Enhanced data security through file access control of processes in a data processing system

摘要

A software system for controlling the unauthorized transfer of data from a data processing system to a network is provided. A file monitor module monitors requests made by a process to access a data file within the computer system, and cross-checks the data file name against a protected file list database. If the file is listed in the protected file list database, the process name is added to a process list for the data file. A process monitor module monitors all processes contained in the process list, and if a process in the process list transfers the data file to another process, the receiving process is added to the process list. An upload monitor module searches the process list for any process that requests a network data transfer. The upload monitor module holds the transfer request for any process listed within the process list, and displays a warning message to the system user indicating that a process having had access to protected data is requesting network access to upload a data file. The data file is permitted to be transferred to the network in response to a user authorization command or the transfer request is cancelled.