发明名称 |
Distributed filesystem network security extension |
摘要 |
A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and re-configures the server ports to accept a re-mount from the client via a more secure port. The server re-configured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from un-authorized capture during transmission to the client system.
|
申请公布号 |
US7917751(B2) |
申请公布日期 |
2011.03.29 |
申请号 |
US20030443675 |
申请日期 |
2003.05.22 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
KEOHANE SUSAN MARIE;MCBREARTY GERALD FRANCIS;MULLEN SHAWN PATRICK;MURILLO JESSICA KELLEY;SHIEH JOHNNY MENG-HAN |
分类号 |
G06F21/00;G06F17/30;G06F21/24;H04L9/00;H04L29/06;H04L29/08 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|