Method and system for protecting the security of an open file in a computing environment

US 7,845,013 B2
Filed: 05/30/2006
Issued: 11/30/2010
Est. Priority Date: 05/30/2006
Status: Active Grant

First Claim

Patent Images

1. A file security protection method, said method comprising:

a processor of a computer system receiving a metadata token from a software application executing on the computer system, said metadata token denoting that the application has opened a file having a name, said metadata token comprising the name of the file;

responsive to receiving the metadata token, said processor setting an initial time to a time at which said receiving the metadata token occurred; and

after setting the initial time, said processor executing iterations of a loop, each iteration of said iterations comprising determining whether a first condition has been satisfied, determining whether a second condition has been satisfied, and exiting the loop in response to having determined that the first condition or the second condition has been satisfied,wherein the first condition is that an elapsed time relative the initial time exceeds a specified threshold, andwherein the second condition is that a closeout token denoting that the file has been closed has been received from the application such that the closeout token comprises the name of the file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A file security protection method and system. The method is performed by an operating system of a computer system. A metadata token is received from a software application executing on the computer system. The metadata token denotes that the application has opened a file. The metadata token includes the name of the file. An initial time is set to about a time at which the metadata token was received. A loop is executed. Each iteration of the loop includes determining whether a first or second condition has been satisfied. The loop is exited if it is determined that the first or second condition has been satisfied. The first condition is that an elapsed time relative the initial time exceeds a specified threshold. The second condition is that a closeout token denoting that the file has been closed has been received from the application.

14 Citations

View as Search Results

40 Claims

1. A file security protection method, said method comprising:
- a processor of a computer system receiving a metadata token from a software application executing on the computer system, said metadata token denoting that the application has opened a file having a name, said metadata token comprising the name of the file;
  
  responsive to receiving the metadata token, said processor setting an initial time to a time at which said receiving the metadata token occurred; and
  
  after setting the initial time, said processor executing iterations of a loop, each iteration of said iterations comprising determining whether a first condition has been satisfied, determining whether a second condition has been satisfied, and exiting the loop in response to having determined that the first condition or the second condition has been satisfied,wherein the first condition is that an elapsed time relative the initial time exceeds a specified threshold, andwherein the second condition is that a closeout token denoting that the file has been closed has been received from the application such that the closeout token comprises the name of the file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the metadata token further comprises an identification of the application.
  - 3. The method of claim 1, wherein the metadata token further comprises the specified threshold.
  - 4. The method of claim 1, wherein the metadata token further comprises a security level of the file, and wherein the method further comprises said processor selecting the specified threshold using the security level in the metadata token in conjunction with a specification of threshold as a function of security level.
  - 5. The method of claim 1, wherein the method further comprises during an iteration of said iterations:
    - receiving an update token from the application, wherein the update token denotes that an action has been performed with respect to the file, and wherein the update token comprises the name of the file; and
      
      responsive to said receiving the update token, resetting the initial time to a time at which said receiving the update token occurred.
  - 6. The method of claim 5, wherein the action is an action in which the file is changed.
  - 7. The method of claim 5, wherein the action is an action in which the file is unchanged and a non-intrusive action has occurred with respect to the file.
  - 8. The method of claim 1, wherein the method further comprises:
    - responsive to receiving the metadata token, said processor performing an onset action, wherein said performing the onset action is selected from the group consisting of modifying a screen saver/screen-lock time-out value, triggering a visual indicator on a screen of a user of said application, and combinations thereof.
  - 9. The method of claim 1, wherein the method further comprises:
    - responsive to having determined that the first condition has been satisfied, said processor performing a forgotten document action, wherein said performing the forgotten document action is selected from the group consisting of masking an application window on a screen of a user of the application, auto-saving and closing the file, sending a remote indicator to a contact device of an owner of the file to indicate that the file remains open, and combinations thereof.
  - 10. The method of claim 1, wherein the method further comprises:
    - responsive to having determined that the second condition has been satisfied, said processor performing a closeout action selected from the group consisting of modifying a screen saver/screen-lock time-out value, turning off a visual indicator on a screen of a user of the application, and combinations thereof.

11. A process for supporting computer infrastructure, said process comprising:
- providing at least one support service for at least one of creating, integrating, hosting, maintaining, and deploying computer-readable code in a computer system,wherein the code in combination with the computer system is capable of performing a file security protection method, said method comprising;
  
  a processor of the computer system receiving a metadata token from a software application executing on the computer system, said metadata token denoting that the application has opened a file having a name, said metadata token comprising the name of the file;
  
  responsive to receiving the metadata token, said processor setting an initial time to a time at which said receiving the metadata token occurred; and
  
  after setting the initial time, said processor executing iterations of a loop, each iteration of said iterations comprising determining whether a first condition has been satisfied, determining whether a second condition has been satisfied, and exiting the loop in response to having determined that the first condition or the second condition has been satisfied,wherein the first condition is that an elapsed time relative the initial time exceeds a specified threshold, andwherein the second condition is that a closeout token denoting that the file has been closed has been received from the application such that the closeout token comprises the name of the file.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The process of claim 11, wherein the metadata token further comprises an identification of the application.
  - 13. The process of claim 11, wherein the metadata token further comprises the specified threshold.
  - 14. The process of claim 11, wherein the metadata token further comprises a security level of the file, and wherein the method further comprises said processor selecting the specified threshold using the security level in the metadata token in conjunction with a specification of threshold as a function of security level.
  - 15. The process of claim 11, wherein the method further comprises during an iteration of said iterations:
    - receiving an update token from the application, wherein the update token denotes that an action has been performed with respect to the file, and wherein the update token comprises the name of the file; and
      
      responsive to said receiving the update token, resetting the initial time to a time at which said receiving the update token occurred.
  - 16. The process of claim 15, wherein the action is an action in which the file is changed.
  - 17. The process of claim 15, wherein the action is an action in which the file is unchanged and a non-intrusive action has occurred with respect to the file.
  - 18. The process of claim 11, wherein the method further comprises:
    - responsive to receiving the metadata token, said processor performing an onset action, wherein said performing the onset action is selected from the group consisting of modifying a screen saver/screen-lock time-out value, triggering a visual indicator on a screen of a user of said application, and combinations thereof.
  - 19. The process of claim 11, wherein the method further comprises:
    - responsive to having determined that the first condition has been satisfied, said processor performing a forgotten document action, wherein said performing the forgotten document action is selected from the group consisting of masking an application window on a screen of a user of the application, auto-saving and closing the file, sending a remote indicator to a contact device of an owner of the file to indicate that the file remains open, and combinations thereof.
  - 20. The process of claim 11, wherein the method further comprises:
    - responsive to having determined that the second condition has been satisfied, said processor performing a closeout action selected from the group consisting of modifying a screen saver/screen-lock time-out value, turning off a visual indicator on a screen of a user of the application, and combinations thereof.

21. A computer program product, comprising a non-transitory computer readable storage medium having a computer readable program code stored therein, said computer readable program code containing instructions that when executed by a processor of a computer system implement a file security protection method, said method comprising:
- receiving a metadata token from a software application executing on the computer system, said metadata token denoting that the application has opened a file having a name, said metadata token comprising the name of the file;
  
  responsive to receiving the metadata token, setting an initial time to a time at which said receiving the metadata token occurred; and
  
  after setting the initial time, executing iterations of a loop, each iteration of said iterations comprising determining whether a first condition has been satisfied, determining whether a second condition has been satisfied, and exiting the loop in response to having determined that the first condition or the second condition has been satisfied,wherein the first condition is that an elapsed time relative the initial time exceeds a specified threshold, andwherein the second condition is that a closeout token denoting that the file has been closed has been received from the application such that the closeout token comprises the name of the file.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The computer program product of claim 21, wherein the metadata token further comprises an identification of the application.
  - 23. The computer program product of claim 21, wherein the metadata token further comprises the specified threshold.
  - 24. The computer program product of claim 21, wherein the metadata token further comprises a security level of the file, and wherein the method further comprises selecting the specified threshold using the security level in the metadata token in conjunction with a specification of threshold as a function of security level.
  - 25. The computer program product of claim 21, wherein the method further comprises during an iteration of said iterations:
    - receiving an update token from the application, wherein the update token denotes that an action has been performed with respect to the file, and wherein the update token comprises the name of the file; and
      
      responsive to said receiving the update token, resetting the initial time to a time at which said receiving the update token occurred.
  - 26. The computer program product of claim 25, wherein the action is an action in which the file is changed.
  - 27. The computer program product of claim 25, wherein the action is an action in which the file is unchanged and a non-intrusive action has occurred with respect to the file.
  - 28. The computer program product of claim 21, wherein the method further comprises:
    - responsive to receiving the metadata token, said processor performing an onset action, wherein said performing the onset action is selected from the group consisting of modifying a screen saver/screen-lock time-out value, triggering a visual indicator on a screen of a user of said application, and combinations thereof.
  - 29. The computer program product of claim 21, wherein the method further comprises:
    - responsive to having determined that the first condition has been satisfied, performing a forgotten document action, wherein said performing the forgotten document action is selected from the group consisting of masking an application window on a screen of a user of the application, auto-saving and closing the file, sending a remote indicator to a contact device of an owner of the file to indicate that the file remains open, and combinations thereof.
  - 30. The computer program product of claim 21, wherein the method further comprises:
    - responsive to having determined that the second condition has been satisfied, performing a closeout action selected from the group consisting of modifying a screen saver/screen-lock time-out value, turning off a visual indicator on a screen of a user of the application, and combinations thereof.

31. A computer system comprising a processor and a computer readable memory device coupled to the processor, said memory device containing instructions that when executed by the processor implement a file security protection method, said method comprising:
- receiving a metadata token from a software application executing on the computer system, said metadata token denoting that the application has opened a file having a name, said metadata token comprising the name of the file;
  
  responsive to receiving the metadata token, setting an initial time to a time at which said receiving the metadata token occurred; and
  
  after setting the initial time, executing iterations of a loop, each iteration of said iterations comprising determining whether a first condition has been satisfied, determining whether a second condition has been satisfied, and exiting the loop in response to having determined that the first condition or the second condition has been satisfied,wherein the first condition is that an elapsed time relative the initial time exceeds a specified threshold, andwherein the second condition is that a closeout token denoting that the file has been closed has been received from the application such that the closeout token comprises the name of the file.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 32. The computer system of claim 31, wherein the metadata token further comprises an identification of the application.
  - 33. The computer system of claim 31, wherein the metadata token further comprises the specified threshold.
  - 34. The computer system of claim 31, wherein the metadata token further comprises a security level of the file, and wherein the method further comprises selecting the specified threshold using the security level in the metadata token in conjunction with a specification of threshold as a function of security level.
  - 35. The computer system of claim 31, wherein the method further comprises during an iteration of said iterations:
    - receiving an update token from the application, wherein the update token denotes that an action has been performed with respect to the file, and wherein the update token comprises the name of the file; and
      
      responsive to said receiving the update token, resetting the initial time to a time at which said receiving the update token occurred.
  - 36. The computer system of claim 35, wherein the action is an action in which the file is changed.
  - 37. The computer system of claim 35, wherein the action is an action in which the file is unchanged and a non-intrusive action has occurred with respect to the file.
  - 38. The computer system of claim 31, wherein the method further comprises:
    - responsive to receiving the metadata token, said processor performing an onset action, wherein said performing the onset action is selected from the group consisting of modifying a screen saver/screen-lock time-out value, triggering a visual indicator on a screen of a user of said application, and combinations thereof.
  - 39. The computer system of claim 31, wherein the method further comprises:
    - responsive to having determined that the first condition has been satisfied, performing a forgotten document action, wherein said performing the forgotten document action is selected from the group consisting of masking an application window on a screen of a user of the application, auto-saving and closing the file, sending a remote indicator to a contact device of an owner of the file to indicate that the file remains open, and combinations thereof.
  - 40. The computer system of claim 31, wherein the method further comprises:
    - responsive to having determined that the second condition has been satisfied, performing a closeout action selected from the group consisting of modifying a screen saver/screen-lock time-out value, turning off a visual indicator on a screen of a user of the application, and combinations thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Polozoff, Alexandre, Boss, Gregory Jensen, Bhogal, Kulvir Singh, Hamilton, Rick Allen II
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
King; John B

Application Number

US11/442,910
Publication Number

US 20070282854A1
Time in Patent Office

1,645 Days
Field of Search

726/26, 726/27
US Class Current

726/27
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/6281   at program execution time, ...

G06F 2221/2137   Time limited access, e.g. t...

Method and system for protecting the security of an open file in a computing environment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for protecting the security of an open file in a computing environment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links