发明名称 |
Systems and methods for enforcing data loss prevention policies on sandboxed applications |
摘要 |
A computer-implemented method for enforcing data loss prevention policies on sandboxed applications may include identifying an application process that is in a sandbox, wherein a broker process has created a file handle for a file on behalf of the application process within the sandbox, intercepting an input/output request performed on the file handle by the application process, wherein the input/output request comprises an identifier of the application process, extracting the identifier of the application process from the input/output request and enforcing a data loss prevention policy on the file by attributing the input/output request to the application process instead of to the broker process based on the identifier of the application process. Various other methods, systems, and computer-readable media are also disclosed. |
申请公布号 |
US9027078(B1) |
申请公布日期 |
2015.05.05 |
申请号 |
US201313903958 |
申请日期 |
2013.05.28 |
申请人 |
Symantec Corporation |
发明人 |
Manmohan Sarin Sumit |
分类号 |
G06F21/00;G06F21/60 |
主分类号 |
G06F21/00 |
代理机构 |
ALG Intellectual Property, LLC |
代理人 |
ALG Intellectual Property, LLC |
主权项 |
1. A computer-implemented method for enforcing data loss prevention policies on sandboxed applications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
identifying, with at least one processor, an application process that is in a sandbox, wherein a broker process has intercepted an attempt by the application process to access a file and, in response, created a file handle for the file on behalf of the application process within the sandbox for the application process to have access to the file via the file handle; intercepting, with at least one processor, an input/output request performed on the file handle by the application process, wherein the input/output request comprises an identifier of the application process; extracting, with at least one processor, the identifier of the application process from the input/output request; enforcing, with at least one processor, a data loss prevention policy on the file by attributing the input/output request to the application process instead of to the broker process based on the identifier of the application process. |
地址 |
Mountain View CA US |