Method and system for encrypted file access

摘要

A method and system for encrypted file access are provided. The method includes the steps of: receiving (502, 552) an access request for an encrypted file (401-403) by an application (110); determining (503, 553) the application (110) making the access request; checking (505, 555) if the application (110) is authorized for access; and if authorized, allowing the access request. The access request may be a read or write access by a destination or source application (110). If the application (110) is authorized for access, the method checks (508, 558) if the application (110) is authorized for unencrypted access; and if so, allowing unencrypted file access.

主权项

1. A file encryption system comprising:
a data store storing a list of applications and types of files that the applications have been granted permission to access and a list of allowable hash values; and a processor configured to
receive an access request for an encrypted file by an application;determine if the application is authorized for access to the encrypted file by checking a name of the application and a file type of the encrypted file against the list of applications and types of files that the applications have been granted permission to access;upon determining that the application is authorized to access the encrypted file, further determine if the application is authorized for access to an unencrypted version of the encrypted file by calculating a hash value of contents of the application and checking the calculated hash value against the list of allowable hash values; andupon determining that the application is authorized for access to an unencrypted version of the encrypted file, decrypt the encrypted file and return the decrypted file to the application, otherwise return the encrypted file to the application; wherein the list of applications and types of files that the applications have been granted permission to access and the list of allowable hash values are administered by a security policy.