System and method for protecting files on a computer from access by unauthorized applications

US 7,480,655 B2
Filed: 01/07/2005
Issued: 01/20/2009
Est. Priority Date: 01/09/2004
Status: Active Grant

First Claim

Patent Images

1. A method for limiting access to a data file, the method comprising:

receiving a request from an application to access the data file;

identifying the application that generated the request;

identifying the extension associated with the data file;

consulting stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file;

denying the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and

responsive to determining that the identified application is not permitted to access the data file, quarantining and uninstalling the identified application.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application that generates a request to access a data file is identified. The application is determined to be not permitted to access the data file based on identified extension associated with that data file so as to quarantine and uninstall that application.

66 Citations

View as Search Results

7 Claims

1. A method for limiting access to a data file, the method comprising:
- receiving a request from an application to access the data file;
  
  identifying the application that generated the request;
  
  identifying the extension associated with the data file;
  
  consulting stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file;
  
  denying the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and
  
  responsive to determining that the identified application is not permitted to access the data file, quarantining and uninstalling the identified application.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the stored information is indexed by extension and determining whether the identified application is permitted to access the data file comprises:
    - identifying applications that are permitted to access data files including the identified extension.
  - 3. The method of claim 1, wherein the stored information is indexed by application and determining whether the identified application is permitted to access the data file comprises:
    - identifying file extensions whose associated data files the identified application is permitted to access.
  - 4. The method of claim 1, further comprising:
    - populating the stored information with default file extension matching data.
  - 5. The method of claim 4, wherein populating the stored information with default file extension matching data comprises:
    - responsive to installing a new program, automatically populating the stored information with default file extension matching data.

6. A computer-implemented system for limiting access to a data file, the system comprising:
- an access monitor module configured to;
  
  detect a request from an application for a data file; and
  
  identify the application that generated the request;
  
  a permission lookup module in communication with the access monitor module, the permission lookup module being configured to consult stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file;
  
  an access grant module in communication with the permission lookup module, the access grant module being configured to grant the identified application access to the data file when the permission lookup module has determined that the identified application is permitted to access the data file; and
  
  an access deny module in communication with the access grant module, the access deny module being configured to deny the identified application access to the data file when the permission lookup module has determined that the identified application is not permitted to access the data file;
  
  wherein the access deny module is configured to quarantine and uninstall the identified application when the permission lookup module has determined that the identified application is not permitted to access the data file.

7. An article of manufacture for limiting access to a data file, the article of manufacture comprising:
- a computer-readable storage medium; and
  
  a plurality of instructions on the computer-readable storage medium, the plurality of instructions configured, when executed on a processor, to;
  
  process a received request from an application to access the data file;
  
  identify the application that generated the request;
  
  identify the extension associated with the data file;
  
  consult stored information relating each of a plurality of file extensions and one or more applications authorized to access data files associated with that extension to determine, based on the identified extension associated with the data file, whether the identified application is permitted to access the data file;
  
  deny the identified application access to the data file when it is determined that the identified application is not permitted to access the data file; and
  
  quarantine and uninstall the identified application when it is determined that the identified application is not permitted to access the data file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carbonite LLC (Open Text Corporation)
Original Assignee
Webroot Software Incorporated (Open Text Corporation)
Inventors
Moll, David, Thomas, Steve
Primary Examiner(s)
Le; Uyen T.

Application Number

US11/031,615
Publication Number

US 20050154738A1
Time in Patent Office

1,474 Days
Field of Search

707/2, 707/9, 707/104.1, 713/165, 713/167
US Class Current

1/1
CPC Class Codes

G06F 21/52 during program execution, e...

G06F 21/554 involving event detection a...

System and method for protecting files on a computer from access by unauthorized applications

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

7 Claims

Specification

Use Cases

Quick Links

Others

System and method for protecting files on a computer from access by unauthorized applications

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

7 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others