Securing temporary data on untrusted devices
First Claim
Patent Images
1. A method comprising:
- intercepting a first command to open a data file from a software application;
prior to opening the data file, copying the data file to a first partition;
opening the copied data file on the first partition by the software application and not opening the data file;
after opening the copied data file, intercepting a file command from the software application, the file command comprising a save command or a read command, and indicating a temporary data file, the temporary data file associated with the copied data file;
determining whether the file command is directed to the temporary data file;
responsive to determining the file command is directed to the temporary data file;
if the file command is a save command, encrypting data associated with the save command and writing the encrypted data to the temporary data file, andif the file command is a read command, decrypting data associated with the read command and providing the decrypted data to the software application; and
in response to intercepting a command to close the copied data file from the software application;
closing the copied data file;
replacing the data file with the copied data file; and
deleting the copied data file on the first partition and the temporary data file.
2 Assignments
0 Petitions
Accused Products
Abstract
One example method for securing data on untrusted devices includes the steps of intercepting a file command from a software application, the file command comprising a save command or a read command, and indicating a data file; determining whether the data file is a temporary data file; responsive to determining the data file is a temporary data file: if the command is a save command, encrypting data associated with the save command and writing the encrypted data to the temporary data file, if the command is a read command, decrypting data associated with the read command and providing the decrypted data to the software application.
-
Citations
15 Claims
-
1. A method comprising:
-
intercepting a first command to open a data file from a software application; prior to opening the data file, copying the data file to a first partition; opening the copied data file on the first partition by the software application and not opening the data file; after opening the copied data file, intercepting a file command from the software application, the file command comprising a save command or a read command, and indicating a temporary data file, the temporary data file associated with the copied data file; determining whether the file command is directed to the temporary data file; responsive to determining the file command is directed to the temporary data file; if the file command is a save command, encrypting data associated with the save command and writing the encrypted data to the temporary data file, and if the file command is a read command, decrypting data associated with the read command and providing the decrypted data to the software application; and in response to intercepting a command to close the copied data file from the software application; closing the copied data file; replacing the data file with the copied data file; and deleting the copied data file on the first partition and the temporary data file. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a non-transitory computer-readable medium; a processor in communication with the non-transitory computer readable medium, the processor configured to execute processor-executable instructions stored in the non-transitory computer-readable medium to; intercept a first command to open a data file from a software application; prior to opening the data file, copy the data file to a first partition; open the copied data file on the first partition by the software application and not open the data file; after opening the copied data file, intercept a file command from the a software application, the file command comprising a save command or a read command, and indicating a temporary data file, the temporary data file associated with the copied data file; determine whether the file command is directed to the temporary data file is a temporary data file; responsive to a determination the file command is directed to the data file is a temporary data file; if the file command is a save command, encrypt data associated with the save command and write the encrypted data to the temporary data file; and if the file command is a read command, decrypt data associated with the read command and provide the decrypted data to the software application; and in response to intercepting a command to close the copied data file from the software application; close the copied data file; replace the data file with the copied data file; and delete the copied data file on the first partition and the temporary data file. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable medium comprising processor-executable instructions configured to cause a processor to:
-
intercept a first command to open a data file from a software application; prior to opening the data file, copy the data file to a first partition; open the copied data file on the first partition by the software application and not open the data file; after opening the copied data file, intercept a file command from the software application, the file command comprising a save command or a read command, and indicating a temporary data file, the temporary data file associated with the copied data file; determine whether the file command is directed to the temporary data file; responsive to a determination the file command is directed to the temporary data file; if the file command is a save command, encrypt data associated with the save command and write the encrypted data to the temporary data file; and if the file command is a read command, decrypt data associated with the read command and provide the decrypted data to the software application; and in response to intercepting a command to close the copied data file from the software application; close the copied data file; replace the data file with the copied data file; and delete the copied data file on the first partition and the temporary data file. - View Dependent Claims (12, 13, 14, 15)
-
Specification