Storage-access control system, storage-access control method, and computer product

Information

  • Patent Application
  • 20070214332
  • Publication Number
    20070214332
  • Date Filed
    June 06, 2006
    18 years ago
  • Date Published
    September 13, 2007
    17 years ago
Abstract
A device driver includes an access permitted directory storage unit and an access-permission determining unit. The access-permitted directory storage unit stores as an access-permitted directory an activation directory for a process that is allowed to access an S memory (private memory). The access-permission determining unit checks whether an activation directory for a process that has requested for access to the S memory matches the access-permitted directory. Based on the result, the access-permission determining unit determines whether to accept the access request.
Description

BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 is a functional block diagram of a portable-storage-device access system according to a first embodiment of the present invention;



FIG. 2 is a detailed functional block diagram of a device driver shown in FIG. 1;



FIG. 3 is a flowchart for explaining the process of accessing a memory shown in FIG. 1;



FIG. 4 is a schematic for explaining initial operation;



FIG. 5 is a schematic for explaining the activation of a C1 process and an access request sent to the device driver;



FIG. 6 is a schematic for explaining permission for access to an S memory shown in FIG. 1;



FIG. 7 is a schematic for explaining denial of access to the S memory;



FIG. 8 is a functional block diagram of a net-disk access system according to a second embodiment of the present invention;



FIG. 9 is a flowchart for explaining the process of accessing a net disk shown in FIG. 8;



FIG. 10 is a schematic for explaining access to the net disk;



FIG. 11 is a schematic for explaining access control for the net disk; and



FIG. 12 is a functional block diagram of the hardware configuration of a computer that implements the methods according to the embodiments.


Claims
  • 1. A computer-readable recording medium that stores therein a device driver program to control access thereto, the device driver program causing a computer to execute: receiving a request for access to the computer-readable recording medium from a process;determining, in response to received access request, whether to allow access to the computer-readable recording medium based on information about the process; andallowing the process to access the computer-readable recording medium upon it is determined at the determining to allow access to the computer-readable recording medium.
  • 2. The computer-readable recording medium according to claim 1, the device driver-program further causes the computer to execute converting the received access request into a storage-device access request for access to a storage device managed by a remote computer that is connected to the computer via a network, wherein the determining includes determining, in response to the storage-device access, whether to allow access to the storage device based on the information about the process, andthe allowing includes allowing access to the storage device upon it is determined at the determining to allow access to the storage device.
  • 3. The computer-readable recording medium according to claim 1, wherein the information about the process includes information indicative of whether a computer program executed as the process is stored in the computer-readable recording medium.
  • 4. The computer-readable recording medium according to claim 3, wherein the information about the process further includes an identifier that identifies a storage area where the program executed as the process is stored.
  • 5. The computer-readable recording medium according to claim 4, wherein the identifier includes a drive identifier that identifies the storage area and a directory.
  • 6. The computer-readable recording medium according to claim 5, wherein the information about the process includes a drive identifier received from an automatic process, the automatic process being a process that is automatically activated when the computer-readable recording medium is connected to the computer.
  • 7. The computer-readable recording medium according to claim 2, wherein the allowing includes requesting a process to access the storage device managed by the remote computer.
  • 8. The computer-readable recording medium according to claim 7, wherein the process to access the storage device managed by the remote computer is performed by the execution of a program stored in the computer-readable recording medium.
  • 9. A method of controlling access to a recording medium from a process based on a device driver program, the method comprising: receiving a request for access to the recording medium from the process;determining, in response to received access request, whether to allow access to the recording medium based on information about the process; andallowing the process to access the recording medium upon it is determined at the determining to allow access to the recording medium.
  • 10. The method according to claim 9, further comprising converting the received access request into a storage-device access request for access to a storage device managed by a remote computer that is connected via a network to a computer that executes the device driver program, wherein the determining includes determining, in response to the storage-device access, whether to allow access to the storage device based on the information about the process, andthe allowing includes allowing access to the storage device upon it is determined at the determining to allow access to the storage device.
  • 11. The method according to claim 9, wherein the information about the process includes information indicative of whether a program executed as the process is stored in the recording medium that stores the device driver program.
  • 12. The method according to claim 11, wherein the information about the process further includes an identifier that identifies a storage area where the program executed as the process is stored.
  • 13. The method according to claim 12, wherein the identifier includes a drive identifier that identifies the storage area and a directory.
  • 14. The method according to claim 13, wherein the information about the process includes a drive identifier received from an automatic process, the automatic process being a process that is automatically activated when the recording medium that stores the device driver program is connected to the computer.
  • 15. The method according to claim 10, wherein the allowing includes requesting a process to access the storage device managed by the remote computer.
  • 16. The method according to claim 15, wherein the process to access the storage device managed by the remote computer is performed by the execution of a program stored in the recording medium that stores the device driver program.
  • 17. A storage-access control system comprising a computer and a computer-readable portable recording medium connectable to the computer, wherein the recording medium stores therein a device driver program to control access thereto, which is loaded as a device driver into the computer, andthe device driver includes a receiving unit that receives a request for access to the recording medium from a process;a determining unit that determines, in response to received access request, whether to allow access to the recording medium based on information about the process; andan allowing unit that allows access to the recording medium upon the determining unit determining to allow access to the recording medium.
  • 18. The storage-access control system according to claim 17, wherein, the computer is connected to a remote computer via a network,the device driver further includes a converting unit that converts the received access request into a storage-device access request for access to a storage device managed by the remote computer,the determining unit determines, in response to the storage-device access, whether to allow access to the storage device based on the information about the process, andthe allowing unit prepares for access to the storage device upon the determining unit determining to allow access to the storage medium.
Priority Claims (1)
Number Date Country Kind
2006-061627 Mar 2006 JP national