CBFS Connect
CBFS Filter
PCAP Filter
CBFS Sync
CBFS Vault
CBFS Shell
SFTP Drive
AES Drive
DAV Drive
S3 Drive
NFS Drive
Azure Drive
File Isolation in CBFS Filter
Filesystem filters can be broadly divided into two categories: standard filters and isolation filters. Standard filters passively collect data while isolation filters additionally modify that data. Malware scanning and filesystem auditing are common use cases of a standard filter. Providing per-process encryption, compression, and remote storage access are common use cases of isolation filters.
CBFS Filter can easily provide both types of filtering through a straight-forward API. The underlying calls to manage the operating system are abstracted away, providing a robust building block for your custom filtering solution.
Filtering can be applied to a wide variety of use cases, some of which are detailed in this article. Perhaps a solution to your upcoming project needs could be inspired by something here.
Example Use Cases
Isolate User Changes & Maintain Persistent Original Data
The Isolation Filter enables you to keep an unchangeable, persistent version of files and folders, no matter what users have changed. When a user accesses (reads) a file for the first time, the original data are provided to them. If the user modifies the data, the modifications are written to another location, and upon the next reading, the modified data are provided to the user. But once the user logs out, these modified data may be discarded or moved away. This way, the original state of the local file is preserved, and the user does not modify the original files.
Keep Sensitive Data on Your Server, Not User's Machines
When users access data stored in popular cloud storage solutions, such as OneDrive, they can typically download those files onto their machines and then change them. This creates a security hole because, while those files are stored locally, they are unprotected. With the Isolation Filter, you can keep the empty placeholders on the disk but provide real data on-the-fly; changes would also be written directly to the remote server. Your users can safely access data without exposing it to the vulnerabilities of hosting it on their own machines.
Protect Server Data by Controlling Shadow Mode Access
A combination of these two cases is the shadow mode of accessing the server data. A user can access a file in the synchronized directory. The original file data would come from the server, but all of the changes would be stored only locally (possibly, in a separate cache directory) and not synchronized to the server. This way, you can protect the original data in the server.
We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at support@callback.com.