Browse Prior Art Database

Versioning system for protecting mass storage devices with periodic migration Disclosure Number: IPCOM000030680D
Original Publication Date: 2004-Aug-23
Included in the Prior Art Database: 2004-Aug-23
Document File: 2 page(s) / 55K

Publishing Venue



The present publication discloses a method to migrate computer data over time into a dedicated safe file system device once this computer data are proved to be virus free. This file system is locked in a read only mode to remain virus free in normal operation. The method does not assume the original file system integrity.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Versioning system for protecting mass storage devices with periodic migration

The "mouse and cat" game between virus and anti-virus software never ends because new viruses appear every day. Therefore, no computer can be considered as 100% virus safe as long as new or updated files are stored into its file system whatever the means used to store these files (network, CD, shared drives) and even if the anti-virus software is up-to-date and running .

Tedious anti-virus long scan can be shorten greatly by considering that most data files located on PC file systems are never changed and do not need to be scanned. The problem is to separate these data files from live files. The present method proposes to observe these data files during a given period of time (like a quarantine), and if it is proven that they haven't been tampered, to move them into another file system. Figure 1 shows the typical "threat" cycle of a virus, assuming an efficient security policy is applied on the computer ( i.e. an antivirus is active and maintained up-to-date).

Tpa : time period A (about two days to give an example) : evaluation period.

Tpb : time period B (about two weeks to give an example) : period after which a decision can be taken
Td = time period during which there is a potential danger (d as "Danger"). Tpb so that Tpb > Td

The original file system device is called D1. The safe file system device is called D2. D2 operates according two modes : a Read and Write (R/W) mode and a Read Only (R/O) mode. The D2 modes can only be changed through firmware. D2 is used in the Read Only (R/O) mode most of the time when the computer normally operates ("normal phase"). D2 is used in the Read and Write (R/W) mode only after reboot, by a trusted operating system every Tpa period ("evaluation phase"). D2 can hold files that the user can still access from D1 by means of links (symbolic links or shortcuts). During the "evaluation phase" (every Tpa), the computer is rebooted with a trusted operating system and D2 is switched to the R/W mode. D1 is...