Method and system for providing restricted access to a storage medium
DC CAFCFirst Claim
Patent Images
1. A method for applying an operation access privilege to a storage medium, comprises:
- associating an access privilege with at least a portion of the storage medium;
intercepting an attempted operation on said at least a portion of the storage medium,wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation;
comparing the attempted operation to the access privilege; and
allowing, or denying the attempted operation based on comparing the attempted operation to the access privilegewherein at least one of;
said associating, said allowing, or said denying is based on enforcing a policy.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
A method of restricting file access is disclosed wherein a set of file write access commands are determined from data stored within a storage medium. The set of file write access commands are for the entire storage medium. Any matching file write access command provided to the file system for that storage medium results in an error message. Other file write access commands are, however, passed onto a device driver for the storage medium and are implemented. In this way commands such as file delete and file overwrite can be disabled for an entire storage medium.
337 Citations
60 Claims
-
1. A method for applying an operation access privilege to a storage medium, comprises:
-
associating an access privilege with at least a portion of the storage medium; intercepting an attempted operation on said at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation; comparing the attempted operation to the access privilege; and allowing, or denying the attempted operation based on comparing the attempted operation to the access privilege wherein at least one of;
said associating, said allowing, or said denying is based on enforcing a policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for intercepting attempted access to at least a portion of a storage medium, comprises:
-
receiving at least one of an attempted access operation to gain access to or from, or an attempted write operation to write data to, the at least a portion of the storage medium; intercepting at least one of said attempted access operation or said attempted write operation, prior to permitting or not permitting said operation on the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation; determining whether the attempted operation is permitted based upon at least one of a privilege, a policy, a rule, or a determination; and permitting, or not permitting the attempted operation based on said determining whether the attempted operation is permitted wherein said at least one permitting or not permitting is based on enforcing said at least one privilege, policy, rule or determination. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 60)
-
-
52. A method for intercepting an attempted download of data to at least a portion of a storage medium, comprising:
-
receiving at least one attempted download operation to receive the data to store the data on the at least a portion of the storage medium; intercepting the at least one attempted download operation, prior to permitting the at least one attempted download operation on the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation; determining whether the at least one attempted download operation is permitted based upon analysis of the content of the data, wherein the analysis identifies harmful content comprising at least one of; a computer virus, malware, adware, spyware, a computer worm, a harmful file, inappropriate content, or a malicious file; and permitting, or not permitting the at least one attempted download operation based on said determining. - View Dependent Claims (53)
-
-
54. A method for intercepting an attempted operation on at least a portion of a storage medium, comprising:
-
receiving at least one attempted operation to operate on data with respect to the at least a portion of the storage medium; intercepting said at least one attempted operation, prior to permitting said at least one attempted operation with respect to the at least a portion of the storage medium, wherein said intercepting occurs regardless of an identity of a user attempting the attempted operation; determining whether the at least one attempted operation is permitted based upon analysis of the content of the data, wherein the analysis identifies content comprising at least one of; a social security number, a credit card number, other private personal information, harmful content, a computer virus, malware, adware, spyware, a computer worm, a harmful file, inappropriate content, or a malicious file; and permitting, or not permitting the attempted operation based on said determining. - View Dependent Claims (55, 56, 57, 58, 59)
-
Specification