US 12,008,131 B2
Systems and methods for a cryptographic file system layer
Mark S. O'Hare, Coto De Caza, CA (US); Rick L Orsini, Flower Mound, TX (US); and Roger S. Davenport, Campbell, TX (US)
Assigned to Security First Innovations, LLC, Ashburn, VA (US)
Filed by Security First Innovations, LLC, Ashburn, VA (US)
Filed on Jan. 19, 2023, as Appl. No. 18/099,212.
Application 18/099,212 is a continuation of application No. 16/556,909, filed on Aug. 30, 2019, granted, now 11,586,757.
Application 16/556,909 is a continuation of application No. 15/882,694, filed on Jan. 29, 2018, granted, now 10,402,582, issued on Sep. 3, 2019.
Application 15/882,694 is a continuation of application No. 14/180,151, filed on Feb. 13, 2014, granted, now 9,881,177, issued on Jan. 30, 2018.
Claims priority of provisional application 61/764,532, filed on Feb. 13, 2013.
Prior Publication US 2023/0161897 A1, May 25, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01); H04L 9/08 (2006.01); H04L 9/06 (2006.01); H04L 9/32 (2006.01)
CPC G06F 21/6227 (2013.01) [G06F 21/6218 (2013.01); H04L 9/085 (2013.01); H04L 9/065 (2013.01); H04L 9/3226 (2013.01); H04L 9/3234 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for use in a computer system including an application layer, a cryptographic file system layer and a file system layer having one or more first directory locations each designated as a secure directory and one or more second directory locations each not designated as the secure directory, the method comprising:
receiving a write command to write a data file in the file system layer;
obtaining a destination directory location associated with the write command;
determining whether the destination directory location is one of the one or more first directory locations or one of the one or more second directory locations;
in response to determining that the destination directory location is the one of the one or more first directory locations:
intercepting the write command by the cryptographic file system layer, wherein the intercepting is transparent to a user of the computer system;
after intercepting, modifying, by the cryptographic file system layer, the data file to generate a modified data file; and
storing the modified data file in the destination directory location;
in response to determining that the destination directory location is the one of the one or more second directory locations:
storing the data file in the destination directory location.