CN109460671A - A method of realizing that web page contents are anti-tamper based on operating system nucleus - Google Patents
A method of realizing that web page contents are anti-tamper based on operating system nucleus Download PDFInfo
- Publication number
- CN109460671A CN109460671A CN201811225508.6A CN201811225508A CN109460671A CN 109460671 A CN109460671 A CN 109460671A CN 201811225508 A CN201811225508 A CN 201811225508A CN 109460671 A CN109460671 A CN 109460671A
- Authority
- CN
- China
- Prior art keywords
- sys
- module
- read
- file
- kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
It is a kind of to realize that the anti-tamper method of web page contents is related to information technology field based on operating system nucleus, realize that step necessity comprising modules of the invention include: operating system bottom, kernel kidnaps module, scheduler module, initialization module, shared section key, bidirectional pointer queue, configuration file, web page fingerprint memory, backup module.The present invention quickly carries out authority checking to the file of current operation process and current operation catalogue in such a way that intercepting system calls and stops its operating system for the process illegally authorized, protects the safety of catalogue file.Based on the tamper-resistance techniques of operating system nucleus state, the technical difficulty distorted is improved, the illegal operation to file is preferably prevented, more effectively ensure that the safety of web server file system.
Description
Technical field
The present invention relates to electronic information technical fields.
Background technique
With the development of society, internet obtains very big popularize.Government, enterprise, individual etc. are in order to publicize oneself shape
As product function all can be showed these information on the internet by way of webpage.There are various on internet
Network behavior, such as hacker attack cause very big as long as web page contents, by hacker attack, possible web page contents are directly modified
Adverse effect.
Webpage tamper resistant systems are quite a few currently on the market, are substantially from non-OS level and are detected, from anti-
Only process is interrupted, thread is prevented to be tampered, product driving is prevented to be tampered, catalogue is prevented to be altered, preventing registration table from being usurped
Change, prevent self-starting from being obstructed several aspects to webpage progress anti-tampering protection.Prevent webpage from being usurped from non-OS level
There are two disadvantages for the technology changed: first is that the performance of server may be seriously affected, second is that matching speed is slower.It is asked for this two
Topic, the present invention starts with from operating system nucleus, direct intercept operation system is called, and the matched speed greatly speeded up improves
The safety of web server.
Shared technical interpretation:
DMA refers to that external equipment does not exchange the interfacing of data directly by CPU with Installed System Memory.
Web page fingerprint generates, and reading web page files content to generate MD5 value by MD5 algorithm is commonly used shared skill
Art.
WEB server provides the server that website stores and accesses and is commonly referred to as WEB server.
Summary of the invention
Realize a kind of method anti-tamper based on operating system nucleus realization web page contents of the invention, it is characterised in that real
Existing necessary comprising modules of the invention include: operating system bottom, and kernel kidnaps module, scheduler module, and initialization module is shared
Memory field, bidirectional pointer queue, configuration file, web page fingerprint memory, backup module.
Realize that a kind of the step of realizing web page contents anti-tamper method based on operating system nucleus of the invention includes:
1) operating system bottom is kidnapped
Start 1. kernel kidnaps module with operating system, guide goes out to operate the symbol table sys_call_ of system bottom
Table, then the sys_read of the symbol table of replacement operation system bottom, sys_write function address are that kernel kidnaps module
Address has achieved the purpose that kidnap 2 functions;
2. kernel, which kidnaps module, creates a shared section key in User space, the memory field of kernel state is mapped by DMA technology
To User space, the program of such kernel state and User space operates shared section key, and the program of kernel state and User space is all
It can synchronize and receive information;
3. kernel kidnaps module to save the 3 class parameters that User space issues, creation bidirectional pointer queue storage: web page files are protected
Eye protection records path queue, the queue of process white list, path white list queue;
2) WEB server is initialized
1. WEB server generate configuration file, profile information include: 1), web page files protection catalogue, 2), process it is white
List, 3), path white list;
2. initialization module works in the User space of operating system, initialization module reads information from configuration file, passes through DMA skill
Web page files are protected catalogue, process white list by art, and path white list information is transmitted to after kernel kidnaps module and is kidnapped by kernel
Module is stored in bidirectional pointer queue;Module is kidnapped by kernel, web page files protection catalogue is stored in web page files protection catalogue
Path queue kidnaps module by kernel and process white list is stored in process white list queue, kidnaps module for path by kernel
White list is stored in path white list queue;
3. initialization module extracts the fingerprint of All Files under web page files protection catalogue, specific method is to read file content life
At MD5 value, initialization module generates the filename and the corresponding file MD5 of MD5 value of All Files under web page files protection catalogue
Value list is simultaneously stored in web page fingerprint memory;All Files under web page files protection catalogue are stored in standby by initialization module
Part module;Web page files are protected the fingerprint of All Files under catalogue to be stored in web page fingerprint memory by initialization module;
3) daily protection
1. external user accesses web server, the mode of access includes URL access, and illegal invasion access is illegally transferred to access,
The access of external user is kidnapped module intercepts by kernel and is called to sys_read and sys_write system;
2. kernel kidnaps the legitimacy that module judges reading and writing of files respective path:
When kernel, which kidnaps module, obtains the destination directory that sys_read and sys_write system is called, as sys_read and
The destination directory that sys_write system is called in web page files protection directory path queue, then it is original not execute operating system
System is called, and operation terminates;
3. interior when the destination directory that sys_read and sys_write system is called is in web page files protection directory path queue
Core kidnaps module and obtains the destination path that sys_read and sys_write system is called, when sys_read and sys_write system
The destination path of calling does not execute operating system original system calling then in the white list queue of path, and operation terminates;
4. kernel kidnaps module when the destination path that sys_read and sys_write system is called is in the white list queue of path
The process name that sys_read and sys_write system is called is obtained, module is kidnapped when kernel and obtains sys_read and sys_write
The process name that system is called then allows to access in process white list queue, executes operating system original system and calls, operation knot
Beam kidnaps module when kernel and obtains the process name of sys_read and sys_write system calling not in process white list queue
It is considered as illegal user, executes interruption;It needs the path of operation file that shared section key is written simultaneously;
4) the legal update of webpage
1. scheduler module reads sys_read and sys_write operation log, sys_read and sys_write operation log is compared
In current file MD5 value whether in file MD5 value list, when working as in sys_read and sys_write operation log
The MD5 value of preceding document indicates that the current file in sys_read and sys_write operation log does not have in file MD5 value list
It is tampered;
2. being adjusted when the MD5 value of the current file in sys_read and sys_write operation log is not in file MD5 value list
Whether degree module judges the current file in sys_read and sys_write operation log by the process in process white list queue
Operation generates;
3. when the current file in sys_read and sys_write operation log is by the process operation in process white list queue
It generates, explanation is the newly-increased file of legal update, and scheduler module deposits the newly-increased file of legal update according to affiliated directory path
It is stored in backup module, file MD5 value list is written in the title of the newly-increased file of legal update and MD5 value by scheduler module;
5) recovery of webpage
1. when the current file in sys_read and sys_write operation log is not by the process behaviour in process white list queue
It generates, indicates that the current file in sys_read and sys_write operation log has been tampered with, scheduler module is from backup mould
The current file replicated in respective file replacement sys_read and sys_write operation log in block carries out recovery operation.
Beneficial effect
The present invention quickly awards the file of current operation process and current operation catalogue in such a way that intercepting system calls
Power verifying, for the process illegally authorized, stops its operating system, protects the safety of catalogue file.Based in operating system
The tamper-resistance techniques of core state, improve the technical difficulty distorted, and preferably prevent the illegal operation to file, more effectively guarantee
The safety of web server file system.
Detailed description of the invention
Fig. 1 is the necessary comprising modules for completing step of the present invention;
Fig. 2 is kernel state work flow diagram;
Fig. 3 is User space work flow diagram.
Specific embodiment
Referring to Fig. 1 to Fig. 3, a kind of side anti-tamper based on operating system nucleus realization web page contents of the invention is realized
Method, it is characterised in that realize that necessary comprising modules of the invention include: operating system bottom A, kernel kidnaps module B, dispatches mould
Block C, initialization module D, shared section key 2, bidirectional pointer queue 3, configuration file 4, web page fingerprint memory E, backup module
F。
Realize that a kind of the step of realizing web page contents anti-tamper method based on operating system nucleus of the invention includes:
1) operating system bottom is kidnapped
Start 1. kernel kidnaps module B with operating system, guide goes out to operate the symbol table sys_call_ of system bottom A
Table, then the sys_read of the symbol table of replacement operation system bottom A, sys_write function address are that kernel kidnaps mould
Block address has achieved the purpose that kidnap 2 functions;
2. kernel, which kidnaps module B, creates a shared section key 2 in User space, the memory field of kernel state is reflected by DMA technology
It is mapped to User space, the program of such kernel state and User space operates shared section key 2, the program of kernel state and User space
It can synchronize and receive information;
3. kernel kidnaps module B to save the three classes parameter that User space issues, creation bidirectional pointer queue 3 is stored: webpage text
Part protects directory path queue 31, process white list queue 32, path white list queue 33;
2) WEB server is initialized
1. WEB server generate configuration file 4,4 information of configuration file include: 1), web page files protection catalogue 41,2), into
Journey white list 42,3), path white list 43;
2. initialization module D works in the User space of operating system, initialization module D reads information from configuration file 4, passes through
Web page files are protected catalogue 41, process white list 42 by DMA technology, and white list 43 information in path is transmitted to kernel and kidnaps module B
Module B is kidnapped by kernel afterwards and is stored in bidirectional pointer queue 3;Module B is kidnapped by kernel to store web page files protection catalogue 41
Directory path queue 31 is protected in web page files, module B is kidnapped by kernel, process white list 42 is stored in process white list team
Column 32 kidnap module B by kernel and path white list 43 are stored in path white list queue 33;
3. initialization module D extracts the fingerprint of the lower All Files of web page files protection catalogue 41, specific method is read in file
Hold and generate MD5 value, it is corresponding that initialization module D generates the filename of All Files and MD5 value under web page files protection catalogue 41
File MD5 value list 5 is simultaneously stored in web page fingerprint memory E;Initialization module D protects web page files all under catalogue 41
File is stored in backup module F;The fingerprint of the lower All Files of web page files protection catalogue 41 is stored in webpage by initialization module D
Fingerprint memory E;
3) daily protection
1. external user accesses WEB server, the mode of access includes URL access, and illegal invasion access is illegally transferred to access,
The access of external user kidnaps module B by kernel and is truncated to sys_read and sys_write system calling;
2. kernel kidnaps the legitimacy that module B judges reading and writing of files respective path:
When kernel, which kidnaps module B, obtains the destination directory that sys_read and sys_write system is called, as sys_read and
The destination directory that sys_write system is called in web page files protection directory path queue 31, does not then execute operating system original
There is system calling, operation terminates;
3. when the destination directory that sys_read and sys_write system is called is in web page files protection directory path queue 31,
Kernel kidnaps module B and obtains the destination path that sys_read and sys_write system is called, as sys_read and sys_write
The destination path that system is called does not execute operating system original system calling then in path white list queue 33, and operation terminates;
4. kernel kidnaps mould when the destination path that sys_read and sys_write system is called is in path white list queue 33
Block B obtains the process name that sys_read and sys_write system is called, and kidnaps module B when kernel and obtains sys_read and sys_
The process name that write system is called then allows to access in process white list queue 32, executes operating system original system and calls,
Operation terminates, and kidnaps module B when kernel and obtains the process name of sys_read and sys_write system calling not in process white list
It is considered as illegal user in queue 32, executes interruption;It needs the path of operation file that shared section key 2 is written simultaneously;
4) the legal update of webpage
1. scheduler module C reads sys_read and sys_write operation log, compares sys_read and sys_write and operate day
Whether the MD5 value of the current file in will is in file MD5 value list 5, when in sys_read and sys_write operation log
The MD5 value of current file indicates the current file in sys_read and sys_write operation log in file MD5 value list 5
It is not tampered with;
2. being adjusted when the MD5 value of the current file in sys_read and sys_write operation log is not in file MD5 value list 5
Whether degree module C judges the current file in sys_read and sys_write operation log by process white list queue 32
Process operation generates;
3. when the current file in sys_read and sys_write operation log is by the process behaviour in process white list queue 32
It generates, explanation is the newly-increased file of legal update, and scheduler module C is by the newly-increased file of legal update according to affiliated directory path
It is stored in backup module F, file MD5 value list 5 is written in the title of the newly-increased file of legal update and MD5 value by scheduler module C;
5) recovery of webpage
1. when the current file in sys_read and sys_write operation log is not by the process in process white list queue 32
Operation generates, and indicates that the current file in sys_read and sys_write operation log has been tampered with, scheduler module C is from standby
Current file in part module F in duplication respective file replacement sys_read and sys_write operation log carries out recovery operation.
Claims (1)
1. realizing a kind of method anti-tamper based on operating system nucleus realization web page contents of the invention, it is characterised in that realize
Necessary comprising modules of the invention include: operating system bottom, and kernel kidnaps module, scheduler module, and initialization module is shared interior
Deposit area, bidirectional pointer queue, configuration file, web page fingerprint memory, backup module;
Realize that a kind of the step of realizing web page contents anti-tamper method based on operating system nucleus of the invention includes:
1) operating system bottom is kidnapped
Start 1. kernel kidnaps module with operating system, guide goes out to operate the symbol table sys_call_ of system bottom
Table, then the sys_read of the symbol table of replacement operation system bottom, sys_write function address are that kernel kidnaps module
Address has achieved the purpose that kidnap 2 functions;
2. kernel, which kidnaps module, creates a shared section key in User space, the memory field of kernel state is mapped by DMA technology
To User space, the program of such kernel state and User space operates shared section key, and the program of kernel state and User space is all
It can synchronize and receive information;
3. kernel kidnaps module to save the 3 class parameters that User space issues, creation bidirectional pointer queue storage: web page files are protected
Eye protection records path queue, the queue of process white list, path white list queue;
2) WEB server is initialized
1. WEB server generate configuration file, profile information include: 1), web page files protection catalogue, 2), process it is white
List, 3), path white list;
2. initialization module works in the User space of operating system, initialization module reads information from configuration file, passes through DMA skill
Web page files are protected catalogue, process white list by art, and path white list information is transmitted to after kernel kidnaps module and is kidnapped by kernel
Module is stored in bidirectional pointer queue;Module is kidnapped by kernel, web page files protection catalogue is stored in web page files protection catalogue
Path queue kidnaps module by kernel and process white list is stored in process white list queue, kidnaps module for path by kernel
White list is stored in path white list queue;
3. initialization module extracts the fingerprint of All Files under web page files protection catalogue, specific method is to read file content life
At MD5 value, initialization module generates the filename and the corresponding file MD5 of MD5 value of All Files under web page files protection catalogue
Value list is simultaneously stored in web page fingerprint memory;All Files under web page files protection catalogue are stored in standby by initialization module
Part module;Web page files are protected the fingerprint of All Files under catalogue to be stored in web page fingerprint memory by initialization module;
3) daily protection
1. external user accesses web server, the mode of access includes URL access, and illegal invasion access is illegally transferred to access,
The access of external user is kidnapped module intercepts by kernel and is called to sys_read and sys_write system;
2. kernel kidnaps the legitimacy that module judges reading and writing of files respective path:
When kernel, which kidnaps module, obtains the destination directory that sys_read and sys_write system is called, as sys_read and
The destination directory that sys_write system is called in web page files protection directory path queue, then it is original not execute operating system
System is called, and operation terminates;
3. interior when the destination directory that sys_read and sys_write system is called is in web page files protection directory path queue
Core kidnaps module and obtains the destination path that sys_read and sys_write system is called, when sys_read and sys_write system
The destination path of calling does not execute operating system original system calling then in the white list queue of path, and operation terminates;
4. kernel kidnaps module when the destination path that sys_read and sys_write system is called is in the white list queue of path
The process name that sys_read and sys_write system is called is obtained, module is kidnapped when kernel and obtains sys_read and sys_write
The process name that system is called then allows to access in process white list queue, executes operating system original system and calls, operation knot
Beam kidnaps module when kernel and obtains the process name of sys_read and sys_write system calling not in process white list queue
It is considered as illegal user, executes interruption;It needs the path of operation file that shared section key is written simultaneously;
4) the legal update of webpage
1. scheduler module reads sys_read and sys_write operation log, sys_read and sys_write operation log is compared
In current file MD5 value whether in file MD5 value list, when working as in sys_read and sys_write operation log
The MD5 value of preceding document indicates that the current file in sys_read and sys_write operation log does not have in file MD5 value list
It is tampered;
2. being adjusted when the MD5 value of the current file in sys_read and sys_write operation log is not in file MD5 value list
Whether degree module judges the current file in sys_read and sys_write operation log by the process in process white list queue
Operation generates;
3. when the current file in sys_read and sys_write operation log is by the process operation in process white list queue
It generates, explanation is the newly-increased file of legal update, and scheduler module deposits the newly-increased file of legal update according to affiliated directory path
It is stored in backup module, file MD5 value list is written in the title of the newly-increased file of legal update and MD5 value by scheduler module;
5) recovery of webpage
1. when the current file in sys_read and sys_write operation log is not by the process behaviour in process white list queue
It generates, indicates that the current file in sys_read and sys_write operation log has been tampered with, scheduler module is from backup mould
The current file replicated in respective file replacement sys_read and sys_write operation log in block carries out recovery operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811225508.6A CN109460671B (en) | 2018-10-21 | 2018-10-21 | Method for realizing webpage content tamper resistance based on operating system kernel |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811225508.6A CN109460671B (en) | 2018-10-21 | 2018-10-21 | Method for realizing webpage content tamper resistance based on operating system kernel |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109460671A true CN109460671A (en) | 2019-03-12 |
CN109460671B CN109460671B (en) | 2021-10-26 |
Family
ID=65607988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811225508.6A Active CN109460671B (en) | 2018-10-21 | 2018-10-21 | Method for realizing webpage content tamper resistance based on operating system kernel |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109460671B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110198300A (en) * | 2019-03-13 | 2019-09-03 | 腾讯科技(深圳)有限公司 | A kind of honey jar operation system fingerprint concealment method and device |
CN110377436A (en) * | 2019-07-12 | 2019-10-25 | 清华大学 | Data storage access method, equipment and the device of persistence memory |
CN111539042A (en) * | 2020-07-13 | 2020-08-14 | 南京云信达科技有限公司 | Safe operation method based on trusted storage of core data files |
CN111967058A (en) * | 2020-07-28 | 2020-11-20 | 浙江军盾信息科技有限公司 | Tamper-proof method supporting user white list, electronic device and storage medium |
CN112000375A (en) * | 2020-07-13 | 2020-11-27 | 深圳市智微智能软件开发有限公司 | Starting stage judgment method, device, equipment and storage medium of android system |
CN112346792A (en) * | 2020-06-11 | 2021-02-09 | 广州锦行网络科技有限公司 | Port multiplexing method based on Linux system |
CN115840938A (en) * | 2023-02-21 | 2023-03-24 | 山东捷讯通信技术有限公司 | File monitoring method and device |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6240531B1 (en) * | 1997-09-30 | 2001-05-29 | Networks Associates Inc. | System and method for computer operating system protection |
US20060028987A1 (en) * | 2004-08-06 | 2006-02-09 | Alexander Gildfind Andrew J | Method and system for controlling utilisation of a file system |
US20090217377A1 (en) * | 2004-07-07 | 2009-08-27 | Arbaugh William A | Method and system for monitoring system memory integrity |
CN102547400A (en) * | 2010-12-08 | 2012-07-04 | 中国科学院声学研究所 | Content security protection method of embedded television terminal system |
CN104766009A (en) * | 2015-03-18 | 2015-07-08 | 杭州安恒信息技术有限公司 | System for preventing webpage document tampering based on operating system bottom layer |
US9354977B1 (en) * | 2008-12-15 | 2016-05-31 | Open Invention Network Llc | System and method for hybrid kernel- and user-space incremental and full checkpointing |
CN106933872A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | A kind of method and device that cloud storage service is accessed by traditional file systemses interface |
CN108090003A (en) * | 2017-11-20 | 2018-05-29 | 广东睿江云计算股份有限公司 | A kind of method, the system of the promotion WEB server performance based on zero-copy |
-
2018
- 2018-10-21 CN CN201811225508.6A patent/CN109460671B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6240531B1 (en) * | 1997-09-30 | 2001-05-29 | Networks Associates Inc. | System and method for computer operating system protection |
US20090217377A1 (en) * | 2004-07-07 | 2009-08-27 | Arbaugh William A | Method and system for monitoring system memory integrity |
US20060028987A1 (en) * | 2004-08-06 | 2006-02-09 | Alexander Gildfind Andrew J | Method and system for controlling utilisation of a file system |
US9354977B1 (en) * | 2008-12-15 | 2016-05-31 | Open Invention Network Llc | System and method for hybrid kernel- and user-space incremental and full checkpointing |
CN102547400A (en) * | 2010-12-08 | 2012-07-04 | 中国科学院声学研究所 | Content security protection method of embedded television terminal system |
CN104766009A (en) * | 2015-03-18 | 2015-07-08 | 杭州安恒信息技术有限公司 | System for preventing webpage document tampering based on operating system bottom layer |
CN106933872A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | A kind of method and device that cloud storage service is accessed by traditional file systemses interface |
CN108090003A (en) * | 2017-11-20 | 2018-05-29 | 广东睿江云计算股份有限公司 | A kind of method, the system of the promotion WEB server performance based on zero-copy |
Non-Patent Citations (1)
Title |
---|
王娜 等: "基于事件驱动的一种网页防篡改系统", 《电脑编程技巧与维护》 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110198300A (en) * | 2019-03-13 | 2019-09-03 | 腾讯科技(深圳)有限公司 | A kind of honey jar operation system fingerprint concealment method and device |
CN110198300B (en) * | 2019-03-13 | 2022-01-14 | 腾讯科技(深圳)有限公司 | Honeypot operating system fingerprint hiding method and device |
CN110377436A (en) * | 2019-07-12 | 2019-10-25 | 清华大学 | Data storage access method, equipment and the device of persistence memory |
CN112346792A (en) * | 2020-06-11 | 2021-02-09 | 广州锦行网络科技有限公司 | Port multiplexing method based on Linux system |
CN112346792B (en) * | 2020-06-11 | 2021-09-21 | 广州锦行网络科技有限公司 | Port multiplexing method based on Linux system |
CN111539042A (en) * | 2020-07-13 | 2020-08-14 | 南京云信达科技有限公司 | Safe operation method based on trusted storage of core data files |
CN112000375A (en) * | 2020-07-13 | 2020-11-27 | 深圳市智微智能软件开发有限公司 | Starting stage judgment method, device, equipment and storage medium of android system |
CN112000375B (en) * | 2020-07-13 | 2023-12-26 | 深圳市智微智能软件开发有限公司 | Method, device, equipment and storage medium for judging startup stage of android system |
CN111967058A (en) * | 2020-07-28 | 2020-11-20 | 浙江军盾信息科技有限公司 | Tamper-proof method supporting user white list, electronic device and storage medium |
CN115840938A (en) * | 2023-02-21 | 2023-03-24 | 山东捷讯通信技术有限公司 | File monitoring method and device |
Also Published As
Publication number | Publication date |
---|---|
CN109460671B (en) | 2021-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109460671A (en) | A method of realizing that web page contents are anti-tamper based on operating system nucleus | |
CN110647754B (en) | Method, apparatus, medium and system for enforcing view separation in a file system | |
Bates et al. | Towards secure provenance-based access control in cloud environments | |
Gray et al. | D’Agents: Security in a multiple-language, mobile-agent system | |
US10289860B2 (en) | Method and apparatus for access control of application program for secure storage area | |
JP4854000B2 (en) | Confidential file protection method | |
KR101382222B1 (en) | System and method for mobile data loss prevention which uses file system virtualization | |
CN101283332A (en) | Information processing device, information processing method, and program | |
CN102902909A (en) | System and method for preventing file from being tampered | |
JP4636607B2 (en) | How to protect sensitive files in security application | |
BRPI0404008B1 (en) | system that manages the partitioning of an application, method of a first software object that runs in a first environment by manipulating data to which a policy applies, system that supports partitioning of an application into at least one first software object and a second software object | |
Weinhold et al. | VPFS: Building a virtual private file system with a small trusted computing base | |
CN111400702A (en) | Virtualized operating system kernel protection method | |
US11537753B2 (en) | Method and device for dynamic control, at file level, of the integrity of program files in a persistent memory of a computer, computer program and computer incorporating same | |
US20050216466A1 (en) | Method and system for acquiring resource usage log and computer product | |
CN115017497A (en) | Information processing method, device and storage medium | |
CN111737304B (en) | Processing method, device and equipment of block chain data | |
CN115244535A (en) | System and method for protecting folders from unauthorized file modification | |
CN105760164A (en) | Method for achieving ACL permission in user space file system | |
CN114626084A (en) | Secure smart container for controlling access to data | |
CN103023651A (en) | Method and device for monitoring access of mobile device | |
CN103051608A (en) | Access monitoring method and device of movable equipment | |
CN111967059A (en) | Website tamper-proofing method and system and computer readable storage medium | |
CN112906045A (en) | Mobile phone shield access record storage certificate and alarm method and computer system | |
Viswanathan et al. | Dynamic monitoring of website content and alerting defacement using trusted platform module |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |