Method and system for enabling enterprises to use detachable memory devices that contain data and executable files in controlled and secure way

摘要

Secure operation of SEMDs on a client computer in a host system is obtained by controlling what applications (i.e., U3 applications) that can run on the host system and access data on the SEMD. Applications allowed to run on each host machine are identified and any access to the SEMD by an allowed application is permitted and other access are prohibited. Security and/or privacy for data that is stored on a SEMD is provided by only allowing approved USB memory card based applications to access the data stored on the SEMD. All other applications, either unapproved USB memory card based applications or non-SEMD resident cannot access the data on the SEMD. Other security is provided by preventing access to the SEMD except for computers or systems that are a part of a company's private network and maintaining the data on the SEMD in an encrypted state.

主权项

1. A method for enhancing security of a network containing a plurality of client computers and a host system, wherein at least one of the client computers is configured to be detachably connected to a smart external memory device containing one or more applications, the method comprising the steps of:
detecting that a detachable smart external memory device is connected to a client computer included in said plurality of client computers; based upon said detecting that the smart external memory device is connected to the client computer, determining whether the client computer is authorized using a policy temporarily stored on the client computer prior to running an approved framework application of the smart external memory device, if the client computer is authorized, then the approved framework application runs the smart external memory device; locating at least one application stored on said smart external memory device and determining whether said application is included in a list of approved applications configured to be executed in conjunction with said smart external memory device; and if said application is included in said list, then allowing said approved application to access only specific folders or files on said smart external memory device, said specific folders or files being associated with said approved application, and, if said application is not included in said list, determining whether said application is the approved framework application of the smart external memory device, and if the application is the approved framework application, then permitting the access to the specific folders or files; and if said application is not the approved framework application of the smart external memory device, then preventing said application from accessing data on the smart external memory device.