Encryption techniques
Files on an endpoint are encrypted 1902 with a key and a file system is provided 1904 for accessing the plurality of encrypted files by one or more processes executing on the endpoint. The file system includes a file system extension that applies the key to decrypt a file in response to a file reque...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Files on an endpoint are encrypted 1902 with a key and a file system is provided 1904 for accessing the plurality of encrypted files by one or more processes executing on the endpoint. The file system includes a file system extension that applies the key to decrypt a file in response to a file request from the one or more processes. Access to the files by the processes is monitored 1906 and a rate of access to the files is limited (throttled) 1912 when a pattern of access is detected that indicates potential compromise 1908 by automated file access, such as access to a number of files beyond a threshold within a predetermined time interval. Other indications of potential compromise may be communication of files to a location remote from the endpoint, or the detection of a removable drive coupled to the endpoint. An exception to the indication may be provided for a trusted process 1910. Numerous other arrangements are disclosed including creating portable encrypted content, revoking keys if the security of an endpoint is compromised, attaching portable encrypted content to electronic mail messages, and monitoring the exposure state of a process on an endpoint to potentially unsafe content. |
|---|