Method for Locking Sensitive Data in the Cloud Based on Refactoring Technology

US 20180218165A1
Filed: 02/17/2016
Published: 08/02/2018
Est. Priority Date: 10/13/2015
Status: Abandoned Application

First Claim

Patent Images

1. A method for locking sensitive data in the cloud based on refactoring technology, comprising the steps of:

1) designating part of an original application on a client side as a trusted application;

storing sensitive data in a cloud;

2) refactoring the trusted application;

replacing a part of File Access API that calls files in the original application by a Cloud-Client Convergence File Access (CCCFA) API associated with files after fusion of the cloud and the client; and

3) allowing the application to access the sensitive data in the cloud by calling the CCCFA API.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for cloud locking sensitive data based on refactoring technology is disclosed. Binary byte codes of a mobile application are modified and refactored, and an application program interface related to the file operation used by the mobile application is replaced, so that a sub-file system specified in the cloud is fused with the file system in the client. The refactored application is capable of transparently reading and writing cloud data and cloud locking sensitive data. The method includes: carrying out programmed analysis on the existing mobile application; finding a computational logic related to the file operation and carrying out corresponding refactoring; and re-generating an application with direct cloud data reading/writing capability. The invention method is conducive to improving the security of sensitive data on mobile phones, and has particular significance for users that want to protect sensitive data without storing them on their clients.

10 Citations

7 Claims

1. A method for locking sensitive data in the cloud based on refactoring technology, comprising the steps of:
- 1) designating part of an original application on a client side as a trusted application;
  
  storing sensitive data in a cloud;
  
  2) refactoring the trusted application;
  
  replacing a part of File Access API that calls files in the original application by a Cloud-Client Convergence File Access (CCCFA) API associated with files after fusion of the cloud and the client; and
  
  3) allowing the application to access the sensitive data in the cloud by calling the CCCFA API.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the step 2) further comprises:
    - a) using keyword matching to find all file-related classes;
      
      b) refactoring a first part of File Access API that instantiates original file-related objects to a corresponding portion in CCCFA API, which instantiates wrapped file-related objects capable of manipulating cloud data, thereby ensuring consistency between the wrapped file-related objects and the original file-related objects in the inheritance chain, as well as consistency in operations and attributes; and
      
      c) refactoring a second part of File Access API that uses the original file-related objects (callee), dividing a caller of the File Access API into two categories;
      
      application layer objects and framework layer objects.
  - 3. The method of claim 2, wherein step a) further comprises:
    - constructing a keyword database for the File Access API using framework layer library; and
      
      finding all the classes in the application that use the File Access API based on the keyword database.
  - 4. The method of claim 2, wherein step c) further comprises:
    - when the caller of the File Access API is a framework layer object, refactoring the callee to the original file-related objects which is acquired by invoking a method of the wrapped file-related objects, and wherein the framework layer object is capable of directly manipulating original file-related object.
  - 5. The method of claim 1, wherein step 2) further comprises:
    - replacing the file-related objects at runtime with wrapped file-related objects, wherein the wrapped file-related objects capable of cooperating cloud data operations with the cloud data agent; and
      
      achieving integration of cloud data and client data using file system fusion mechanism.
  - 6. The method of claim 5, wherein the file system fusion mechanism includes file system fusion based on file mapping, the method further comprising:
    - specifying a sub-file system in the cloud, which includes a set of files and directories;
      
      specifying rules for mapping cloud files to client files; and
      
      completing mapping cloud files to client files by running the cloud data agents on the client and in the cloud, thereby achieving integration of file systems on the client and in the cloud.
  - 7. The method of claim 6, wherein the file system fusion mechanism further includes file metadata caching and synchronization based on timestamps, which includes incremental metadata synchronization based on timestamps, thereby improving overall system performance and availability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Peking University
Original Assignee
Peking University
Inventors
Mei, Hong, Huang, Gang, Zhang, Ying, Cai, Huaqian

Application Number

US15/519,876
Publication Number

US 20180218165A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/16   File or folder operations, ...

G06F 16/1774   Locking methods, e.g. locki...

G06F 16/1794   Details of file format conv...

G06F 21/6218   to a system of files or obj...

G06F 2221/2147   Locking files

G06F 8/72   Code refactoring

Method for Locking Sensitive Data in the Cloud Based on Refactoring Technology

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Method for Locking Sensitive Data in the Cloud Based on Refactoring Technology

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links