Securing data on untrusted devices

US 9,659,170 B2
Filed: 01/02/2015
Issued: 05/23/2017
Est. Priority Date: 01/02/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying, by a first process executing in an execution environment on a computing device, a command in an execution environment command queue, the command from a second process executing in the execution environment and indicating an action on secure data, the identifying based on a process ID of the second process or a pathname in the command, and wherein the identifying;

occurs before the execution environment obtains the command from the execution environment command queue for execution, andcomprises identifying an entry in the execution environment command queue associated with a secure storage location;

while the command remains in the execution environment command queue, determining whether the command is permitted based on the action and a user credential, the determining comprising;

accessing an access rules data store, the access rules data store comprising one or more rules associated with commands or user credentials; and

determining whether the command is permitted based on the command and the one or more rules; and

responsive to determining the command is not permitted, removing, by the first process, the command from the command queue before the execution environment obtains the command from the execution environment command queue for execution, the removing preventing the execution environment from executing the command.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One example method for securing data on untrusted devices includes the steps of identifying, by a first process, a command in a command queue, the command from a second process and comprising an action on secure data; determining whether the command is permitted based on the action and a user credential; and responsive to determining the command is not permitted, removing, by the first process, the command from the command queue.

36 Citations

View as Search Results

21 Claims

1. A method comprising:
- identifying, by a first process executing in an execution environment on a computing device, a command in an execution environment command queue, the command from a second process executing in the execution environment and indicating an action on secure data, the identifying based on a process ID of the second process or a pathname in the command, and wherein the identifying;
  
  occurs before the execution environment obtains the command from the execution environment command queue for execution, andcomprises identifying an entry in the execution environment command queue associated with a secure storage location;
  
  while the command remains in the execution environment command queue, determining whether the command is permitted based on the action and a user credential, the determining comprising;
  
  accessing an access rules data store, the access rules data store comprising one or more rules associated with commands or user credentials; and
  
  determining whether the command is permitted based on the command and the one or more rules; and
  
  responsive to determining the command is not permitted, removing, by the first process, the command from the command queue before the execution environment obtains the command from the execution environment command queue for execution, the removing preventing the execution environment from executing the command.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the secure storage location comprises a separately-mountable partition of a computer-readable medium.
  - 3. The method of claim 1, wherein the execution environment comprises an operating system.
  - 4. The method of claim 1, wherein the execution environment comprises an application server.
  - 5. The method of claim 1, wherein the execution environment comprises a virtual machine.
  - 6. The method of claim 1, further comprising, responsive to determining the command is permitted, not removing the command from the execution environment command queue.
  - 7. The method of claim 1, wherein the command comprises at least one of a save command, a save as command, an open command, a move command, a rename command, a print command, a copy command, a cut command, a paste command, an email command, a screenshot command, a rename command, or a share command.

8. A device comprising:
- a non-transitory computer-readable medium;
  
  a processor in communication with the non-transitory computer readable medium, the processor configured to;
  
  monitor, by a first process executed in an execution environment on a computing device, an execution environment command queue to identify commands from other processes executed in the execution environment, at least one of the commands indicating an action on secure data, the identifying based on process IDs of other processes or a pathnames in the commands;
  
  wherein the identifying;
  
  is configured to occur before the execution environment obtains the command from the execution environment command queue for execution, andcomprises identifying an entry in the execution environment command queue associated with a secure storage location;
  
  access one or more access rules to determine whether the at least one command is permitted;
  
  determining whether the at least one command is permitted based on the at least one command and the one or more rules; and
  
  responsive to a determination the command is not permitted, remove the command from the command queue before the execution environment obtains the command from the execution environment command queue for execution, the removing preventing the execution environment from executing the command.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The device of claim 8, wherein the processor is further configured to:
    - identify an entry in the command queue associated with a secure storage location, andidentify a software application based on the entry.
  - 10. The device of claim 9, wherein the processor is further configured to identify a path on a computer-readable medium for the secure storage location.
  - 11. The device of claim 9, wherein the secure storage location comprises a separately-mountable partition of a computer-readable medium.
  - 12. The device of claim 8, wherein the execution environment comprises one of an operating system, an application server, or a virtual machine.
  - 13. The device of claim 8, wherein the processor is further configured to not remove the command from the command queue if the command is permitted.
  - 14. The device of claim 8, wherein the command comprises at least one of a save command, a save as command, an open command, a move command, a rename command, a print command, a copy command, a cut command, a paste command, an email command, a screenshot command, a rename command, or a share command.

15. A non-transitory computer-readable medium comprising program code, the program code comprising monitoring software and access rules software executable by a processor in an execution environment, the monitoring software configured to:
- monitor an execution environment command queue to identify commands from other processes executed in the execution environment;
  
  identify a command indicating an action on secure data based on a process ID of one of the other processes or a pathname in the command;
  
  wherein the identifying;
  
  is configured to occur before the execution environment obtains the command from the execution environment command queue for execution, andcomprises identifying an entry in the execution environment command queue associated with a secure storage location;
  
  transmit a request to the access rules software to determine whether the command is permitted; and
  
  responsive to a response to the request indicating that the command is not permitted, remove the command from the command queue before the execution environment obtains the command from the execution environment command queue for execution, the removing preventing the execution environment from executing the command; and
  
  the access rules software configured to;
  
  access an access rules data store, the access rules data store configured to store one or more rules associated with commands or user credentials;
  
  receive requests to determine whether commands associated with the requests are permitted;
  
  determine whether the commands are permitted based on the respective request and the one or more rules; and
  
  transmit a response message to the respective request.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the monitoring software is further configured to:
    - identify an entry in the command queue associated with a secure storage location; and
      
      identify the command based on the entry.
  - 17. The non-transitory computer-readable medium of claim 16, wherein the secure storage location comprises a separately-mountable partition of a computer-readable medium.
  - 18. The non-transitory computer-readable medium of claim 15, wherein the secure data comprises data stored within a secure storage location, and wherein the monitoring software is further configured to identify an entry in the command queue associated with a process identifier of a process attempting to access the secure data to identify the command.
  - 19. The non-transitory computer-readable medium of claim 15, wherein the execution environment comprises one of an operating system, an application server, or a virtual machine.
  - 20. The non-transitory computer-readable medium of claim 15, wherein the monitoring software is further configured to, responsive to a determination that the command is permitted, not remove the command from the command queue.
  - 21. The non-transitory computer-readable medium of claim 15, wherein the command comprises at least one of a save command, a save as command, an open command, a move command, a rename command, a print command, a copy command, a cut command, a paste command, an email command, a screenshot command, a rename command, or a share command.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sv Capital, LLC
Original Assignee
Senteon LLC
Inventors
Chapman, III, Robert Scott
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US14/588,779
Publication Number

US 20160196442A1
Time in Patent Office

872 Days
Field of Search
US Class Current
CPC Class Codes

G06F 2009/45587   Isolation or security of vi...

G06F 21/53   by executing in a restricte...

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

G06F 2221/032   Protect output to user by s...

G06F 2221/2149   Restricted operating enviro...

G06F 9/45558   Hypervisor-specific managem...

Securing data on untrusted devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Securing data on untrusted devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links