A machine system includes access-constraining mechanisms for protecting the information of certain classes of files from unauthorized intelligible access or from other kinds of access by way of requests supplied from unauthorized classes of programs which may be made at unauthorized periods of time and/or from unauthorized locations and/or under association with unauthorized users. Permission rules are provided for what constitutes an unauthorized access attempt for intelligible or another kind of access to the data of a given file. The given file may be a native one stored in a local machine or an external file stored in a remote server and/or on easily removable media. The machine system includes localizing means for Transparently and Temporarily Localizing (TTL'ing) external files and their respective access permission rules so that such may be processed within relatively physically-secure confines of the local machine. Such localized processing may include automatic decryption of confidential file data on a per-use basis and automatic later re-encrypting of modified data. Modified ones of TTL'ed files may be returned back to their non-local home after such processing.