| US 7,487,366 B2 | ||
| Data protection program and data protection method | ||
| Yuu Umebayashi, Tokyo (Japan); Etsu Den, Tokyo (Japan); Yusuke Yamanaka, Tokyo (Japan); and Takaoki Sasaki, Tokyo (Japan) | ||
| Assigned to Fujitsu Limited, Kawasaki (Japan) | ||
| Filed on Apr. 09, 2003, as Appl. No. 10/409,443. | ||
| Prior Publication US 2004/0010701 A1, Jan. 15, 2004 | ||
| Int. Cl. G06F 11/30 (2006.01) | ||
| U.S. Cl. 713—193 | 5 Claims |
| 1. A computer-readable medium storing therein a data protection program for protecting data stored in a resource to be protected,
said data protection program enabling a computer to carry out a processing sequence comprising:
when a program capable of accessing said resource to be protected starts, registering a process ID of a process operating
as said program capable of accessing said resource to be protected in an access permission management table;
generating, by the process operating as said program capable of accessing said resource to be protected, a key that is uniquely
determined depending on a password entered by a user;
registering said key associated with the process ID of the process operating as said program capable of accessing said resource
to be protected in said access permission management table;
if an access request to access said resource to be protected is received, by a driver, acquiring a process ID of a process
operating as a request source program which has outputted said access request;
determining whether access to said resource to be protected is permitted or not based on whether the process ID of the process
operating as said request source program has been registered in said access permission management table or not;
if access to said resource to be protected is permitted, processing data in said resource to be protected in response to said
access request; and
when said program capable of accessing said resource to be protected ends, deleting said process ID of said process operating
as said program capable of accessing said resource to be protected from said access permission management table;
wherein when the data in said resource to be protected is processed, if said access request is a request to write data, then
data transferred from a process which executes said request source program is encrypted and then stored in said resource to
be protected, and if said access request is a request to read data, data from said resource to be protected is decrypted and
then transferred to a process which executes said request source program;
and wherein when the data in said resource to be protected is to be encrypted and decrypted, encrypting and decrypting, by
said driver, the data using said key registered in said access permission management table in association with the process
ID of the process which executed said request source program.
|