CN100340938C - File safety detection method - Google Patents
File safety detection method Download PDFInfo
- Publication number
- CN100340938C CN100340938C CNB2004100920024A CN200410092002A CN100340938C CN 100340938 C CN100340938 C CN 100340938C CN B2004100920024 A CNB2004100920024 A CN B2004100920024A CN 200410092002 A CN200410092002 A CN 200410092002A CN 100340938 C CN100340938 C CN 100340938C
- Authority
- CN
- China
- Prior art keywords
- file
- header
- check code
- attribute information
- file header
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention discloses a file safety detection method which comprises the following steps: a file is added with a file header, property information of the file is added to the file header, and the information is saved with the file; when a system opens the file, the property information saved in the file header is read and compared with the current property information of the file. If the two kinds of information are consistent, the current file is reported not to be modified. Otherwise, the current file is reported to be modified. With the method of the present invention, whether the file is illegally modified or not can be accurately detected in different platform systems to ensure the stability and the safety of the file.
Description
Technical field
The present invention relates to computer safety field, refer to a kind of file security detection method especially.
Background technology
File is the host of data in the computer system, and nearly all software project all be unable to do without file.Therefore, file system safely, stablize extremely important.For file security, with regard to current each file system, system's implementation of different platform has nothing in common with each other, and all can not satisfy the safety requirements of file simultaneously, uniformly.In the prior art, the programmer generally gives different implementation methods according to the characteristic of file place system platform, such as, under Windows2000, the related data of application program, configuration file are below being placed on " My document ", and general Guest user can carry out the reading and writing operation to file.UNIX operating system has been carried out strict regulation to the authority of file, but often the programmer is necessary for a plurality of users that access limit is arranged of application program interpolation, and along with the operation of multi-user to file, the programmer can not learn whether program was destroyed by mistake.
The base attribute that each operating system all has relevant " file description block " to come log file to each file, such as: the read-write properties of file, file size, filename.According to these, we can only obtain current file attribute, but can not know whether file is modified, destroyed.For example, when following situation takes place file, generally can not discover: file breakage (file size changes), file are by accidental destruction (the file size content changes), file attribute change (the readable attribute of writing) and the unauthorized read and write access of file etc.These situations tend to make software project to become dangerous, but we but can't discover.
Because " file description block " is present in the data structure of file system descriptor file, each file system there are differences, and file system is obtained the attribute of file by reading these data structures.These file attributes are not to leave in the middle of the concrete file, but are present in the file system at file place, and when a file is copied into the another one file system, these attributes will be lost.Because different operating system has different file system, and different file system is different to the realization of file security.Basically, these file system can not provide unified, relative complete file security solution.
Summary of the invention
The invention provides a kind of file security detection method, can in the different platform system, detect file and whether be illegally modified.
The inventive method comprises:
A: add file header to file, will preserve in attribute information adding this document head of file and with file;
B: when system opens file, read the attribute information of preserving in the file header, compare,, report that then current file is not modified if consistent with the current attribute information of this document; Otherwise report file is modified.
Described attribute information comprises with file content revises or the multinomial file attribute that changes.
Described attribute information does not comprise revises or the multinomial file attribute that changes with file content.
The file function reading that reads the attribute information of preserving in the file header among the described step B and be by standard realizes.
According to said method of the present invention, the adding check code relevant in described file header also with file attribute and/or file content.
Adding check code in file header comprises the steps:
A: file data is partly calculated the data division check code, join in the file header;
B: content in the file header that has added the data division check code is calculated, drawn the check code of file header part, join in the file header.
When system opens file, use the check code that calculates current file with the corresponding method of generation check code institute's employing method, and compare with the check code of preserving in the file header.
Described verification code generating method is accumulative total verification and method or cyclic redundancy check method.
According to said method of the present invention, also be included in the step of encrypting after file is preserved; When system opens this document, carry out corresponding decryption oprerations.
According to said method of the present invention, also comprise the step that encrypt file is compressed; When system opens this document, carry out corresponding decompression operation.
Adopt method of the present invention, can in the different platform system, accurately detect file and whether be illegally modified; In addition, the present invention, needs to use identical method of calibration that current file is calculated corresponding check code and further guarantees safety of files when system opens file by add check code in file attribute information.
Description of drawings
Fig. 1 is the process flow diagram of the inventive method;
Fig. 2 is file header of the present invention and file data synoptic diagram.
Embodiment
Below in conjunction with accompanying drawing method of the present invention is further elaborated.Referring to Fig. 1, the inventive method comprises the steps:
Step 1: after the original document data content is determined, add a file header (for example: use the C++ program language to write), the attribute information of file is joined in the file header, file header is preserved with file to file.Described attribute information comprises or the multinomial file attribute of revising of changing or multinomial file attribute or not changing with the file content modification with file content, and as shown in Figure 2, following attribute information can join in the file header:
File type: in order to detect whether this Program Type of right and wrong of file;
Filename length and filename: detect filename and whether be modified;
File read-write is carried out attribute: in order to detect the variation of the read-write attribute of file;
The file header version: file header can be upgraded as required;
Versions of data in the file: the programmer can upgrade as required;
Data length: whether file data was modified.
Step 2: whether be illegally modified in order to judge file more accurately, and can also comprise the check code of file data part and the check code of file header part in the file header, and be used for detecting file data part and file header respectively and partly whether be illegally modified.
When carrying out check code calculating, specify the verification code generating method of use by the programmer.As: accumulative total verification and method, CRC (cyclic redundancy check (CRC)) method etc.The check code of acquiescence is accumulative total verification and method, and the programmer can select whether to use accumulative total verification and method or CRC check method.The method of calibration of oneself can certainly be provided.But need import the function pointer of method of calibration into.For example:
As:void?GetlongCheckSum(void
*pBuf,unsigned?long?Len,unsignedlong
*pCheckSum);
Examples of types of claims is typedef void FuncType_CheckSum (void
*, unsigned long, unsigned long
*);
void?GetlongCheckSum(void
*pBuf,unsigned?long?Len,unsigned?long
*pCheckSum){pCheckSum=0;}。
When carrying out verification calculating, because the check code of file data part is the part of file header, should calculate the check code of file data part earlier, and then calculate file header check code partly.
After the information in the file header has been added, file header is preserved with file together as the part of file.Like this, no matter under which operating system platform, can both obtain the information of this document head.
Step 3: whether file can also specify and file be encrypted after preserving.Encryption method can be used E1, E2 encryption method, also can be according to public interface, and the encryption method of expansion, use oneself.After encryption is finished, can compress, dwindle the storage space that file takies, also as a kind of means of file security this document.Compression can be used compression method commonly used, and certainly, the programmer also can expand the compression method of oneself.
Step 4: when the programmer opens this document once more, whether be illegally modified, and encrypted and compression, decompressed before this and decipher if file has passed through if want to detect this document.The decompression that opens file, decryption method must and original compression method and encryption method correspondence, otherwise can't open this document.
Step 5: obtain the file attribute information preserved in the file header and the current attribute information of file.When attribute information in the file header is obtained in realization, strict ANSI C/C++, Use the iostreamlibrary from the ANSI Standard C++library, Use the Standard template library fromthe ANSI Standard C++library (standardization C++ grammer, stdiostream function library, STL that strict American National Standards Institute provides) should be used, otherwise cross-platform purpose can not be realized.For example use int_cdecl stat (const char
*, struct stat
*); Obtain file attribute.
If comprise check code in this document head, also should specify once used check code method when then opening file, calculate file data part check code and top of file respectively and divide check code.
Step 6: then the current attribute information of file and the check code that calculates are compared one by one with the historical attribute information of putting down in writing in the file header, if the comparative result unanimity judge that then file was not modified, otherwise report file is modified.
Certainly, the programmer is revised file if desired, after the modification of finishing file content, need regenerate file header information.
Below be that 1.0 version file C++ file header program structures are given an example:
struct?S_T2100_BCKUP_FILE_HEAD
{
unsigned?char a_cMagicSign[16];
unsigned?long ulHeadChecksum;
unsigned?long ulFileVer;
unsigned?long ulDateLen;
unsigned?long ulDataChecksum;
unsigned?long ulFileAttrib;
unsigned?short usHeadVer;
unsigned?short usFileNameLen;
unsigned?char ucReserved[12];
}
By method of the present invention, can in the different platform system, accurately detect file and whether be illegally modified, thereby guarantee stable, the safety of file in cross-platform.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of claims.
Claims (10)
1, a kind of file security detection method is characterized in that may further comprise the steps:
A: add file header to file, will preserve in attribute information adding this document head of file and with file;
B: when system opens file, read the attribute information of preserving in the file header, compare,, report that then current file is not modified if consistent with the current attribute information of this document; Otherwise report file is modified.
2, the method for claim 1 is characterized in that: described attribute information comprises with file content revises or the multinomial file attribute that changes.
3, the method for claim 1 is characterized in that: described attribute information does not comprise revises or the multinomial file attribute that changes with file content.
4, the method for claim 1 is characterized in that: the file function reading that reads the attribute information of preserving in the file header among the described step B and be by standard realizes.
5, the method for claim 1 is characterized in that: the adding check code relevant with file attribute and/or file content in described file header also.
6, method as claimed in claim 5 is characterized in that: add check code and comprise the steps: in file header
A: file data is partly calculated the data division check code, join in the file header;
B: content in the file header that has added the data division check code is calculated, drawn the check code of file header part, join in the file header.
7, method as claimed in claim 6 is characterized in that: when system opens file, use the check code that calculates current file with the corresponding method of generation check code institute's employing method, and compare with the check code of preserving in the file header.
8, method as claimed in claim 6 is characterized in that: described verification code generating method is accumulative total verification and method or cyclic redundancy check method.
9, the method for claim 1 is characterized in that: also be included in the step of encrypting after file is preserved; When system opens this document, carry out corresponding decryption oprerations.
10, method as claimed in claim 9 is characterized in that: also comprise the step that encrypt file is compressed; When system opens this document, carry out corresponding decompression operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100920024A CN100340938C (en) | 2004-11-04 | 2004-11-04 | File safety detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100920024A CN100340938C (en) | 2004-11-04 | 2004-11-04 | File safety detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1770051A CN1770051A (en) | 2006-05-10 |
| CN100340938C true CN100340938C (en) | 2007-10-03 |
Family
ID=36751388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100920024A Expired - Fee Related CN100340938C (en) | 2004-11-04 | 2004-11-04 | File safety detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100340938C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102520948A (en) * | 2011-12-09 | 2012-06-27 | 福建联迪商用设备有限公司 | Application program maintenance and update method and device |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011157242A2 (en) * | 2011-08-15 | 2011-12-22 | 华为终端有限公司 | Method and device for file protection |
| CN103034815B (en) * | 2011-09-30 | 2015-07-22 | 北大方正集团有限公司 | Detection method and device for portable document format (PDF) file |
| CN102609644B (en) * | 2012-01-11 | 2015-05-13 | 杭州东信北邮信息技术有限公司 | File protection process |
| CN102662789A (en) * | 2012-03-27 | 2012-09-12 | 株洲南车时代电气股份有限公司 | Method for adding CRC (cyclic redundancy check) to ELF (executable linkable format) file |
| CN102622551A (en) * | 2012-04-11 | 2012-08-01 | 无锡华御信息技术有限公司 | File safety protection method |
| CN102902732B (en) * | 2012-09-11 | 2015-09-02 | 南车株洲电力机车研究所有限公司 | A kind of method of adding verification in XML configuration file |
| CN103368963A (en) * | 2013-07-15 | 2013-10-23 | 网宿科技股份有限公司 | HTTP message tamper-proofing method in content distribution network |
| CN103400064B (en) * | 2013-08-20 | 2016-08-24 | 北京网秦天下科技有限公司 | For file encryption and the method and apparatus of deciphering |
| CN103745166A (en) * | 2013-12-27 | 2014-04-23 | 曙光云计算技术有限公司 | Method and device for inspecting file attribute value |
| CN107133120A (en) * | 2016-02-29 | 2017-09-05 | 阿里巴巴集团控股有限公司 | A kind of method of calibration of file data, device |
| CN106126367B (en) * | 2016-06-28 | 2019-09-20 | 湖北锐世数字医学影像科技有限公司 | A kind of self checking method and system of file |
| CN107608639A (en) * | 2017-10-20 | 2018-01-19 | 深圳益邦阳光有限公司 | Queue-type cycle storage method, electronic equipment and storage medium based on flash memory |
| CN109657465A (en) * | 2018-11-07 | 2019-04-19 | 深圳竹云科技有限公司 | A kind of software detecting method based on file corruption degree |
| CN110929110B (en) * | 2019-11-13 | 2023-02-21 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN111753518B (en) * | 2020-08-12 | 2021-03-12 | 深圳潮数软件科技有限公司 | Autonomous file consistency checking method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1326155A (en) * | 2000-05-25 | 2001-12-12 | 英业达股份有限公司 | Method for instantaneous generation of file version |
| CN1441935A (en) * | 2000-05-24 | 2003-09-10 | 埃塞柯尔比茨公司 | System and method for reproduction and authentication of original documents |
| CN1504044A (en) * | 2001-06-12 | 2004-06-09 | �Ҵ���˾ | Method of invisibly embedding and hiding data into soft-copy text documents |
-
2004
- 2004-11-04 CN CNB2004100920024A patent/CN100340938C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1441935A (en) * | 2000-05-24 | 2003-09-10 | 埃塞柯尔比茨公司 | System and method for reproduction and authentication of original documents |
| CN1326155A (en) * | 2000-05-25 | 2001-12-12 | 英业达股份有限公司 | Method for instantaneous generation of file version |
| CN1504044A (en) * | 2001-06-12 | 2004-06-09 | �Ҵ���˾ | Method of invisibly embedding and hiding data into soft-copy text documents |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102520948A (en) * | 2011-12-09 | 2012-06-27 | 福建联迪商用设备有限公司 | Application program maintenance and update method and device |
| CN102520948B (en) * | 2011-12-09 | 2015-08-12 | 福建联迪商用设备有限公司 | Application maintenance update method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1770051A (en) | 2006-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100340938C (en) | File safety detection method | |
| CA2441620C (en) | Data stream header object protection | |
| US7877567B2 (en) | Transporting image files | |
| US8121993B2 (en) | Data sharing and recovery within a network of untrusted storage devices using data object fingerprinting | |
| US8200788B2 (en) | Slice server method and apparatus of dispersed digital storage vaults | |
| US7818532B2 (en) | Method and system for creating and restoring an image file | |
| US7363275B2 (en) | Access right contradiction detection apparatus and analysis rule creation apparatus | |
| US20110099154A1 (en) | Data Deduplication Method Using File System Constructs | |
| US9547549B2 (en) | Handling file system corruption | |
| US20100287221A1 (en) | Templates for configuring file shares | |
| US20050228832A1 (en) | Method and system for verifying integrity of storage | |
| US8839446B2 (en) | Protecting archive structure with directory verifiers | |
| US20070124302A1 (en) | Mapping a Source File From a Source System To a Target System | |
| CN111506578A (en) | Service data checking method, device, equipment and storage medium | |
| CN116560914B (en) | Incremental backup method, system and storage medium under virtual machine CBT failure | |
| US20070250540A1 (en) | A Computer System with File Attribute Extension | |
| CN105302924A (en) | File management method and device | |
| US7634521B1 (en) | Technique for scanning stealthed, locked, and encrypted files | |
| CN111460436B (en) | Unstructured data operation method and system based on blockchain | |
| CN108664796B (en) | So file protection method and device | |
| US9536109B2 (en) | Method and system for administering a secure data repository | |
| CN113704180A (en) | Lossless firmware extraction method based on embedded equipment firmware file information feature library | |
| CN116431596B (en) | Case-level-oriented cross-platform distributed file system and implementation method | |
| Tibor et al. | Development of Multi-Platform Steganographic Software Based on Random-LSB | |
| Bangert | Nail-a practical tool for parsing and generating data formats |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071003 Termination date: 20161104 |