JP6511161B2 - データファイルの保護 - Google Patents

データファイルの保護 Download PDF

Info

Publication number
JP6511161B2
JP6511161B2 JP2017557316A JP2017557316A JP6511161B2 JP 6511161 B2 JP6511161 B2 JP 6511161B2 JP 2017557316 A JP2017557316 A JP 2017557316A JP 2017557316 A JP2017557316 A JP 2017557316A JP 6511161 B2 JP6511161 B2 JP 6511161B2
Authority
JP
Japan
Prior art keywords
data file
user
file
computer
storage area
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2017557316A
Other languages
English (en)
Japanese (ja)
Other versions
JP2018522320A5 (enExample
JP2018522320A (ja
Inventor
リン・チャンシオン
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority claimed from PCT/US2016/033334 external-priority patent/WO2016196030A1/en
Publication of JP2018522320A publication Critical patent/JP2018522320A/ja
Publication of JP2018522320A5 publication Critical patent/JP2018522320A5/ja
Application granted granted Critical
Publication of JP6511161B2 publication Critical patent/JP6511161B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • G06F16/122File system administration, e.g. details of archiving or snapshots using management policies
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Human Computer Interaction (AREA)
  • Automation & Control Theory (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
JP2017557316A 2015-06-02 2016-05-19 データファイルの保護 Active JP6511161B2 (ja)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
CN201510295401.9A CN106295386B (zh) 2015-06-02 2015-06-02 数据文件的保护方法、装置及终端设备
CN201510295401.9 2015-06-02
US15/158,423 US10114962B2 (en) 2015-06-02 2016-05-18 Generating a stub file corresponding to a classified data file
US15/158,423 2016-05-18
PCT/US2016/033334 WO2016196030A1 (en) 2015-06-02 2016-05-19 Protecting data files

Publications (3)

Publication Number Publication Date
JP2018522320A JP2018522320A (ja) 2018-08-09
JP2018522320A5 JP2018522320A5 (enExample) 2019-01-31
JP6511161B2 true JP6511161B2 (ja) 2019-05-15

Family

ID=57451866

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2017557316A Active JP6511161B2 (ja) 2015-06-02 2016-05-19 データファイルの保護

Country Status (6)

Country Link
US (2) US10114962B2 (enExample)
EP (1) EP3304275B1 (enExample)
JP (1) JP6511161B2 (enExample)
KR (1) KR102037656B1 (enExample)
CN (1) CN106295386B (enExample)
TW (1) TWI690821B (enExample)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109726041B (zh) * 2017-10-27 2023-09-08 伊姆西Ip控股有限责任公司 恢复虚拟机磁盘中的文件的方法、设备和计算机可读介质
US11353039B2 (en) * 2018-09-04 2022-06-07 Hyland Uk Operations Limited System and method for handling digital content governance in an organization
US11841961B2 (en) * 2020-07-02 2023-12-12 International Business Machines Corporation Management of computing secrets
US11704278B2 (en) 2020-12-04 2023-07-18 International Business Machines Corporation Intelligent management of stub files in hierarchical storage
US11983291B2 (en) * 2020-12-14 2024-05-14 International Business Machines Corporation Policy-driven views of datasets
KR102525655B1 (ko) * 2020-12-31 2023-04-25 (주)나무소프트 문서 저장 제어 방법
CN115086308B (zh) * 2022-04-27 2023-10-20 上海上讯信息技术股份有限公司 一种基于rdp的数据传输的控制方法及设备
CH720073B1 (de) * 2022-09-30 2025-01-31 Supertext Ag Cloud-basierter server-computer, verfahren und computerprogrammprodukt zur bearbeitung eines sicheren elektronischen dokuments
US12380066B2 (en) 2023-08-24 2025-08-05 RapidFort, Inc. System and method for selecting instrumentation technique

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006260176A (ja) * 2005-03-17 2006-09-28 Ex's Annex:Kk 機密文書管理方法及び機密文書管理システム
US7506003B2 (en) * 2005-07-14 2009-03-17 Microsoft Corporation Moving data from file on storage volume to alternate location to free space
CN101187994A (zh) * 2006-11-17 2008-05-28 鸿富锦精密工业(深圳)有限公司 文件打印管控系统及方法
JP2008191838A (ja) * 2007-02-02 2008-08-21 Hitachi Electronics Service Co Ltd 情報管理システム
EP2109835A4 (en) * 2007-02-05 2011-06-08 Moonwalk Universal Pty Ltd DATA MANAGEMENT SYSTEM
US20110040812A1 (en) * 2007-12-20 2011-02-17 Virtual Computer, Inc. Layered Virtual File System
JP2010266933A (ja) * 2009-05-12 2010-11-25 Ri Co Ltd ドキュメント管理プログラム、ドキュメント管理システム及びドキュメント管理方法
US20100332401A1 (en) 2009-06-30 2010-12-30 Anand Prahlad Performing data storage operations with a cloud storage environment, including automatically selecting among multiple cloud storage sites
US8620879B2 (en) 2009-10-13 2013-12-31 Google Inc. Cloud based file storage service
US8694469B2 (en) 2009-12-28 2014-04-08 Riverbed Technology, Inc. Cloud synthetic backups
AU2011235075B2 (en) 2010-03-31 2015-10-01 Security First Corp. Systems and methods for securing data in motion
WO2011142996A2 (en) * 2010-05-09 2011-11-17 Madhav Chinta Methods and systems for forcing an application to store data in a secure storage location
US8601498B2 (en) 2010-05-28 2013-12-03 Security First Corp. Accelerator system for use with secure data storage
JP5608811B2 (ja) * 2010-09-17 2014-10-15 株式会社日立製作所 情報処理システムの管理方法、及びデータ管理計算機システム
CN102004886B (zh) * 2010-11-15 2012-07-25 上海安纵信息科技有限公司 一种基于操作系统虚拟化原理的数据防泄漏方法
US20120290926A1 (en) * 2011-05-12 2012-11-15 Infinote Corporation Efficient document management and search
CN102254117B (zh) 2011-07-07 2013-10-02 胡建斌 一种基于虚拟化技术的数据防泄密系统
US8626714B1 (en) * 2011-09-07 2014-01-07 Symantec Corporation Automated separation of corporate and private data for backup and archiving
US20130110967A1 (en) * 2011-11-01 2013-05-02 Hitachi, Ltd. Information system and method for managing data in information system
CN102592102B (zh) 2011-12-31 2014-09-17 深信服网络科技(深圳)有限公司 一种终端防泄密控制方法及终端
US8736551B2 (en) * 2012-07-12 2014-05-27 Atmel Corporation Touch-sensor-controller sensor hub
CN102882923B (zh) * 2012-07-25 2015-04-15 北京亿赛通科技发展有限责任公司 移动终端安全存储系统及方法
US9185114B2 (en) * 2012-12-05 2015-11-10 Symantec Corporation Methods and systems for secure storage segmentation based on security context in a virtual environment
US9319265B2 (en) * 2013-02-22 2016-04-19 Hitachi Data Systems Engineering UK Limited Read ahead caching of data from cloud storage and method thereof
CN103620606B (zh) * 2013-06-20 2017-10-10 华为技术有限公司 存储检测装置、系统及存储检测方法
CN103942492B (zh) 2014-03-04 2016-09-21 中天安泰(北京)信息技术有限公司 单机版数据黑洞处理方法及计算设备

Also Published As

Publication number Publication date
KR102037656B1 (ko) 2019-11-26
CN106295386B (zh) 2021-04-27
US10114962B2 (en) 2018-10-30
EP3304275A4 (en) 2019-01-09
TW201702925A (zh) 2017-01-16
KR20170133485A (ko) 2017-12-05
JP2018522320A (ja) 2018-08-09
US20190087596A1 (en) 2019-03-21
EP3304275B1 (en) 2020-07-22
TWI690821B (zh) 2020-04-11
CN106295386A (zh) 2017-01-04
US20160357978A1 (en) 2016-12-08
EP3304275A1 (en) 2018-04-11

Similar Documents

Publication Publication Date Title
JP6511161B2 (ja) データファイルの保護
US10616194B2 (en) Secure data destruction in a distributed environment using key protection mechanisms
US10178077B2 (en) Preventing persistent storage of cryptographic information using signaling
US10210085B2 (en) Leveraging non-volatile memory for persisting data
US9172724B1 (en) Licensing and authentication with virtual desktop manager
CN101589397B (zh) Usb令牌上的密钥容器
CN103617399B (zh) 一种数据文件保护方法及装置
US11032319B1 (en) Systems and methods for preparing honeypot computer files
US9405925B2 (en) Content item encryption on mobile devices
EA012863B1 (ru) Устройство и система управления компьютерным сеансом
JP2009518702A (ja) 安全な作業環境を提供する、仮想インターフェースを利用するデバイス
CN103577761A (zh) 一种在移动设备中处理隐私数据的方法和装置
US20230076870A1 (en) Protections for sensitive content items in a content management system
US9887979B1 (en) Systems and methods for enabling users to launch applications without entering authentication credentials
US10223538B1 (en) Preventing persistent storage of cryptographic information
JP7730237B2 (ja) コンピュータ実装方法、コンピュータ・システム、コンピュータ・プログラム、及びコンピュータ可読媒体
KR102522217B1 (ko) 보안 저장 영역의 데이터를 백업하고 시간 정보를 포함하는 백업된 데이터에 기초하여 복원을 수행하는 장치
WO2016196030A1 (en) Protecting data files
Raj et al. A survey on data loss prevention techniques
CN120354442A (zh) 基于已更改数据的分类进行访问控制
KR20210043069A (ko) 복수의 스토리지를 이용한 보안정보 저장 시스템
EP2930607A1 (en) Method and apparatus for increasing available portable memory storage space

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20171227

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20171227

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20181128

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20181214

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20181214

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20181218

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20181225

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20190308

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20190319

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20190405

R150 Certificate of patent or registration of utility model

Ref document number: 6511161

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250