| CPC G06F 3/0622 (2013.01) [G06F 3/064 (2013.01); G06F 3/0659 (2013.01); G06F 3/067 (2013.01); G06F 21/602 (2013.01); G06F 21/78 (2013.01)] | 20 Claims |
|
1. A method, comprising:
intercepting a first open file call from an application to an operating system;
searching a list of encrypted files for an entry matching the first open file call;
responsive to not finding a matching entry of the list of encrypted files, generating a new filename and obtaining an encryption key;
invoking a second open file call to the operating system to open a new encrypted file with the new filename and to obtain a file descriptor for the new encrypted file;
adding a new entry to a list of open encrypted files that includes the file descriptor for the new encrypted file and the encryption key;
adding a new entry to the list of encrypted files that includes a filename and a path from the first open file call and the new filename;
returning an identifier for the new entry in the list of open encrypted files to the application in response to the first open file call;
intercepting a first read file call from the application to the operating system;
searching the list of open encrypted files for an entry matching the first read file call;
responsive to finding a matching entry of the list of open encrypted files, identifying an encrypted file stored by the operating system that is associated with the matching entry;
invoking a second read file call to the operating system with a file descriptor of the encrypted file to retrieve a block of encrypted data from the encrypted file;
decrypting, using an encryption key associated with the matching entry, the block of encrypted data to obtain a block of plaintext data;
generating a response to the first read file call including data from the block of plaintext data; and
returning the response to the application.
|