Privacy protection during remote administration

US 8,176,562 B1
Filed: 12/21/2007
Issued: 05/08/2012
Est. Priority Date: 12/21/2007
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for protecting the privacy of identified content on a local computer while the local computer is being accessed by a remote administrator, the method comprising the steps of:

running a remote administration manager on the local computer, wherein the remote administration manager is operable to automatically traverse the local computer and identify specific local computer content to which access is to be restricted in accordance with a privacy policy for the local computer, the local privacy policy being configurable by a user of the local computer;

identifying, by the remote administration manager running on the local computer, the a locally configured privacy policy for the local computer, the privacy policy specifying at least one restrictive access level to prevent at least one remote administrator with administrator level access to the local computer from accessing specific local file system content during remote administration sessions;

during at least one remote administration session by the at least one remote administrator with administrator level access to the local computer, detecting, by the remote administration manager, an attempt by the at least one remote administrator to access the specific local file system content; and

preventing, by the remote administration manager, the detected attempt by the at least one remote administrator to access the specific local file system content, thereby enforcing the local privacy policy.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A remote access manager protects the privacy of identified local file system content while a local computer is being accessed by a remote administrator. A local user inputs a privacy policy which identifies restricted access levels for specified files, file types and folders. During remote administration sessions, the remote access manager intercepts attempts to access the local file system, and enforces the privacy policy. Thus, the remote administrator'"'"'s access to the local file system content is restricted according to the security policy.

22 Citations

View as Search Results

20 Claims

1. A computer implemented method for protecting the privacy of identified content on a local computer while the local computer is being accessed by a remote administrator, the method comprising the steps of:
- running a remote administration manager on the local computer, wherein the remote administration manager is operable to automatically traverse the local computer and identify specific local computer content to which access is to be restricted in accordance with a privacy policy for the local computer, the local privacy policy being configurable by a user of the local computer;
  
  identifying, by the remote administration manager running on the local computer, the a locally configured privacy policy for the local computer, the privacy policy specifying at least one restrictive access level to prevent at least one remote administrator with administrator level access to the local computer from accessing specific local file system content during remote administration sessions;
  
  during at least one remote administration session by the at least one remote administrator with administrator level access to the local computer, detecting, by the remote administration manager, an attempt by the at least one remote administrator to access the specific local file system content; and
  
  preventing, by the remote administration manager, the detected attempt by the at least one remote administrator to access the specific local file system content, thereby enforcing the local privacy policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein identifying a privacy policy for the local computer further comprises:
    - receiving input from a user of the local computer specifying at least a part of the privacy policy.
  - 3. The method of claim 1 wherein identifying a privacy policy for the local computer further comprises:
    - automatically traversing at least a part of the local file system; and
      
      automatically identifying, by the local computer, specific local file system content to which access is to be restricted according to the privacy policy.
  - 4. The method of claim 1 wherein identifying a privacy policy for the local computer further comprises:
    - automatically identifying, by the local computer, specific local file system content to which access is to be restricted according to the privacy policy, the identified specific local file system content comprising at least one type from a group of types consisting of;
      
      at least one specific file, at least one specific file type, at least one specific file within at least one specifically identified folder and at least one specific file type within at least one specifically identified folder.
  - 5. The method of claim 1 wherein identifying a privacy policy for the local computer further comprises:
    - receiving an indication from a user of the local computer specifying at least one restrictive access level to be applied to at least some local file system content according to the privacy policy, the at least one restrictive access level being from a group consisting of;
      
      invisible, non-readable, non-executable, read-only, locked, content-masked and name-masked.
  - 6. The method of claim 1 wherein identifying a privacy policy for the local computer further comprises:
    - receiving an indication from a user of the local computer specifying at least one particular remote administrator for whom access to at least some file system content is to be restricted according to the privacy policy.
  - 7. The method of claim 1 further comprising:
    - receiving an indication from a user to override a restriction on a remote administrator'"'"'s access to local file system content; and
      
      responsive to the received indication, allowing the restricted access.
  - 8. The method of claim 1 wherein enforcing the privacy policy further comprises:
    - intercepting attempts by the at least one remote administrator to access local file system content; and
      
      restricting the at least one remote administrator'"'"'s access to local file system content according to the security policy.
  - 9. The method of claim 1 wherein enforcing the privacy policy further comprises:
    - prior to the at least one remote administration session by the at least one remote administrator, encrypting identified file system content; and
      
      after the at least one remote administration session by the at least one remote administrator, decrypting the identified file system content.

10. At least one non-transitory computer readable medium storing a computer program product for, when executed by a processor, protecting the privacy of identified content on a local computer while the local computer is being accessed by a remote administrator, the computer program product comprising:
- program code for running a remote administration manager on the local computer, wherein the remote administration manager is operable to automatically traverse the local computer and identify specific local computer content to which access is to be restricted in accordance with a privacy policy for the local computer, the local privacy policy being configurable by a user of the local computer;
  
  program code for identifying, by the remote administration manager running on the local computer, the a locally configured privacy policy for the local computer, the privacy policy specifying at least one restrictive access level to prevent at least one remote administrator with administrator level access to the local computer from accessing specific local file system content during remote administration sessions;
  
  program code for, during at least one remote administration session by the at least one remote administrator with administrator level access to the local computer, detecting, by the remote administration manager, an attempt by the at least one remote administrator to access the specific local file system content; and
  
  program code for preventing, by the remote administration manager, the detected attempt by the at least one remote administrator to access the specific local file system content, thereby enforcing the local privacy policy.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer program product of claim 10 wherein the program code for identifying a privacy policy for the local computer further comprises:
    - program code for receiving input from a user of the local computer specifying at least a part of the privacy policy.
  - 12. The computer program product of claim 10 wherein the program code for identifying a privacy policy for the local computer further comprises:
    - program code for automatically traversing at least a part of the local file system; and
      
      program code for automatically identifying, by the local computer, specific local file system content to which access is to be restricted according to the privacy policy.
  - 13. The computer program product of claim 10 wherein the program code for identifying a privacy policy for the local computer further comprises:
    - program code for automatically identifying, by the local computer, specific local file system content to which access is to be restricted according to the privacy policy, the identified specific local file system content comprising at least one type from a group of types consisting of;
      
      at least one specific file, at least one specific file type, at least one specific file within at least one specifically identified folder and at least one specific file type within at least one specifically identified folder.
  - 14. The computer program product of claim 10 wherein the program code for identifying a privacy policy for the local computer further comprises:
    - program code for receiving an indication from a user of the local computer specifying at least one restrictive access level to be applied to at least some local file system content according to the privacy policy, the at least one restrictive access level being from a group consisting of;
      
      invisible, non-readable, non-executable, read-only, locked, content-masked and name-masked.
  - 15. The computer program product of claim 10 wherein the program code for identifying a privacy policy for the local computer further comprises:
    - program code for receiving an indication from a user of the local computer specifying at least one particular remote administrator for whom access to at least some file system content is to be restricted according to the privacy policy.
  - 16. The computer program product of claim 10 further comprising:
    - program code for receiving an indication from a user to override a restriction on a remote administrator'"'"'s access to local file system content; and
      
      program code for responsive to the received indication, allowing the restricted access.
  - 17. The computer program product of claim 10 wherein the program code for enforcing the privacy policy further comprises:
    - program code for intercepting attempts by the at least one remote administrator to access local file system content; and
      
      program code for restricting the at least one remote administrator'"'"'s access to local file system content according to the security policy.
  - 18. The computer program product of claim 10 wherein the program code for enforcing the privacy policy further comprises:
    - program code for, prior to the at least one remote administration session by the at least one remote administrator, encrypting identified file system content; and
      
      program code for, after the at least one remote administration session by the at least one remote administrator, decrypting the identified file system content.

19. A computer system for protecting the privacy of identified local content while the computer system is being accessed by a remote administrator, the computer system comprising:
- means for running a remote administration manager on the local computer, wherein the remote administration manager is operable to automatically traverse the local computer and identify specific local computer content to which access is to be restricted in accordance with a privacy policy for the local computer, the local privacy policy being configurable by a user of the local computer;
  
  means for identifying, by the remote administration manager running on the local computer, the a locally configured privacy policy for the local computer, the privacy policy specifying at least one restrictive access level to prevent at least one remote administrator with administrator level access to the local computer from accessing specific local file system content during remote administration sessions;
  
  means for, during at least one remote administration session by the at least one remote administrator with administrator level access to the local computer, detecting, by the remote administration manager, an attempt by the at least one remote administrator to access the specific local file system content; and
  
  means for preventing, by the remote administration manager, the detected attempt by the at least one remote administrator to access the specific local file system content, thereby enforcing the local privacy policy.
- View Dependent Claims (20)
- - 20. The computer system of claim 19 wherein the means for enforcing the privacy policy further comprise:
    - means for intercepting attempts by the at least one remote administrator to access local file system content; and
      
      means for restricting the at least one remote administrator'"'"'s access to local file system content according to the security policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Hernacki, Brian, Satish, Sourabh, Brown, Timothy G.
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
WRIGHT, BRYAN F

Application Number

US11/963,701
Time in Patent Office

1,600 Days
Field of Search

726/1
US Class Current

726/26
CPC Class Codes

G06F 16/122 using management policies b...

G06F 21/6218 to a system of files or obj...

Privacy protection during remote administration

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Privacy protection during remote administration

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links