Method and apparatus for securing information access

US 7,043,553 B2
Filed: 10/07/1999
Issued: 05/09/2006
Est. Priority Date: 10/07/1999
Status: Expired due to Term

First Claim

Patent Images

1. An apparatus for controlling operations by a client on a file stored on a network device, said apparatus comprising:

a first memory associated with the file, said first memory for storing a fixed file security status, said fixed file security status being either of a first type or of a second type, wherein said first type indicates that operations are not allowed on the file and said second type indicates that operations are allowed on the file;

a second memory associated with the file, said second memory for storing an active file security status, said active file security status being either of said first type or of said second type and changeable from said first type to said second type;

an independent verification routine having access to a security database listing clients and corresponding privileges, wherein said independent verification routine is enabled;

to determine whether the client has privilege to perform operations on the file based at least in part on an authorization credential from the client andto generate either a positive or a negative determination upon request; and

a request handler in communication with said first memory, said second memory, and said independent verification routine, wherein said request handler is enabled;

to receive a request from the client to open the file;

to transmit a file descriptor to the client;

to copy said fixed file security status from said first memory to said second memory as said active file security status;

to determine whether said active file security status is of said first type or of said second type;

when said active file security status is determined to be of said second type;

to receive a request from the client to perform an operation on the file;

to determine that said active file security status is of said second type; and

to perform the operation requested by the client on the file;

andwhen said active file security status is determined to be of said first type;

to receive said authorization credential from the client;

to pass said authorization credential to said independent verification routine;

to receive a positive determination from said independent verification routine that the client has privilege to perform operations on the file;

to change said active file security status from said first type to said second type;

to receive a request from the client to perform an operation on the file;

to determine that said active file security status is of said second type; and

to perform the operation requested by the client on the file.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for protecting secured files stored on a file system employs a file security status associated with each file to signal whether or not access to the file is allowed. The file security status is stored in a fixed location in memory. Upon opening the associated file, the file security status is copied to a second location in memory. Depending upon the file security status stored in the second location, operations on the file by a client are either allowed or denied. Operations on non-secure files are always allowed. Operations on secured files are allowed only after verification of the client'"'"'s authorization to access the file and the subsequent modification of the file security status stored in the second memory location. The method protects secured files from deletion by unauthorized clients. This is accomplished by, upon opening a secure file, initializing a third memory location to a value indicating that the file will not be deleted upon closing. This value may be changed by an authorized client only after going through the above-described verification process. Once the value has been changed to reflect that the file should be deleted when closed, the file will be deleted when closed. A method for creating a new secure file is also provided.

60 Citations

View as Search Results

13 Claims

1. An apparatus for controlling operations by a client on a file stored on a network device, said apparatus comprising:
- a first memory associated with the file, said first memory for storing a fixed file security status, said fixed file security status being either of a first type or of a second type, wherein said first type indicates that operations are not allowed on the file and said second type indicates that operations are allowed on the file;
  
  a second memory associated with the file, said second memory for storing an active file security status, said active file security status being either of said first type or of said second type and changeable from said first type to said second type;
  
  an independent verification routine having access to a security database listing clients and corresponding privileges, wherein said independent verification routine is enabled;
  
  to determine whether the client has privilege to perform operations on the file based at least in part on an authorization credential from the client andto generate either a positive or a negative determination upon request; and
  
  a request handler in communication with said first memory, said second memory, and said independent verification routine, wherein said request handler is enabled;
  
  to receive a request from the client to open the file;
  
  to transmit a file descriptor to the client;
  
  to copy said fixed file security status from said first memory to said second memory as said active file security status;
  
  to determine whether said active file security status is of said first type or of said second type;
  
  when said active file security status is determined to be of said second type;
  
  to receive a request from the client to perform an operation on the file;
  
  to determine that said active file security status is of said second type; and
  
  to perform the operation requested by the client on the file;
  
  andwhen said active file security status is determined to be of said first type;
  
  to receive said authorization credential from the client;
  
  to pass said authorization credential to said independent verification routine;
  
  to receive a positive determination from said independent verification routine that the client has privilege to perform operations on the file;
  
  to change said active file security status from said first type to said second type;
  
  to receive a request from the client to perform an operation on the file;
  
  to determine that said active file security status is of said second type; and
  
  to perform the operation requested by the client on the file.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus of claim 1, further comprising a third memory associated with the file, said third memory for storing a delete-on-close status, said delete-on-close status initially set to a first value and changeable to a second value,wherein said first value indicates that the file will not be deleted upon closing and the second value indicates that the file will be deleted upon closing.
  - 3. The apparatus of claim 2, wherein said first memory is a non-volatile random-access memory and said second memory and third memory are in a file entry.
  - 4. The apparatus of claim 3, wherein said first memory, said second memory, and said third memory comprise single bits.

5. A method for controlling operations by a client on a file stored on a network device having a first memory associated with the file and a second memory associated with the file, wherein the first memory stores a fixed file security status being either of a first type or of a second type and the second memory stores an active file security status being either of the first type or of the second type and changeable from the first type to the second type and wherein the first type indicates that operations are not allowed on the file and the second type indicates that operations are allowed on the file, the method comprising:
- receiving a request from the client to open the file;
  
  transmitting a file descriptor to the client;
  
  copying the fixed file security status from the first memory to the second memory as the active file security status;
  
  determining whether the active file security status is of the first type or of the second type;
  
  when the active file security status is determined to be of the second type;
  
  receiving a request from the client to perform an operation on the file;
  
  determining that the active file security status is of the second type; and
  
  performing the requested by the client on the file;
  
  andwhen the active file security status is determined to be of the first type;
  
  receiving an authorization credential from the client;
  
  passing the authorization credential to an independent verification routine that determines whether the client has privilege to perform operations on the file;
  
  receiving a positive determination from the independent verification routine that the client has privilege to perform operations on the file;
  
  changing the active file security status from the first type to the second type;
  
  receiving a request from the client to perform an operation on the file;
  
  determining that the active file security status is of the second type; and
  
  performing the operation requested by the client on the file.
- View Dependent Claims (6, 7)
- - 6. The method as defined in claim 5, wherein when the active file security status is determined to be of the first type and before changing the active file security status, the method further comprises:
    - receiving a request from the client to perform an operation on the file; and
      
      returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.
  - 7. The method as defined in claim 6, wherein when the active file security status is determined to be of the first type and after passing the authorization credential, the method further comprises:
    - receiving a negative determination from the independent verification routine that the client has no privilege to perform operations on the file;
      
      receiving a request from the client to perform an operation on the file; and
      
      returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.

8. An apparatus for controlling operations by a client on a file stored on a network device having a first memory associated with the file and a second memory associated with the file, wherein the first memory stores a fixed file security status being either of a first type or of a second type and the second memory stores an active file security status being either of the first type or of the second type and changeable from the first type to the second type and wherein the first type indicates that operations are not allowed on the file and the second type indicates that operations are allowed on the file, the apparatus comprising:
- means for receiving a request from the client to open the file;
  
  means for transmitting a file descriptor to the client;
  
  means for copying the fixed file security status from the first memory to the second memory as the active file security status;
  
  means for determining whether the active file security status is of the first type or of the second type;
  
  when the active file security status is determined to be of the second type;
  
  means for receiving a request from the client to perform an operation on the file;
  
  means for determining that the active file security status is of the second type; and
  
  means for performing the operation requested by the client on the file;
  
  andwhen the active file security status is determined to be of the first type;
  
  means for receiving an authorization credential from the client;
  
  means for passing the authorization credential to an independent verification routine that determines whether the client has privilege to perform operations on the file;
  
  means for receiving a positive determination from the independent verification routine that the client has privilege to perform operations on the file;
  
  means for changing the active file security status from the first type to the second type;
  
  means for receiving a request from the client to perform an operation on the file;
  
  means for determining that the active file security status is of the second type; and
  
  means for performing the operation requested by the client on the file.
- View Dependent Claims (9, 10)
- - 9. The apparatus as defined in claim 8, wherein when the active file security status is determined to be of the first type and before the active file security status has been changed, the apparatus further comprises:
    - means for receiving a request from the client to perform an operation on the file; and
      
      means for returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.
  - 10. The apparatus as defined in claim 8, wherein when the active file security status is determined to be of the first type and after the authorization credential has been passed, the apparatus further comprises:
    - means for receiving a negative determination from the independent verification routine that the client has no privilege to perform operations on the file;
      
      means for receiving a request from the client to perform an operation on the file; and
      
      means for returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.

11. A computer-readable medium having stored thereon computer-executable instructions for performing a method for controlling operations by a client on a file stored on a network device having a first memory associated with the file and a second memory associated with the file, wherein the first memory stores a fixed file security status being either of a first type or of a second type and the second memory stores an active file security status being either of the first type or of the second type and changeable from the first type to the second type and wherein the first type indicates that operations are not allowed on the file and the second type indicates that operations are allowed on the file, the method comprising:
- receiving a request from the client to open the file;
  
  transmitting a file descriptor to the client;
  
  copying the fixed file security status from the first memory to the second memory as the active file security status;
  
  determining whether the active file security status is of the first type or of the second type;
  
  when the active file security status is determined to be of the second type;
  
  receiving a request from the client to perform an operation on the file;
  
  determining that the active file security status is of the second type; and
  
  performing the operation requested by the client on the file;
  
  andwhen the active file security status is determined to be of the first type;
  
  receiving an authorization credential from the client;
  
  passing the authorization credential to an independent verification routine that determines whether the client has privilege to perform operations on the file;
  
  receiving a positive determination from the independent verification routine that the client has privilege to perform operations on the file;
  
  changing the active file security status from the first type to the second type;
  
  receiving a request from the client to perform an operation on the file;
  
  determining that the active file security status is of the second type; and
  
  performing the operation requested by the client on the file.
- View Dependent Claims (12, 13)
- - 12. The computer-readable medium as defined in claim 11, wherein when the active file security status is determined to be of the first type and before changing the active file security status, the method further comprises:
    - receiving a request from the client to perform an operation on the file; and
      
      returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.
  - 13. The computer-readable medium as defined in claim 11, wherein when the active file security status is determined to be of the first type and after passing the authorization credential, the method further comprises:
    - receiving a negative determination from the independent verification routine that the client has no privilege to perform operations on the file;
      
      receiving a request from the client to perform an operation on the file; and
      
      returning an error message to the client indicating a refusal to perform the operation requested by the client on the file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Monsen, Robert Charles, Mamillapalli, Sudhakar, Liu, Xiaoyi
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
WON, MICHAEL YOUNG

Application Number

US09/414,995
Publication Number

US 20030050962A1
Time in Patent Office

2,406 Days
Field of Search

713/202, 713/165, 713/166, 709/216, 709/225, 709/229, 709/246, 711/147, 711/164, 710/36, 707/8, 707/9, 707/10
US Class Current

709/229
CPC Class Codes

G06F 21/6272   by registering files or doc...

Y10S 707/99938   Concurrency, e.g. lock mana...

Y10S 707/99939   Privileged access

Method and apparatus for securing information access

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing information access

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links