Cache data placement for compression in data storage systems
US-2016335188-A1 · Nov 17, 2016 · US
Data loss prevention
US11580248B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11580248-B2 |
| Application number | US-202117169887-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 8, 2021 |
| Priority date | Dec 29, 2016 |
| Publication date | Feb 14, 2023 |
| Grant date | Feb 14, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for providing data loss prevention, including data exfiltration prevention and crypto-ransomware prevention, are provided. In some embodiments, a slack-space file system is created by using a modified packing algorithm to increase and/or optimize an amount of slack space created by files stored in a standard file system. A program for accessing and indexing the slack-space file system may be stored, and requests by a user to store data on a storage medium of a computer system may cause the information to be stored in the slack-space file system, where it may be protected from destructive malware that operates solely on the standard file system. In some embodiments, sensitive information may be hidden by storing the information in an alternate data stream of a file and by replacing the information in the unnamed data stream of the file with non-sensitive information that may appear to be sensitive.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer system for storing data, comprising: one or more processors; and memory storing one or more programs configured to be executed by the one or more processors, the one or more programs including instructions for: receiving an instruction to store data in a first file system on a storage medium of the system, wherein the first file system comprises a plurality of files and slack space, wherein the slack space comprises space in the storage medium between the end of a file in the first set of files and the end of a cluster allocated by the first file system to store the file; and in response to receiving the instruction to store the data in the first file system, storing the data instead in a second file system on the storage medium, wherein the second file system is configured to store a second set of files in the slack space of the first file system. 2. The system of claim 1 , wherein the data is stored at a location in the slack space based on an index of the second set of files that are stored in the slack space. 3. The system of claim 2 , wherein the index of the second set files that are stored in the slack space of the first file system is inaccessible to the first file system. 4. The system of claim 2 , wherein the index of the second set files is stored, along with instructions for storing and reading the second set of files from the slack space, as a slack-space file-system program. 5. The system of claim 4 , wherein the one or more programs include instructions for erasing pointers associated with the slack-space file-system program. 6. The system of claim 4 , wherein the slack-space file-system program is stored in a registry of the system. 7. The system of claim 4 , wherein the slack-space file-system program is encrypted and compressed. 8. The system of claim 4 , wherein the one or more programs include instructions for initializing the slack-space file-system program via a loader program, wherein the loader program is stored as a library of the system. 9. The system of claim 8 , wherein the loader program is stored as a first dynamic-link library. 10. The system of claim 9 , wherein the loader program is configured to be executed when the first dynamic-link library is called by a second dynamic-link library. 11. The system of claim 1 , wherein the one or more programs includes instructions for, in response to receiving the instruction to store data in the first file system, making a determination to store the data in the second file system and not in the first file system. 12. The system of claim 11 , wherein the determination is based on one or more of a file size of the data, an amount of storage space available on one or both of the first file system and the second file system, a file type of the data, whether the data contains secure information, and a level of security of information contained in the data. 13. The system of claim 1 , wherein the one or more programs including instructions for: receiving a second instruction to store second data in the second file system; and in response to receiving the second instruction, storing the second data in the second file system. 14. The system of claim 1 , wherein the cluster is a predetermined minimum amount of contiguous space that can be allocated by the first file system. 15. A method for storing data, performed at a computer system comprising one or more processors and memory, the method comprising: receiving an instruction to store data in a first file system on a storage medium of the system, wherein the first file system comprises a plurality of files and slack space, wherein the slack space comprises space in the storage medium between the end of a file in the first set of files and the end of a cluster allocated by the first file system to store the file; and in response to receiving the instruction to store the data in the first file system, storing the data instead in a second file system on the storage medium, wherein the second file system is configured to store a second set of files in the slack space of the first file system. 16. The method of claim 15 , wherein the data is stored at a location in the slack space based on an index of the plurality of files that are stored in the slack space. 17. The method of claim 16 , wherein the index of the plurality of files is stored, along with instructions for storing and reading the plurality of files from the slack space, as a slack-space file-system program. 18. The method of claim 17 , comprising erasing pointers that indicate the slack-space file-system program. 19. The method of claim 15 , comprising, in response to receiving the instruction to store data in the first file system, making a determination to store the data in the second file system and not in the first file system. 20. The method of claim 19 , wherein the determination is based on one or more of a file size of the data, an amount of storage space available on one or both of the first file system and the second file system, a file type of the data, whether the data contains secure information, and a level of security of information contained in the data. 21. A non-transitory computer-readable storage medium storing one or more programs configured to be executed by one or more processors of a device with one or more processors and memory, the one or more programs including instructions for: receiving an instruction to store data in a first file system on a storage medium of the system, wherein the first file system comprises a plurality of files and slack space, wherein the slack space comprises space in the storage medium between the end of a file in the first set of files and the end of a cluster allocated by the first file system to store the file; and in response to receiving the instruction to store the data in the first file system, storing the data instead in a second file system on the storage medium, wherein the second file system is configured to store a second set of files in the slack space of the first file system. 22. The non-transitory computer-readable storage medium of claim 21 , wherein the data is stored at a location in the slack space based on an index of the plurality of files that are stored in the slack space. 23. The non-transitory computer-readable storage medium of claim 22 , wherein the index of the plurality of files is stored, along with instructions for storing and reading the plurality of files from the slack space, as a slack-space file-system program. 24. The non-transitory computer-readable storage medium of claim 23 , wherein the one or more programs include instructions for erasing pointers indicating the slack-space file-system program. 25. The non-transitory computer-readable storage medium of claim 21 , wherein the one or more programs include instructions for, in response to receiving the instruction to store data in the first file system, making a determination to store the data in the second file system and not in the first file system. 26. The non-transitory computer-readable storage medium of claim 25 , wherein the determination is based on one or more of a file size of the data, an amount of storage space available on one or both of the first file system and the second file system, a file type of the data, whether the data contains secure information, and a level of security of information contained in the data.
Assignees
Inventors
Classifications
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
File encryption · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
Management of blocks · CPC title
- G06F21/6227Primary
where protection concerns the structure of data, e.g. records, types, queries · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11580248B2 cover?
- Techniques for providing data loss prevention, including data exfiltration prevention and crypto-ransomware prevention, are provided. In some embodiments, a slack-space file system is created by using a modified packing algorithm to increase and/or optimize an amount of slack space created by files stored in a standard file system. A program for accessing and indexing the slack-space file syste…
- Who is the assignee on this patent?
- Noblis Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6227. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 14 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).