System and method for protecting files on a computer from access by unauthorized applications
First Claim
Patent Images
1. A method for limiting access to a data file, the method comprising:
- receiving a request from an application to access the data file;
identifying the application that generated the request;
identifying the extension associated with the data file;
consulting stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file;
denying the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and
responsive to determining that the identified application is not permitted to access the data file, quarantining and uninstalling the identified application.
9 Assignments
0 Petitions
Accused Products
Abstract
An application that generates a request to access a data file is identified. The application is determined to be not permitted to access the data file based on identified extension associated with that data file so as to quarantine and uninstall that application.
66 Citations
7 Claims
-
1. A method for limiting access to a data file, the method comprising:
-
receiving a request from an application to access the data file; identifying the application that generated the request; identifying the extension associated with the data file; consulting stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file; denying the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and responsive to determining that the identified application is not permitted to access the data file, quarantining and uninstalling the identified application. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented system for limiting access to a data file, the system comprising:
-
an access monitor module configured to; detect a request from an application for a data file; and identify the application that generated the request; a permission lookup module in communication with the access monitor module, the permission lookup module being configured to consult stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file; an access grant module in communication with the permission lookup module, the access grant module being configured to grant the identified application access to the data file when the permission lookup module has determined that the identified application is permitted to access the data file; and an access deny module in communication with the access grant module, the access deny module being configured to deny the identified application access to the data file when the permission lookup module has determined that the identified application is not permitted to access the data file; wherein the access deny module is configured to quarantine and uninstall the identified application when the permission lookup module has determined that the identified application is not permitted to access the data file.
-
-
7. An article of manufacture for limiting access to a data file, the article of manufacture comprising:
-
a computer-readable storage medium; and a plurality of instructions on the computer-readable storage medium, the plurality of instructions configured, when executed on a processor, to; process a received request from an application to access the data file; identify the application that generated the request; identify the extension associated with the data file; consult stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file; deny the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and quarantine and uninstall the identified application when it is determined that the identified application is not permitted to access the data file.
-
Specification