CA2525249A1 - Distributed filesystem network security extension - Google Patents
Distributed filesystem network security extension Download PDFInfo
- Publication number
- CA2525249A1 CA2525249A1 CA002525249A CA2525249A CA2525249A1 CA 2525249 A1 CA2525249 A1 CA 2525249A1 CA 002525249 A CA002525249 A CA 002525249A CA 2525249 A CA2525249 A CA 2525249A CA 2525249 A1 CA2525249 A1 CA 2525249A1
- Authority
- CA
- Canada
- Prior art keywords
- file
- port
- access
- logic
- secure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000005540 biological transmission Effects 0.000 claims abstract 11
- 238000000034 method Methods 0.000 claims 14
- 230000000977 initiatory effect Effects 0.000 claims 2
- 239000004576 sand Substances 0.000 claims 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and reconfigures the server ports to accept a re-mount from the client via a more secure port. The server reconfigured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from unauthorized capture during transmission to the client system.
Claims (20)
1. A method for providing security for transmission of at least a first file, the method being for use in a data processing system comprising (1) a storage medium on which is stored said at least a first file having a preset access permission, (2) at least a first standard port and a second secure port for connecting said data processing system to external client systems, and (3) logic for selectively routing transmission of said at least one file via said first port and said second port, said method comprising:
responsive to a request for access to said first file by said external client system, checking said preset access permission of said first file; and when said preset access permission of said first file indicates secured access is required for said first file, dynamically routing a transmission of said first file to external client system via said second port.
responsive to a request for access to said first file by said external client system, checking said preset access permission of said first file; and when said preset access permission of said first file indicates secured access is required for said first file, dynamically routing a transmission of said first file to external client system via said second port.
2. The method of Claim 1, further comprising:
routing said transmission of said first file via said first standard port when said preset access permission indicates a regular access is sufficient.
routing said transmission of said first file via said first standard port when said preset access permission indicates a regular access is sufficient.
3. The method of Claim 1, further comprising:
enabling a first mount of said data processing system via said first standard port; and enabling a second mount of said data processing system via said second secure port only when said first file requires secured access.
enabling a first mount of said data processing system via said first standard port; and enabling a second mount of said data processing system via said second secure port only when said first file requires secured access.
4. The method of Claim 1, wherein said data processing system further comprises an encryption module associated with said second secured port, said dynamic routing step comprising:
first encrypting said first file utilising said encryption module.
first encrypting said first file utilising said encryption module.
5. The method of Claim 1, wherein said data processing system further comprises reconfiguration logic for configuring said first standard port and said second secured port for supporting a mount by said client system, said dynamic routing step comprising:
first configuring said second secure port to support a remount operation received from said client system;
terminating a current mount on said first standard port with said client system; and storing session parameters of said current mount to enable seamless continuation of said session on said second secure port.
first configuring said second secure port to support a remount operation received from said client system;
terminating a current mount on said first standard port with said client system; and storing session parameters of said current mount to enable seamless continuation of said session on said second secure port.
6. The method of Claim 5, wherein said configuring and storing step includes:
retrieving an IP address of sand client system;
placing said IP address in a configuration of said second secure port, wherein said second secure port automatically recognises a remount operation from said client system and re-establishes the session with said client system.
retrieving an IP address of sand client system;
placing said IP address in a configuration of said second secure port, wherein said second secure port automatically recognises a remount operation from said client system and re-establishes the session with said client system.
7. The method of Claim 1, wherein said preset access permission is a bit within metadata linked to said first file and said method further comprises reading a value of said bit to evaluate whether said first file requires secure access.
8. The method of Claim 1, wherein said preset access permission includes an identification of which specific users are permitted to access said first file via a secured access, said method further comprising:
comparing a user of said client system with said specific users with permission to access said file; and when said user is one of said specific users, automatically initiating a re-routing of a transmission of said first file via said second secure port.
comparing a user of said client system with said specific users with permission to access said file; and when said user is one of said specific users, automatically initiating a re-routing of a transmission of said first file via said second secure port.
9. The method of Claim 1, wherein said first standard port connects to said client system via a first unsecured network and said second secure port connects to said client system via a second secured network.
10. The method of Claim 1, wherein:
said data processing system is a server within a network having a first subnet connecting said first standard port to said client system and a second subnet connecting said second secure port to said client system;
said first file is stored within a filesystem;
said checking step includes accessing said filesystem and locating said first file; and said routing step includes transmitting said file via said second subnet when said file requires secure access and transmitting said first file via said first subnet when said first file does not require secure access.
said data processing system is a server within a network having a first subnet connecting said first standard port to said client system and a second subnet connecting said second secure port to said client system;
said first file is stored within a filesystem;
said checking step includes accessing said filesystem and locating said first file; and said routing step includes transmitting said file via said second subnet when said file requires secure access and transmitting said first file via said first subnet when said first file does not require secure access.
11. A system for providing security for transmission of at least a first file, for use in a data processing system comprising (1) a storage medium on which is stored said at least a first file having a preset access permission, (2) at least a first standard port and a second secure port for connecting said data processing system to external client systems, and (3) logic for selectively routing transmission of said at least one file via said first port and said second port, said system comprising:
logic, responsive to a request for access to said first file by said external client system, for checking said preset access permission of said first file; and when said preset access permission of said first file indicates secured access is required for said first file, logic for dynamically routing a transmission of said first file to external client system via said second port.
logic, responsive to a request for access to said first file by said external client system, for checking said preset access permission of said first file; and when said preset access permission of said first file indicates secured access is required for said first file, logic for dynamically routing a transmission of said first file to external client system via said second port.
12. The system of Claim 11, further comprising:
logic for routing said transmission of said first file via said first standard port when said preset access permission indicates a regular access is sufficient.
logic for routing said transmission of said first file via said first standard port when said preset access permission indicates a regular access is sufficient.
13. The system of Claim 11, further comprising:
logic for enabling a first mount of said data processing system via said first standard port; and logic for enabling a second mount of said data processing system via said second secure port only when said first file requires secured access.
logic for enabling a first mount of said data processing system via said first standard port; and logic for enabling a second mount of said data processing system via said second secure port only when said first file requires secured access.
14. The system of Claim 11, wherein said data processing system further comprises an encryption module associated with said second secured port, said logic for dynamically routing comprising:
logic for first encrypting said first file utilising said encryption module.
logic for first encrypting said first file utilising said encryption module.
15. The system of Claim 11, wherein said data processing system further comprising reconfiguration logic for configuring said first standard port and said second secured port for supporting a mount by said client system, said logic for dynamically routing comprising:
logic for first configuring said second secure port to support a remount operation received from said client system;
logic for terminating a current mount on said first standard port with said client system;
and
logic for first configuring said second secure port to support a remount operation received from said client system;
logic for terminating a current mount on said first standard port with said client system;
and
16 logic for storing session parameters of said current mount to enable seamless continuation of said session on said second secure port.
16. The system of Claim 15, wherein said configuring and storing step includes:
logic for retrieving an IP address of said client system;
logic for placing said IP address in a configuration of said second secure port, wherein said second secure port automatically recognises a remount operation from said client system and re-establishes the session with said client system.
16. The system of Claim 15, wherein said configuring and storing step includes:
logic for retrieving an IP address of said client system;
logic for placing said IP address in a configuration of said second secure port, wherein said second secure port automatically recognises a remount operation from said client system and re-establishes the session with said client system.
17. The system of Claim 11, wherein said preset access permission is a bit within metadata linked to said first file and said system further comprises reading a value of said bit to evaluate whether said first file requires secure access.
18. The system of Claim 11, wherein said preset access permission includes an identification of which specific users are permitted to access said first file via a secured access, said system further comprising:
logic for comparing a user of said client system with said specific users with permission to access said file; and when said user is one of said specific users, logic for automatically initiating a re-routing of a transmission of said first file via said second secure port.
logic for comparing a user of said client system with said specific users with permission to access said file; and when said user is one of said specific users, logic for automatically initiating a re-routing of a transmission of said first file via said second secure port.
19. The system of Claim 11, wherein said first standard port connects to said client system via a first unsecured network and said second secure port connects to said client system via a second secured network.
20. The system of Claim 11, wherein:
said data processing system is a server within a network having a first subnet connecting said first standard port to said client system and a second subnet connecting said second secure port to said client system;
said first file is stored within a filesystem;
said logic for checking includes means for accessing said filesystem and locating said first file; and said logic for routing includes means for transmitting said file via said second subnet when said file requires secure access and transmitting said first file via said first subnet when said first file does not require secure access.
said data processing system is a server within a network having a first subnet connecting said first standard port to said client system and a second subnet connecting said second secure port to said client system;
said first file is stored within a filesystem;
said logic for checking includes means for accessing said filesystem and locating said first file; and said logic for routing includes means for transmitting said file via said second subnet when said file requires secure access and transmitting said first file via said first subnet when said first file does not require secure access.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/443,675 | 2003-05-22 | ||
US10/443,675 US7917751B2 (en) | 2003-05-22 | 2003-05-22 | Distributed filesystem network security extension |
PCT/GB2004/001629 WO2004104902A1 (en) | 2003-05-22 | 2004-04-15 | Distributed filesystem network security extension |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2525249A1 true CA2525249A1 (en) | 2004-12-02 |
CA2525249C CA2525249C (en) | 2011-03-29 |
Family
ID=33450477
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2525249A Expired - Fee Related CA2525249C (en) | 2003-05-22 | 2004-04-15 | Distributed filesystem network security extension |
Country Status (12)
Country | Link |
---|---|
US (1) | US7917751B2 (en) |
EP (1) | EP1625524B1 (en) |
JP (1) | JP4602981B2 (en) |
KR (1) | KR100906119B1 (en) |
CN (1) | CN100530207C (en) |
AT (1) | ATE339733T1 (en) |
BR (1) | BRPI0410569B1 (en) |
CA (1) | CA2525249C (en) |
DE (1) | DE602004002401T2 (en) |
IL (1) | IL172054A (en) |
TW (1) | TWI282229B (en) |
WO (1) | WO2004104902A1 (en) |
Families Citing this family (42)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7124171B1 (en) * | 2002-05-23 | 2006-10-17 | Emc Corporation | In a networked computing cluster storage system and plurality of servers sharing files, in the event of server unavailability, transferring a floating IP network address from first server to second server to access area of data |
US7480700B2 (en) * | 2004-04-27 | 2009-01-20 | Apple Inc. | Method and system for retrieval and usage of remote entry points |
US7827294B2 (en) | 2004-05-06 | 2010-11-02 | American Express Travel Related Services Company, Inc. | System and method for dynamic security provisioning of computing resources |
US20060031326A1 (en) * | 2004-07-06 | 2006-02-09 | Francis Ovenden | Managing personal communications from a calendar scheduling application |
US7640346B2 (en) * | 2005-02-01 | 2009-12-29 | Microsoft Corporation | Dispatching network connections in user-mode |
JP4722519B2 (en) * | 2005-03-25 | 2011-07-13 | 株式会社日立製作所 | Computer system, storage server, search server, terminal device, and search method |
US7742498B2 (en) * | 2005-05-17 | 2010-06-22 | At&T Intellectual Property Ii, L.P. | Method and apparatus for routing a call to a dual mode wireless device |
US7895651B2 (en) | 2005-07-29 | 2011-02-22 | Bit 9, Inc. | Content tracking in a network security system |
US8984636B2 (en) | 2005-07-29 | 2015-03-17 | Bit9, Inc. | Content extractor and analysis system |
US8272058B2 (en) | 2005-07-29 | 2012-09-18 | Bit 9, Inc. | Centralized timed analysis in a network security system |
JP4600762B2 (en) * | 2005-08-31 | 2010-12-15 | ソニー株式会社 | Information processing apparatus and method, and program |
KR100810368B1 (en) * | 2006-07-10 | 2008-03-07 | 주식회사 한글과 컴퓨터 | System for preventing access and expose documents in group |
US8874907B1 (en) * | 2007-09-28 | 2014-10-28 | Symantec Operating Corporation | Controlling access to an NFS share |
US8560833B2 (en) * | 2010-10-29 | 2013-10-15 | Aruba Networks, Inc. | Automatic secure client access |
US8959113B2 (en) | 2011-03-30 | 2015-02-17 | Open Text S.A. | System, method and computer program product for managing tabulated metadata |
US9501543B2 (en) | 2011-09-23 | 2016-11-22 | Hybrid Logic Ltd | System for live-migration and automated recovery of applications in a distributed system |
US9477739B2 (en) | 2011-09-23 | 2016-10-25 | Hybrid Logic Ltd | System for live-migration and automated recovery of applications in a distributed system |
GB2495079A (en) | 2011-09-23 | 2013-04-03 | Hybrid Logic Ltd | Live migration of applications and file systems in a distributed system |
US10311027B2 (en) | 2011-09-23 | 2019-06-04 | Open Invention Network, Llc | System for live-migration and automated recovery of applications in a distributed system |
US9547705B2 (en) * | 2011-09-23 | 2017-01-17 | Hybrid Logic Ltd | System for live-migration and automated recovery of applications in a distributed system |
US10331801B2 (en) | 2011-09-23 | 2019-06-25 | Open Invention Network, Llc | System for live-migration and automated recovery of applications in a distributed system |
US9483542B2 (en) | 2011-09-23 | 2016-11-01 | Hybrid Logic Ltd | System for live-migration and automated recovery of applications in a distributed system |
TW201351194A (en) * | 2012-06-07 | 2013-12-16 | Askey Computer Corp | Data protection method for portable electronic device and computer program product for the same |
US8635668B1 (en) * | 2012-07-11 | 2014-01-21 | International Business Machines Corporation | Link analysis tool for security information handling system |
US8806575B2 (en) | 2012-07-11 | 2014-08-12 | International Business Machines Corporation | Network selection tool for information handling system |
US8898769B2 (en) | 2012-11-16 | 2014-11-25 | At&T Intellectual Property I, Lp | Methods for provisioning universal integrated circuit cards |
US8959331B2 (en) | 2012-11-19 | 2015-02-17 | At&T Intellectual Property I, Lp | Systems for provisioning universal integrated circuit cards |
US9513803B2 (en) * | 2012-12-21 | 2016-12-06 | Intel Corporation | Tagging in a storage device |
US9699141B2 (en) * | 2013-04-03 | 2017-07-04 | Symantec Corporation | Method and apparatus for integrating security context in network routing decisions |
US9036820B2 (en) | 2013-09-11 | 2015-05-19 | At&T Intellectual Property I, Lp | System and methods for UICC-based secure communication |
US9124573B2 (en) | 2013-10-04 | 2015-09-01 | At&T Intellectual Property I, Lp | Apparatus and method for managing use of secure tokens |
US9208300B2 (en) | 2013-10-23 | 2015-12-08 | At&T Intellectual Property I, Lp | Apparatus and method for secure authentication of a communication device |
US9240994B2 (en) | 2013-10-28 | 2016-01-19 | At&T Intellectual Property I, Lp | Apparatus and method for securely managing the accessibility to content and applications |
US9240989B2 (en) | 2013-11-01 | 2016-01-19 | At&T Intellectual Property I, Lp | Apparatus and method for secure over the air programming of a communication device |
US9313660B2 (en) | 2013-11-01 | 2016-04-12 | At&T Intellectual Property I, Lp | Apparatus and method for secure provisioning of a communication device |
US9413759B2 (en) | 2013-11-27 | 2016-08-09 | At&T Intellectual Property I, Lp | Apparatus and method for secure delivery of data from a communication device |
CN103905466B (en) * | 2014-04-22 | 2017-01-11 | 郭伟 | Data access control system and method for storage system |
US9713006B2 (en) | 2014-05-01 | 2017-07-18 | At&T Intellectual Property I, Lp | Apparatus and method for managing security domains for a universal integrated circuit card |
US9628486B2 (en) * | 2014-10-23 | 2017-04-18 | Vormetric, Inc. | Access control for data blocks in a distributed filesystem |
US10558818B2 (en) * | 2017-02-22 | 2020-02-11 | Red Hat, Inc. | Supporting security access controls in an overlay filesystem |
WO2020055968A1 (en) * | 2018-09-11 | 2020-03-19 | Amari.Ai Incorporated | Secure communications gateway for trusted execution and secure communications |
EP4106290A1 (en) * | 2021-06-17 | 2022-12-21 | Deutsche Telekom AG | A method for operating a distributed application |
Family Cites Families (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6850252B1 (en) * | 1999-10-05 | 2005-02-01 | Steven M. Hoffberg | Intelligent electronic appliance system and method |
US5758334A (en) | 1995-07-05 | 1998-05-26 | International Business Machines Corporation | File system remount operation with selectable access modes that saves knowledge of the volume path and does not interrupt an executing process upon changing modes |
US6006018A (en) * | 1995-10-03 | 1999-12-21 | International Business Machines Corporation | Distributed file system translator with extended attribute support |
US6081610A (en) * | 1995-12-29 | 2000-06-27 | International Business Machines Corporation | System and method for verifying signatures on documents |
JPH09305682A (en) | 1996-05-13 | 1997-11-28 | Sony Corp | Communication equipment |
JPH10124427A (en) | 1996-06-19 | 1998-05-15 | At & T Corp | Automatic network reconfiguration system and method |
US5903732A (en) * | 1996-07-03 | 1999-05-11 | Hewlett-Packard Company | Trusted gateway agent for web server programs |
JPH10171879A (en) | 1996-12-06 | 1998-06-26 | Purosupaa Kurieiteibu:Kk | Merchandise sales system, and information communication method and storage medium for the same system |
JPH10229459A (en) | 1996-12-09 | 1998-08-25 | Nippon Telegr & Teleph Corp <Ntt> | Transmission method for pay information, equipment therefor and recording medium |
CN1225186A (en) * | 1996-12-18 | 1999-08-04 | 亚历山大S·奥伦斯坦 | Secured system for accessing application services from a remote station |
US5931947A (en) * | 1997-09-11 | 1999-08-03 | International Business Machines Corporation | Secure array of remotely encrypted storage devices |
US6405315B1 (en) * | 1997-09-11 | 2002-06-11 | International Business Machines Corporation | Decentralized remotely encrypted file system |
US6574661B1 (en) * | 1997-09-26 | 2003-06-03 | Mci Communications Corporation | Integrated proxy interface for web based telecommunication toll-free network management using a network manager for downloading a call routing tree to client |
US6058400A (en) * | 1998-04-28 | 2000-05-02 | Sun Microsystems, Inc. | Highly available cluster coherent filesystem |
JP2000010921A (en) | 1998-06-19 | 2000-01-14 | Nec Corp | Communication method and system and recording medium |
JP2000067120A (en) | 1998-08-19 | 2000-03-03 | Nec Corp | Device and method for automatically establishing internet bypass route by downloading program |
JP2000076336A (en) | 1998-08-31 | 2000-03-14 | Fujitsu Ltd | Electronic settlement authentication system and electronic commerce service provider device |
JP2002526830A (en) * | 1998-09-28 | 2002-08-20 | アーガス システムズ グループ,インク. | Compartmentalized trust computer operating system |
US6772333B1 (en) * | 1999-09-01 | 2004-08-03 | Dickens Coal Llc | Atomic session-start operation combining clear-text and encrypted sessions to provide id visibility to middleware such as load-balancers |
US6782418B1 (en) * | 2000-01-24 | 2004-08-24 | General Electric Company | Method and apparatus for secure data file uploading |
US6952780B2 (en) * | 2000-01-28 | 2005-10-04 | Safecom A/S | System and method for ensuring secure transfer of a document from a client of a network to a printer |
KR20010096814A (en) * | 2000-04-14 | 2001-11-08 | 홍기융 | Digital Signature Certificate Based Security Kernel Method for File System Protection |
US6947556B1 (en) * | 2000-08-21 | 2005-09-20 | International Business Machines Corporation | Secure data storage and retrieval with key management and user authentication |
US7010689B1 (en) * | 2000-08-21 | 2006-03-07 | International Business Machines Corporation | Secure data storage and retrieval in a client-server environment |
US7089585B1 (en) * | 2000-08-29 | 2006-08-08 | Microsoft Corporation | Method and system for authorizing a client computer to access a server computer |
US7003799B2 (en) * | 2001-01-30 | 2006-02-21 | Hewlett-Packard Development Company, L.P. | Secure routable file upload/download across the internet |
US7073055B1 (en) * | 2001-02-22 | 2006-07-04 | 3Com Corporation | System and method for providing distributed and dynamic network services for remote access server users |
US6931530B2 (en) * | 2002-07-22 | 2005-08-16 | Vormetric, Inc. | Secure network file access controller implementing access control and auditing |
US6678828B1 (en) * | 2002-07-22 | 2004-01-13 | Vormetric, Inc. | Secure network file access control system |
US7143288B2 (en) * | 2002-10-16 | 2006-11-28 | Vormetric, Inc. | Secure file system server architecture and methods |
US7565533B2 (en) * | 2002-11-05 | 2009-07-21 | Sun Microsystems, Inc. | Systems and methods for providing object integrity and dynamic permission grants |
US8683031B2 (en) * | 2004-10-29 | 2014-03-25 | Trustwave Holdings, Inc. | Methods and systems for scanning and monitoring content on a network |
-
2003
- 2003-05-22 US US10/443,675 patent/US7917751B2/en not_active Expired - Fee Related
-
2004
- 2004-04-15 CA CA2525249A patent/CA2525249C/en not_active Expired - Fee Related
- 2004-04-15 DE DE602004002401T patent/DE602004002401T2/en not_active Expired - Lifetime
- 2004-04-15 CN CNB2004800133205A patent/CN100530207C/en not_active Expired - Fee Related
- 2004-04-15 JP JP2006530468A patent/JP4602981B2/en not_active Expired - Fee Related
- 2004-04-15 AT AT04727590T patent/ATE339733T1/en not_active IP Right Cessation
- 2004-04-15 EP EP04727590A patent/EP1625524B1/en not_active Expired - Lifetime
- 2004-04-15 WO PCT/GB2004/001629 patent/WO2004104902A1/en active IP Right Grant
- 2004-04-15 BR BRPI0410569A patent/BRPI0410569B1/en active IP Right Grant
- 2004-05-07 TW TW093112916A patent/TWI282229B/en not_active IP Right Cessation
-
2005
- 2005-09-29 KR KR1020057018432A patent/KR100906119B1/en not_active IP Right Cessation
- 2005-11-20 IL IL172054A patent/IL172054A/en not_active IP Right Cessation
Also Published As
Publication number | Publication date |
---|---|
IL172054A0 (en) | 2011-08-01 |
BRPI0410569A (en) | 2006-06-20 |
US20040236745A1 (en) | 2004-11-25 |
EP1625524A1 (en) | 2006-02-15 |
JP2007503652A (en) | 2007-02-22 |
EP1625524B1 (en) | 2006-09-13 |
WO2004104902A1 (en) | 2004-12-02 |
ATE339733T1 (en) | 2006-10-15 |
CN100530207C (en) | 2009-08-19 |
BRPI0410569B1 (en) | 2016-08-23 |
IL172054A (en) | 2012-09-24 |
KR20060015714A (en) | 2006-02-20 |
US7917751B2 (en) | 2011-03-29 |
DE602004002401D1 (en) | 2006-10-26 |
DE602004002401T2 (en) | 2007-09-20 |
CN1791878A (en) | 2006-06-21 |
TWI282229B (en) | 2007-06-01 |
KR100906119B1 (en) | 2009-07-07 |
JP4602981B2 (en) | 2010-12-22 |
TW200507570A (en) | 2005-02-16 |
CA2525249C (en) | 2011-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2525249A1 (en) | Distributed filesystem network security extension | |
JP2007503652A5 (en) | ||
EP1130875B1 (en) | A home gateway with a data backup service | |
US9510202B2 (en) | Method of securing network access radio systems | |
WO2006088592A1 (en) | Network-distributed data routing | |
JP6096376B2 (en) | Access control method, apparatus, program, and recording medium | |
JP2003535398A (en) | Integrated internal information leakage prevention system | |
WO2008097164A2 (en) | Method and arrangement relating to encryption/decryption of a memory unit | |
US20060080517A1 (en) | Accessing a protected area of a storage device | |
JP4320904B2 (en) | Gateway and data communication method | |
US20070028305A1 (en) | Method and apparatus for an encryption system | |
EP2028603B1 (en) | External storage medium adapter | |
US20080104239A1 (en) | Method and system of managing accounts by a network server | |
JP2003092567A (en) | System and device for managing file and client terminal | |
JP3336969B2 (en) | Method and system for controlling data storage device sharing among multiple computers | |
JP2000244481A (en) | Access control method and system and recording medium storing access control program | |
JPH03152652A (en) | Network security system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |
Effective date: 20170418 |
|
MKLA | Lapsed |
Effective date: 20170418 |