公开(公告)号：US20220278988A1

公开(公告)日：2022-09-01

申请号：US17747251

申请日：2022-05-18

Applicant: VMware, Inc.

Inventor： Akash Pati ,  Shivam Srivastav ,  Anirudh Singh Rathore

IPC: H04L9/40

Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label and a list of permitted applications are received. The security label is utilized to limit access to files that embed the security label. A security label map is written within a kernel layer of the client device. The security label map includes the security label and the list of permitted applications. A secured file is generated by embedding the security label within a file stored on the client device.

公开(公告)号：US11343252B2

公开(公告)日：2022-05-24

申请号：US16679711

申请日：2019-11-11

Applicant: VMware, Inc.

Inventor： Akash Pati ,  Shivam Srivastav ,  Anirudh Singh Rathore

IPC: H04L9/40 ,  H04L29/06

Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label map is written to a kernel layer. The security label map includes a security label and a list of permitted applications for files originated by a protected application. A file access system call is intercepted by kernel-level management instructions. An application identity is identified for an application requesting to access a secure file. Access to the secured file is permitted or denied based on a comparison of the application identity with the list of permitted applications.

公开(公告)号：US20210144143A1

公开(公告)日：2021-05-13

申请号：US16679711

申请日：2019-11-11

Applicant: VMware, Inc.

Inventor： Akash Pati ,  Shivam Srivastav ,  Anirudh Singh Rathore

IPC: H04L29/06

Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label map is written to a kernel layer. The security label map includes a security label and a list of permitted applications for files originated by a protected application. A file access system call is intercepted by kernel-level management instructions. An application identity is identified for an application requesting to access a secure file. Access to the secured file is permitted or denied based on a comparison of the application identity with the list of permitted applications.