(1) Field of the Invention
The present invention relates to a file access system which accesses a file within an external storage device when a request to read data from or write data to the file is issued by an application program.
(2) Description of the Related Art
In a conventional file access method, a given file within an external storage device is accessed when a request is issued by an application program in order to read data from or write data to the file. In a case in which a file having encrypted data (or ciphertext) is accessed, the whole ciphertext from the file is copied to a working file. The whole ciphertext in the working file is decrypted into plaintext (or decrypted data), and the plaintext is copied to the working file. After the decryption is performed, the working file is accessed to obtain the plaintext. After the accessing procedure is performed, the plaintext is encrypted, and the encrypted data is copied to the file within the external storage device.
More specifically, in the conventional file access method, when encrypted data of a file within the external storage device is read by an application program, all the encrypted data from the file is copied to a working file. After the encrypted data is decrypted into plaintext in the working file, the working file is accessed to return the plaintext to the application program. After the accessing procedure is performed, the plaintext is encrypted into the ciphertext and the ciphertext (or the encrypted data) is copied to the file within the external storage device.
Therefore, when a file having encrypted data within the external storage device is accessed according to the conventional file access method, it is necessary to generate a working file and decrypt the data of the file to store the result of decryption in the working file. This makes it difficult to efficiently access the file having encrypted data within the external storage device.
Further, in the case of the conventional file access method, the plaintext (or the decrypted data) in the working file remains unprotected after the accessing procedure is finished, and there is a problem in that the conventional file access method fails to provide adequate security for information of the file within the external storage device.
An object of the present invention is to provide an improved file access system in which the above-mentioned problems are eliminated.
Another object of the present invention is to provide a file access system which utilizes a simple accessing method and efficiently accesses a file within an external storage device even if the file has encrypted data.
Sill another object of the present invention is to provide a file access system which provides adequate security for information of a file within an external storage device even after the accessing procedure for the file is finished.
The above-mentioned objects of the present invention are achieved by a file access system in which a file within a storage device is accessed when a request is issued by an application program, the file access system comprising: a determining unit which determines whether a given file within the storage device has encrypted data when a reading request is issued by the application program; and a reading unit which receives a fixed length of the encrypted data from the given file when the given file is determined as having the encrypted data, the reading unit generating decrypted data of the same size as the fixed length by performing a decryption wherein a position of the fixed length of the decrypted data is determined by a position indicated by the reading request.
The above-mentioned objects of the present invention are achieved by a file access system in which a file within a storage device is accessed when a request is issued by an application program, the file access system comprising: a determining unit which determines whether a given file within the storage device has encrypted data when a writing request is issued by the application program; and a writing unit which receives a fixed length of the encrypted data from the given file when the given file is determined as having the encrypted data, the writing unit generating decrypted data of the same size as the fixed length by performing a decryption wherein a position of the fixed length of the decrypted data is determined by a position indicated by the writing request, and the writing unit overwriting new data from the application program to the decrypted data, and further the writing unit generating encrypted data of the same size as the fixed length by performing an encryption of the decrypted data, and overwriting the encrypted data to the given file at the position indicated by the writing request.
In the file access system of the present invention, a simple encryption/decryption method is utilized to carry out the read/write processing. It is not necessary for the present invention to generate a working file and encrypt/decrypt data of a given file to store the result of encryption/decryption in the working file. The file access system of the present invention can efficiently access the given file within the external storage device. Further, in the file access system of the present invention, it is difficult to discriminate between a block of encrypted data and a block of decrypted data since both blocks have the same size. Therefore, the file access system of the present invention is effective in providing adequate security for information of the given file within the external storage device even after the accessing procedure for the file is finished.