System for and methods of controlling user access and/or visibility to directories and files of a computer
First Claim
1. A method for controlling user access to directories and files of a computer, the method comprising:
- storing a plurality of file whitelists in memory, wherein each file whitelist identifies one or more users and one or more files accessible by the users;
executing instructions stored in memory, wherein execution of the instructions by a processor;
determines that an administrator has performed an act of publishing one or more previously unpublished files, wherein the act of publishing specifies that the previously unpublished files are to be published to one or more users, andidentifies which of the plurality of file whitelists are associated with the specified users; and
automatically adding, based on the act of publishing to the specified users, the previously unpublished files to one or more file whitelists identified as being associated with the specified users, wherein the identified file whitelists are updated with the previously unpublished files.
4 Assignments
0 Petitions
Accused Products
Abstract
A system includes a file access manager driver and a kernel file system driver stack in a kernel-mode address space of an operating system (OS). The system also includes session processes, a public file whitelist; a public file whitelist manager; a user/group file whitelist, which is a private whitelist; and a user/group file whitelist manager in a user-mode address space of the OS. A method includes receiving a request for access and/or visibility to a directory and/or file and then determining whether the request is allowed to execute based on whether the file access manager driver identifies that the directory and/or file is allowed in either public or private whitelists.
143 Citations
17 Claims
-
1. A method for controlling user access to directories and files of a computer, the method comprising:
-
storing a plurality of file whitelists in memory, wherein each file whitelist identifies one or more users and one or more files accessible by the users; executing instructions stored in memory, wherein execution of the instructions by a processor; determines that an administrator has performed an act of publishing one or more previously unpublished files, wherein the act of publishing specifies that the previously unpublished files are to be published to one or more users, and identifies which of the plurality of file whitelists are associated with the specified users; and automatically adding, based on the act of publishing to the specified users, the previously unpublished files to one or more file whitelists identified as being associated with the specified users, wherein the identified file whitelists are updated with the previously unpublished files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus for controlling user access to directories and files of a computer, the apparatus comprising:
-
memory for storing a plurality of file whitelists, wherein each file whitelist identifies one or more users and one or more files accessible by the users; a processor for executing instructions stored in memory, wherein execution of the instructions by the processor; determines that an administrator has performed an act of publishing one or more previously unpublished files, wherein the act of publishing specifies that the previously unpublished files are to be published to one or more users, and identifies which of the plurality of file whitelists are associated with the specified users, wherein the one or more file whitelists identified as being associated with the specified users stored in memory are updated by automatic addition, based on the act of publishing to the specified users, of the previously unpublished files. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium, having embodied thereon a program executable by a processor to perform a method for controlling user access to directories and files of a computer, the method comprising:
-
storing a plurality of file whitelists, wherein each file whitelist identifies one or more users and one or more files accessible by the users; determining that an administrator has performed an act of publishing one or more previously unpublished files, wherein the act of publishing specifies that the previously unpublished files are to be published to one or more users; identifying which of the plurality of file whitelists are associated with the specified users; and automatically adding, based on the act of publishing to the specified users, the previously unpublished files to one or more file whitelists identified as being associated with the specified users, wherein the identified file whitelists are updated with the previously unpublished files.
-
Specification