure file in a mobile phone is not allowed to be opened on another device to achieve a purpose of avoiding private information leakage and protecting personal privacy.

Citations

20 Claims

1. A method for protecting a file, comprising:
- generating a secure file header by using an original file header of a file to be protected, wherein when no permission is granted, the secure file header is capable of restricting accessing content of a file where the secure file header is located; and
  
  replacing the secure file header with the original file header of the file to be protected to convert the file to be protected to a secure file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method for protecting a file according to claim 1, wherein the generating a secure file header by using an original file header of a file to be protected is:
    - acquiring an encrypted file header by compressing and encrypting the original file header of the file to be protected and then, acquiring the secure file header by adding identification information to the encrypted file header.
  - 3. The method for protecting a file according to claim 2, wherein the encryption is encrypting content of the compressed file header.
  - 4. The method for protecting a file according to claim 2, wherein a key used for the encryption is:
    - a key acquired by encrypting, by using a password input by a subscriber, a machine unique code of a local device where the file to be protected is located.
  - 5. The method for protecting a file according to claim 2, wherein a key used for the encryption is:
    - a key acquired by encrypting, by using a password input by a subscriber and/or a machine unique code of a local device where the file to be protected is located.
  - 6. The method for protecting a file according to claim 4, wherein the password input by the subscriber and the key acquired by the encryption are both stored in a subscriber identity module of the local device where the file to be protected is located.
  - 7. The method for protecting a file according to claim 4, wherein the following manners are adopted to acquire the key by encrypting, by using the password input by the subscriber, the machine unique code of the local device where the file to be protected is located:
    - when the subscriber uses a recorder or a camera of the local device for the first time, prompting the subscriber to input the password; and
      
      acquiring the key for encryption by encrypting, by using the password input by the subscriber, the machine unique code of the local device.
  - 8. The method for protecting a file according to claim 2, wherein the following manner is adopted to add the identification information to the encrypted file header:
    - forming, before adding the identification information that identifies the file as the secure file into the encrypted file header, the secure file header by combining the identification information with the encrypted file header, wherein the size of the secure file header is consistent with the size of the original file header of the file to be protected.
  - 9. The method for protecting a file according to claim 7, wherein the following manner is adopted to add the identification information to the encrypted file header:
    - forming, before adding the identification information that identifies the file as the secure file into the encrypted file header, the secure file header by combining the identification information with the encrypted file header, wherein the size of the secure file header is consistent with the size of the original file header of the file to be protected.
  - 10. The method for protecting a file according to claim 1, wherein the replacing the secure file header with the original file header of the file to be protected is:
    - writing the secure file header into an initial position of the file to be protected to replace the original file header of the file.
  - 11. The method for protecting a file according to claim 1, wherein the file to be protected comprises:
    - any one or more of an audio file, an image file, a video file, a map data file, a 3D model data file, a CAD data file, and an executable file.
  - 12. The method for protecting a file according to claim 8, wherein, when the local device where the file to be protected is located performs an access operation on content of the secure file converted from the file, the method further comprises:
    - acquiring the secure file header of the secure file and acquiring the encrypted file header from the secure file header;
      
      acquiring content of the original file header by decrypting and decompressing the encrypted file header; and
      
      permitting a corresponding access operation after the content of the secure file is acquired according to the acquired content of the original file header.
  - 13. The method for protecting a file according to claim 12, wherein the decrypting the encrypted file header comprises:
    - acquiring a key for decryption, wherein the key is a key used for performing encryption on the compressed original file header to acquire the encrypted file header; and
      
      decrypting the encrypted file header by using the acquired key and adopting a decryption algorithm identical with or corresponding to an encryption algorithm to acquire a compressed original file header.
  - 14. The method for protecting a file according to claim 13, wherein, when the key for decryption is acquired, if the key is stored in the subscriber identity module of the local device where the secure file is located, it is determined whether the subscriber identity module in the local device is registered on an operation network, and if it is registered, the stored key is read from the subscriber identity module;
    - and if it is not registered, prompt information indicating that the decrypted key fails to be acquired is returned and subsequent processing is ended.

15. An apparatus for protecting a file, comprising:
- a secure file header processing unit anda replacement processing unit, whereinthe secure file header processing unit is configured to generate a secure file header by using an original file header of a file to be protected, wherein when no permission is granted, the secure file header is capable of restricting accessing content of a file where the secure file header is located, andthe replacement processing unit is configured to replace the secure file header with the original file header of the file to be protected to convert the file to be protected to a secure file.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus for protecting a file according to claim 15, wherein the secure file header processing unit comprises:
    - a compression unit, an encryption unit, and an identification information adding unit;
      
      whereinthe compression unit is configured to compress the original file header of the file to be protected;
      
      the encryption unit is configured to encrypt content of the file header compressed by the compression unit to acquire an encrypted file header; and
      
      the identification information adding unit is configured to add identification information to the encrypted file header acquired through the encryption by the encryption unit to acquire a secure file header.
  - 17. The apparatus for protecting a file according to claim 16, wherein the secure file header processing unit further comprises:
    - a key processing unit, configured to encrypt, by using a password input by a subscriber, a machine unique code of a local device where the file to be protected is located to acquire a key.
  - 18. The apparatus for protecting a file according to claim 16, wherein the secure file header processing unit further comprises:
    - a decryption unit and a decompression unit;
      
      whereinthe decryption unit is configured to decrypt the encrypted file header in the secure file header of the secure file; and
      
      the decompression unit is configured to decompress the content of the file header decrypted by the decryption unit to acquire the original file header.
  - 19. The apparatus for protecting a file according to claim 17, wherein the secure file header processing unit further comprises:
    - a decryption unit and a decompression unit;
      
      whereinthe decryption unit is configured to decrypt the encrypted file header in the secure file header of the secure file; and
      
      the decompression unit is configured to decompress the content of the file header decrypted by the decryption unit to acquire the original file header.
  - 20. The apparatus for protecting a file according to claim 18, wherein the decryption unit comprises:
    - a determination processing module and a key reading module, whereinthe determination processing module is configured to;
      
      when the key for decryption is acquired, if the key is stored in a subscriber identity module of the local device where the secure file is located, determine whether the subscriber identity module of the local device is registered on an operation network, and if it is registered, send an instruction for permission of reading the key to the key reading module, and if it is not registered, return prompt information indicating that the decrypted key fails to be acquired and send an instruction for ending subsequent processing; and
      
      the key reading module is configured to read, after the instruction for permission of reading the key from the determination processing module is received, the stored key from the subscriber identity module of the local device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Device Company Limited (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Device Company Limited (Huawei Investment & Holding Co., Ltd.)
Inventors
HE, Feng, GUO, Zejin

Application Number

US14/090,971
Publication Number

US 20140089684A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

G06F 21/88   Detecting or preventing the...

G06F 2221/2153   Using hardware token as a s...

METHOD AND APPARATUS FOR PROTECTING FILE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR PROTECTING FILE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links