Secure file system server architecture and methods
First Claim
1. A secure server platform providing protected access to persistent data, said secure server platform comprising:
- a) a persistent data store supporting storage of predetermined files;
b) a computer server system, including an operating system kernel supporting execution of an application program with respect to a user, a first file system layer, responsive to predetermined data transfer operations managed by said operating system kernel relative to said application program to transfer file data with respect to said persistent data store, and a second file system layer interposed between said operating system kernel and said first file system layer, said second file system layer establishing a file access control function selectively constraining said predetermined data transfer operations; and
c) a file access controller coupled to said second file system layer to support said file access control function, wherein said file access controller implements an access policy list establishing a predetermined correlation between said user and said predetermined files determinative of permitted ones of said predetermined data transfer operations, and wherein said access policy list is maintained within said file access controller independent of said computer server system, wherein said second file system layer includes an operating system interface coupled to said operating system kernel to enable collection of authorization information with respect to said user and session information with respect to said application program and wherein said file access control function, in response to said predetermined data transfer operations, selectively provides said authorization and session information to said file access controller and wherein said authorization information includes a secure identification of said user and said session information includes a session key identifying the session, established by said operating system kernel, within which said application program executes.
4 Assignments
0 Petitions
Accused Products
Abstract
A data server platform includes a security file system layer interposed between the platform operating system kernel and file system. The secure file system layer is structured to implement a file access control function that selectively constrains data transfer operations initiated through the operating system kernel by an application program to transfer file data through the file system with respect to a persistent data store. A file access controller, implemented independent of the operating system kernel, is coupled to the security file system layer and supports the file access control function by defining permitted file data transfers through the file system. Management of the file access controller separate from the data server platform ensures that any security breach of the platform operating system kernel cannot compromise the function of the security file system layer.
277 Citations
13 Claims
-
1. A secure server platform providing protected access to persistent data, said secure server platform comprising:
-
a) a persistent data store supporting storage of predetermined files; b) a computer server system, including an operating system kernel supporting execution of an application program with respect to a user, a first file system layer, responsive to predetermined data transfer operations managed by said operating system kernel relative to said application program to transfer file data with respect to said persistent data store, and a second file system layer interposed between said operating system kernel and said first file system layer, said second file system layer establishing a file access control function selectively constraining said predetermined data transfer operations; and c) a file access controller coupled to said second file system layer to support said file access control function, wherein said file access controller implements an access policy list establishing a predetermined correlation between said user and said predetermined files determinative of permitted ones of said predetermined data transfer operations, and wherein said access policy list is maintained within said file access controller independent of said computer server system, wherein said second file system layer includes an operating system interface coupled to said operating system kernel to enable collection of authorization information with respect to said user and session information with respect to said application program and wherein said file access control function, in response to said predetermined data transfer operations, selectively provides said authorization and session information to said file access controller and wherein said authorization information includes a secure identification of said user and said session information includes a session key identifying the session, established by said operating system kernel, within which said application program executes.
-
-
2. A computer system implementing a server architecture enforcing secure authentication and access control over file data, said computer system comprising:
-
a) a first processor system, coupled to said persistent file data store, including a server memory area and a server processor providing for the execution of an operating system within said server memory, wherein said operating system includes an operating system kernel, having a kernel data access interface, a filesystem switch, supporting routing of file data requests provided from said operating system kernel, and a security interposer layer coupled to said kernel data access interface and said filesystem switch, said security interposer layer being responsive to received file data requests to associate session information obtained from said operating system kernel with said file data requests; and b) a second processor system, independent of said first processor system, coupled through a network communications channel to said security interposer layer and responsive to said session information as associated with said file data requests to selectively enable said file data requests relative to the transfer of file data in response to said file data requests, wherein said second processor system includes a security processor providing for the execution of a control program that implements an access policy list enabling said security processor to identify, based on said session information, permitted ones of said file data requests, wherein said second processor system interoperates with said security interposer layer to enable said permitted ones of said file data requests and wherein said control program further implements an authorization control list and wherein said second processor system interoperates with said security interposer layer to enable the execution of a predetermined application program within said server memory area by said server processor. - View Dependent Claims (3, 4, 5, 6)
-
-
7. A computer system implementing a server architecture enforcing secure authentication and access control over file data, said computer system comprising:
-
a) a first processor system, coupled to said persistent file data store, including a server memory area and a server processor providing for the execution of an operating system within said server memory, wherein said operating system includes an operating system kernel, having a kernel data access interface, a filesystem switch, supporting routing of file data requests provided from said operating system kernel, and a security interposer layer coupled to said kernel data access interface and said filesystem switch, said security interposer layer being responsive to received file data requests to associate session information obtained from said operating system kernel with said file data requests; and b) a second processor system, independent of said first processor system, coupled through a network communications channel to said security interposer layer and responsive to said session information as associated with said file data requests to selectively enable said file data requests relative to the transfer of file data in response to said file data requests, wherein said security interposer layer provides for the transfer routing of file data through said second processor system and wherein said second processor system includes a security processor operative to decrypt file data transferred through said second processor system, wherein file data is bidirectionally transferred between said security interposer layer and said second processor system and wherein said second processor system stores an encryption key for use by said security processor in decrypting file data, wherein said security interposer layer provides a reference to said encryption key determined from said session information to said second processor system, and wherein second processor system maintains said encryption key independent of said security interposer layer. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification