Method and apparatus for protecting file system based on digital signature certificate
First Claim
1. A method for protecting a file system on a server computer, the method comprising:
- generating a system security manager'"'"'s digital signature key pair and certificate;
storing the system security manager'"'"'s certificate onto a security kernel of an operating system on the server computer based upon a digital signature of the system security manager;
generating a user'"'"'s digital signature key pair and a user'"'"'s certificate signed using a secret key of the system security manager'"'"'s digital signature key pair;
setting an access authority of the file system for the user'"'"'s certificate;
identifying a user through a digital signature-based authentication using the system security manager'"'"'s certificate and the user'"'"'s certificate, when the user attempts to access the file system on the server computer; and
granting the user access authority for a file in accordance with the access authority of the file system set for the user'"'"'s certificate only when the identifying is successful.
2 Assignments
0 Petitions
Accused Products
Abstract
Protection for a file system is provided. The protection includes generating first digital signature keys and a system security manager'"'"'s certificate for a system security manager. A system security manager'"'"'s certificate is stored onto a security kernel when installing an operating system on a server computer. Second digital signature keys and a user'"'"'s certificate are generated for a general user. An access authority of the file system is set. A user is identified through a digital signature authentication method when the user tries to access the file system. The user is given access authority for the file in accordance with an identification result.
-
Citations
33 Claims
-
1. A method for protecting a file system on a server computer, the method comprising:
-
generating a system security manager'"'"'s digital signature key pair and certificate; storing the system security manager'"'"'s certificate onto a security kernel of an operating system on the server computer based upon a digital signature of the system security manager; generating a user'"'"'s digital signature key pair and a user'"'"'s certificate signed using a secret key of the system security manager'"'"'s digital signature key pair; setting an access authority of the file system for the user'"'"'s certificate; identifying a user through a digital signature-based authentication using the system security manager'"'"'s certificate and the user'"'"'s certificate, when the user attempts to access the file system on the server computer; and granting the user access authority for a file in accordance with the access authority of the file system set for the user'"'"'s certificate only when the identifying is successful. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for protecting a file system on a server computer, the apparatus comprising:
-
a generator that generates a system security manager'"'"'s digital signature key pair and certificate; a storage that stores the system security manager'"'"'s certificate onto a security kernel of an operating system on the server computer based upon a digital signature of the system security manager; a generator that generates a user'"'"'s digital signature key pair and a user'"'"'s certificate signed using a secret key of the system security manager'"'"'s digital signature key pair; an access setter that sets an access authority of the file system for the user'"'"'s certificate; an identifier that identifies a user through a digital signature-based authentication using the system security manager'"'"'s certificate and the user'"'"'s certificate, when the user tries to access the file system on the server computer; and an authorizer that grants the user access authority for a file in accordance with the access authority of the file system set for the user'"'"'s certificate only when the identifying is successful. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer readable media storing instructions for executing a method for protecting a file system on a server computer, the computer readable medium comprising:
-
a first generating code segment that generates a system security manager'"'"'s digital signature key pair and certificate; a storing code segment that stores a system security manager'"'"'s certificate onto a security kernel of an operating system on the server computer based upon a digital signature of the system security manager; a second generating code segment that generates a user'"'"'s digital signature key pair and a user'"'"'s certificate signed using a secret key of the system security manager'"'"'s digital signature key pair; an access setting code segment that sets an access authority of the file system for the user'"'"'s certificate; a user identifying code segment that identifies a user through a digital signature-based authentication using the system security manager'"'"'s certificate and the user'"'"'s certificate, when the user tries to access the file system on the server computer; and an access granting code segment that grants the user access authority for a file in accordance with the access authority of the file system set for the user'"'"'s certificate only when the identifying is successful. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification