摘要 |
A method, system, and computer readable medium for authenticating file system content. In one embodiment of the method of invention, file system content is received or retrieved for content authentication. Security relevant portions of the file content are identified in accordance with specified parse production rules that tokenize the original file content. Next, the identified security relevant portions of the file content are isolated and extracted from the original file content. The extracted security relevant portions of the file content are authenticated by generating a hash value for the extracted portions and comparing the hash value against a prior output of that hash function applied to a trusted snapshot of the same security relevant file content.
|