A Windows file system control filter driver library, for you to develop Windows file access control application with the SDK.A file system filter driver is an optional driver that adds value to or modifies the behavior of a file system. A file system filter driver is a kernel-mode component that runs as part of the Windows executive.A file system filter driver intercepts requests targeted at a file system or another file system filter driver. By intercepting the request before it reaches its intended target, the filter driver can extend or replace functionality provided by the original target of the request.
What can you do with the File Control Filter Driver SDK 1.Block the new file creation via configuring the access control flag of the filter rule.
Example: Block the new file creation in folder c:\test: AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS&(~ALLOW_OPEN_WITH_CREATE_OR_OVERWRITE_ACCESS), L"c:\test\*", 1);
2.Prevent your sensitive files from being copied out of your protected folder
Example: Prevent the files in folder c:\test from being copied out. AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS&(~ALLOW_COPY_PROTECTED_FILES_OUT), L"c:\test\*", 1);
3.Prevent your sensitive files from being modified, renamed or deleted
Example: Prevent the file from being modified, renamed or deleted in folder c:\test: AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS&(~(ALLOW_WRITE_ACCESS|ALLOW_FILE_RENAME|ALLOW_FILE_DELETE), L"c:\test\*", 1);
4.Prevent your sensitive files from being accessed from the network computer
Example: Protect the files in folder c:\test, block the file access from the network.
AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS&(~ALLOW_FILE_ACCESS_FROM_NETWORK), L"c:\test\*", 1);
5.Hide your sensitive files to the specific processes or users
Example: Hide the files in folder c:\test for process "explorer.exe"
AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS|HIDE_FILES_IN_DIRECTORY_BROWSING, L"c:\test\", 1); AddIncludeProcessNameToFilterRule(L"c:\test\",L"explorer.exe"); AddHiddenFileMaskToFilterRule(L"c:\test\",L".*");
6.Reparse your file open from one location to another location.
Example: Reparse the file open in folder c:\test to another folder c:\reparseFolder"
AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS|REPARSE_FILE_OPEN, L"c:\test\", 1); AddReparseFileMaskToFilterRule(L"c:\test\",L"c:\reparseFolder\*");
7.Allow or deny the specific file I/O operation via registering the specific I/O callback routine based on the process name, user name or the file I/O information.
Example: Register the PRE_CREATE, PRE_SETINFORMATION I/O for folder c:\test, you can allow or deny the file opern, creation, deletion, rename in the callback routine.
AddFileFilterRule(ALLOW_MAX_RIGHT_ACCESS, L"c:\test\", 1); RegisterControlToFilterRule(L"c:\test\",PRE_CREATE|PRE_SET_INFORMATION);
8.Authorize or De-authorize the file access rights (read,write,rename,delete..) to the specific processes or users. Example: Set the full access rights to the process "notepad.exe", set the readonly access rights to the process "wordpad.exe", remove all the access rights to other processes.
AddFileFilterRule(LEAST_ACCESS_FLAG, L"c:\test\", 1); AddProcessRightsToFilterRule(L"c:\test\",L"notepad.exe",ALLOW_MAX_RIGHT_ACCESS); AddProcessRightsToFilterRule(L"c:\test\*",L"wordpad.exe",ALLOW_MAX_RIGHT_ACCESS&(~(ALLOW_OPEN_WITH_CREATE_OR_OVERWRITE_ACCESS|ALLOW_WRITE_ACCESS|ALLOW_FILE_RENAME|ALLOW_FILE_DELETE|ALLOW_SET_INFORMATION));
| Product Name | Description |
|---|---|
| Cloud File System SDK | EaseFilter Cloud File System SDK Introduction. |
| CloudTier Storage Tiering SDK | EaseFilter Storage Tiering Filter Driver SDK Introduction. |
| File Monitor SDK | EaseFilter File Monitor Filter Driver SDK Introduction. |
| File Control SDK | EaseFilter File Control Filter Driver SDK Introduction. |
| File Encryption SDK | EaseFilter Transparent File Encryption Filter Driver SDK Introduction. |
| Registry Filter SDK | EaseFilter Registry Filter Driver SDK Introduction. |
| Process Filter SDK | EaseFilter Process Filter Driver SDK Introduction. |
| EaseFilter SDK Programming | EaseFilter Filter Driver SDK Programming. |
| Sample Project | Description |
|---|---|
| CloudTier Storage Tiering Demo | A HSM File System Filter Driver Demo. |
| CloudTier S3 Tiering Demo | CloudTier S3 Intelligent Tiering Demo. |
| Cloud File DR S3 Demo | Cloud File DR S3 Demo. |
| Amazon S3 File Explorer Demo | Amazon S3 File Explorer Demo. |
| Auto File DRM Encryption | Auto file encryption with DRM data embedded. |
| Transparent File Encrypt | Transparent on access file encryption. |
| Secure File Sharing with DRM | Secure encrypted file sharing with digital rights management. |
| File Monitor Example | Monitor file system I/O in real time, tracking file changes. |
| File Protector Example | Prevent sensitive files from being accessed by unauthorized users or processes. |
| FolderLocker Example | Lock file automatically in a FolderLocker. |
| Process Monitor | Monitor the process creation and termination, block unauthorized process running. |
| Registry Monitor | Monitor the Registry activities, block the modification of the Registry keys. |
| Secure Sandbox Example | A secure sandbox example, block the processes accessing the files out of the box. |
| FileSystemWatcher Example | File system watcher, logging the file I/O events. |
| ZeroTrust Example | Zero trust file access control with encryption feature. |
- Understand MiniFilter Driver
- Understand File I/O
- Understand I/O Request Packets(IRPs)
- Filter Driver Developer Guide
- MiniFilter Filter Driver Framework
- Isolation Filter Driver
If you have questions or need help, please contact support@easefilter.com