System for and methods of controlling user access and/or visibility to directories and files of a computer
First Claim
1. A method for controlling user access to directories and files of a computer, the method comprising:
- receiving an user/group file whitelist, wherein the received user/group file whitelist is stored in a data storage medium and comprises published directories and/or files associated with a group of one or more users;
determining that an administrator has performed an act of publishing one or more previously unpublished directories and/or files, wherein the act of publishing specifies that the previously unpublished directories and/or files are to be published to the group of one or more users that is associated with the stored user/group file whitelist;
authenticating a user as belonging to the specified group of one or more users to whom the previously unpublished directories and/or files are published; and
automatically adding, based on the act of publishing to the specified group, the previously unpublished directories and/or files to the stored user/group file whitelist, wherein the stored user/group file whitelist in the data storage medium is updated with the previously unpublished directories and/or files.
5 Assignments
0 Petitions
Accused Products
Abstract
A system includes a file access manager driver and a kernel file system driver stack in a kernel-mode address space of an operating system (OS). The system also includes session processes, a public file whitelist; a public file whitelist manager; a user/group file whitelist, which is a private whitelist; and a user/group file whitelist manager in a user-mode address space of the OS. A method includes receiving a request for access and/or visibility to a directory and/or file and then determining whether the request is allowed to execute based on whether the file access manager driver identifies that the directory and/or file is allowed in either public or private whitelists.
-
Citations
20 Claims
-
1. A method for controlling user access to directories and files of a computer, the method comprising:
-
receiving an user/group file whitelist, wherein the received user/group file whitelist is stored in a data storage medium and comprises published directories and/or files associated with a group of one or more users; determining that an administrator has performed an act of publishing one or more previously unpublished directories and/or files, wherein the act of publishing specifies that the previously unpublished directories and/or files are to be published to the group of one or more users that is associated with the stored user/group file whitelist; authenticating a user as belonging to the specified group of one or more users to whom the previously unpublished directories and/or files are published; and automatically adding, based on the act of publishing to the specified group, the previously unpublished directories and/or files to the stored user/group file whitelist, wherein the stored user/group file whitelist in the data storage medium is updated with the previously unpublished directories and/or files. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for controlling user access to directories and files of a computer, comprising:
-
a communication network for receiving an user/group file whitelist comprising published directories and/or files associated with a group of one or more users; a data storage medium for storing the received user/group file whitelist; and a processor for executing instructions stored in memory, wherein the execution of the instructions by the processor; determines that an administrator has performed an act of publishing one or more previously unpublished directories and/or files, wherein the act of publishing specifies that the previously unpublished directories and/or files are to be published to the group of one or more users that is associated with the user/group file whitelist; authenticates a user as belonging to the specified group of one or more users to whom the previously unpublished directories and/or files are published; and automatically adds, based on the act of publishing to the specified group, the previously unpublished directories and/or files to the user/group file whitelist, wherein the stored user/group file whitelist in the data storage medium is updated with the previously unpublished directories and/or files. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium having embodied thereon a program executable by a processor to perform a method for controlling user access to directories and files of a computer, the method comprising:
-
receiving an user/group file whitelist, wherein the received user/group file whitelist comprises directories and/or files associated with a group of one or more users; determining that an administrator has performed an act of publishing one or more previously unpublished directories and/or files, wherein the act of publishing specifies that the previously unpublished directories and/or files are to be published to the group of one or more users that is associated with the stored user/group file whitelist; authenticating a user as belonging to the specified group of one or more users to whom the previously unpublished directories and/or files are published; and automatically adding, based on the act of publishing to the specified group, the previously unpublished directories and/or files to the stored user/group file whitelist, wherein the stored user/group file whitelist is updated with the previously unpublished directories and/or files. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification