Encrypting Computer Files
A computer system may include an encryption filter driver which runs on an operating system of the computer system. For example, MICROSOFT has an encryption filter driver that is part of MICROSOFT'S New Technology File System (hereinafter “NTFS”) Encrypting File System (hereinafter “EFS”) that runs on MICROSOFT'S WINDOWS operating system of a computer system. In addition, the kernel of an operating system of a computer system and processes and programs running on the computer system can encrypt computer files on the computer system via the encryption filter driver. For example, the WINDOWS kernel and WINDOWS processes and programs accessing computer files on the NTFS EFS have the ability to encrypt computer files to prevent their contents from being interpreted by another user via the NTFS EFS filter driver which is encapsulated in NTFS.
Locking Computer Files
In addition, the kernel of an operating system of a computer system and processes and programs running on the computer system can lock (i.e. protect) computer files on the computer system.
Locking at File-Open Time
One type of locking is locking at file-open time. For example, the WINDOWS kernel and WINDOWS processes and programs have the ability to lock computer files from being opened and read by other processes by locking (i.e. protecting) the computer files on a computer system running the WINDOWS operating system. This is done by the kernel or a process opening a computer file and not granting specific permissions (such as read) to other processes, thereby locking the computer file. As long as the kernel or the process holds the computer file open, other processes are subject to the permissions granted by the kernel or the process. If another process attempts to open such a locked computer file, (1) WINDOWS “sharing violation” would occur and the data in the locked computer file could not be read by that other process.
Byte-Range Locking
Another type of locking is byte-range locking. Byte-range locking gives a process the ability to lock at least one portion of at least one computer file from being read by another process. Although another process may be able to open such a byte-range locked file, if that other process attempts to read a portion of the computer file which is byte-range locked, a WINDOWS “locking violation” would occur and the data in the byte-range locked computer file could not be read by that other process.
In some circumstances, a computer file can be encrypted and locked at the same time.
Need for Accessing Locked Computer Files
The data in locked computer files can be extremely important to various computer applications that access computer files, such as computer file backup applications, virus scanning applications, and indexer applications. It is important (1) for such computer applications to be able to read and open every computer file on a computer system and (2) for computer file backup applications to maintain the encrypted status of these computer files throughout the backup of the computer system, such that even in the backup image, these computer files remain encrypted and inaccessible until they are restored to the correct user.
Prior Art Systems
Currently, prior art computer file access systems (such as a computer file backup systems) fail to address this need.
Sector-Wise Copy
In a first prior art approach, as shown in prior art FIG. 1A, a first prior art computer file access system (1) performs a sector-wise copy of data on a storage device (e.g. a hard disk) of a computer system and (2) generates an entire image of the storage device. Unfortunately, this first prior art computer file backup system produces an image of the storage device that is a monolithic copy of the storage device with individual files in the monolithic copy being unreadable without a great deal of effort. In other words, data in this format is difficult to associate with computer files and, therefore, are of little use to many computer applications, such as indexer applications. Therefore, this first prior art computer file backup system makes performing a “single file restore” from the image of the storage device very difficult to do.
Shutdown & Preboot
In a second prior art approach, as shown in prior art FIG. 1B, a second prior art computer file backup system (1) shuts down a computer system, (2) restarts the computer system in a “preboot” environment, and copies a computer file copy in the “preboot” environment. In the “preboot” environment, the computer file would not be locked. Thus, with this second prior art computer file backup system, the computer system is either rebooted again or finishes booting to the operating system of the computer system. This second prior art computer file backup system is poor because it requires a reboot to be able to copy computer files. Therefore, this second prior art computer file backup system cannot perform a computer file backup on a computer system while the computer system is running, such that the user of the computer system could not continue to run other computer applications on the computer system.
Combination
In a third prior art approach, as shown in prior art FIG. 1C, a third prior art computer file backup system uses the methods and systems described in commonly owned, pending U.S. patent application Ser. No. 10/737,581 (entitled “Method and System of Accessing at Least One Target File in a Computer System with an Operating System with File Locking Implemented at a File-Open Time”, filed Dec. 15, 2003) and/or the methods and systems described in commonly owned, pending U.S. patent application Ser. No. 10/736,825 (entitled “Method and System of Accessing at Least One Target File in a Computer System with an Operating System with File Locking Implemented with Byte-Range Locking”, filed Dec. 15, 2003), which allow computer applications to access locked computer file data from either the filesystem or the cache manager of a computer system while the computer system is running. Unfortunately, using this third prior art computer file backup system on a locked, encrypted computer file either (1) produces an unencrypted version of the computer file or (2) produces a useless, encrypted version of the computer file, because the third prior art computer file backup system fails to get encryption key information associated with the locked, encrypted computer file. In a computer system running the WINDOWS operating system, the encryption key information is the EFS key information associated with a locked, encrypted computer file.
Volume Shadow Copy
In a fourth prior art approach, as shown in prior art FIG. 1D, a fourth prior art computer file backup system, for WINDOWS XP and higher, uses a Volume Shadow Copy service to backup computer files if the Volume Shadow Copy service is enabled. In particular, the fourth prior art computer file backup system (1) creates a Shadow Copy of the storage device (i.e. hard disk) of the computer system, using a Window operating system facility and (2) performs a backup from this Shadow Copy, which remains unmodified by other processes running on the computer system. Unfortunately, this fourth prior art computer file backup system is only supported by MICROSOFT'S WINDOWS XP operating system (hereinafter “XP”) and later editions of the Windows operating system. Further, this fourth prior art computer file backup system may potentially cause the computer system to run out of storage space sufficient to maintain the Shadow Copy.
Therefore, a method and system of reading at least one locked, encrypted computer file encrypted by an encryption filter driver running on an operating system of a computer system, with an added kernel driver, while the operating system is running and reading at least one locked, unencrypted computer file in a computer system with an operating system with an added kernel driver while the operating system is running is needed.