CN101004767A - Control method for accessing computer system and I/0 ports - Google Patents
Control method for accessing computer system and I/0 ports Download PDFInfo
- Publication number
- CN101004767A CN101004767A CN 200610001482 CN200610001482A CN101004767A CN 101004767 A CN101004767 A CN 101004767A CN 200610001482 CN200610001482 CN 200610001482 CN 200610001482 A CN200610001482 A CN 200610001482A CN 101004767 A CN101004767 A CN 101004767A
- Authority
- CN
- China
- Prior art keywords
- port
- client modules
- end module
- computer system
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
A computer system enabling to control access of its I/O port comprises user operation unit with client end module for carrying out interaction with service end module and for receiving inputted I/O port access control parameters, service operation unit with service end module for carrying out interaction with client end module and for executing said control parameters, virtualizer monitor with I/O switch control module for deciding whether I/O command from user operation unit is to be executed or not according to said control parameters and I/O state monitor for displaying state of I/O port.
Description
Technical field
The present invention relates to computer system, particularly relate to a kind of computer system and I/O port access control method thereof.
Background technology
Along with computer technology and development of internet technology, the office automation level of modern enterprise progressively improves, enterprise also strengthens day by day for the dependence of computing machine and network, and the inevitable significant problem that information security issue also becomes enterprise to be faced, wherein the confidential data leakage problem is the unusual problems of being concerned about of numerous new high-tech enterprises, and this is because confidential data leaks and will cause immeasurable loss to enterprise.Therefore, leak for avoiding confidential data, a lot of enterprises have all taked some measures.Most of enterprises all will store the computing machine and the extranets of confidential data and isolate, and use intranet and private to take precautions against the illegal access of external staff for our unit's data, and reveal for the confidential data of copy mode, many units all take to limit the employee and use floppy drive, CD-ROM drive, USB port to carry out some measures such as copying data.In addition, also some unit leaks by the copy form for fear of confidential data, even floppy drive read write line, CD-ROM drive etc. are removed from physical unit, and seals up USB port, the USB gauge tap of perhaps entrusting some manufacturers to be provided with on main frame to lock outside one only allows keeper's toggle switch.Though the effect of avoiding data to leak by copy mode has also been played in the use of these methods, mode is not too flexible.
For fear of passing through floppy drive, mode such as CD-ROM drive and USB copies classified papers and causes secret to reveal, a kind of confidential information management system has also appearred at present, this system manages concentratedly original document, and be converted into unchangeable peculiar form, the employee is browsed by the reader that is embedded among the IE, these files are become can only be in inner online browsing and can not be to its e-file of making amendment, and all users are provided with specified permission, the user's of different rights access rights are also different, for example the user that rank is high can print, what rank was low can only read, propagate for preventing secondary, also adopt the mode of machine binding, only allow the e-file in the particular machine ability accessed web page in the in-house network.This mode is revealed for the classified papers of copy mode, really play a good role, yet, for many research and development business unit, the perhaps research and development department of business unit inside, promptly in developer's computing machine, preserve under the situation of data such as many confidential datas, classified papers, program design file usually, just can't use this confidential information management system to prevent the secret leakage of copying data mode.
In addition, also has a kind of method that prevents the secret leakage of copy mode, this mode is that other software of kernel level is installed in operating system of user, by other software of this kernel level the I/O port is carried out switch control, but this way can't prevent that the user from entering the safe mode of operating system from being about to other software deletion of this kernel level.
More existing ways or some are extreme, mode is very dumb, can't realize that computer system management person dynamically is provided with the access rights of I/O port as required, perhaps allow the user to use these ports as required temporarily, can not prevent that user oneself from removing the switch control functions of I/O port, in addition, can't allow the user understand the forbidding situation of port intuitively, be which port allows to use, which port blocking uses.
Summary of the invention
For this reason, the method that one object of the present invention just provides a kind of computer system and the I/O port access of this system is controlled makes it possible to dynamically arrange I/O port access authority, can not be changed by unwarranted user.
Another object of the present invention is to, the method that a kind of computer system is provided and the I/O port access of this system is controlled makes the user can see the forbidding situation of I/O port intuitively.
The invention provides a kind of computer system for this reason, comprise at least one operating system of user, the service operations system, virtual machine monitor and hardware platform is characterized in that:
Operating system of user comprises client modules, is used for carrying out alternately with the service end module of service operations system, and receives the I/O port access control parameter information of input;
The service operations system comprises the service end module, is used for carrying out alternately with described client modules, and carries out the modification that is provided with of I/O port access controlled variable;
Virtual machine monitor comprises the I/O switch control module, is used for whether decision allows the I/O that carries out from operating system of user to instruct according to I/O port controlling parameter.
Computer system of the present invention is characterized in that also comprising the I/O Status Monitor, is used for intuitively showing according to I/O port access controlled variable the state of I/O port.
Computer system of the present invention is characterized in that, described service operations system is the sightless embedded OS of user.
Computer system of the present invention, wherein, described computer system comprises Nonvolatile rewriteable areas of dielectric and the predetermined region of memory that is used to store I/O port controlling parameter information.
Computer system of the present invention, it is characterized in that, also comprise the remote computer that is attached thereto by network, comprise client modules in the described remote computer with network function, the service end module that described service operations system is comprised also has network function, and the client modules in the remote computer is undertaken by comprising the service end module in network and the service operations system alternately.
Computer system of the present invention is characterized in that, described service operations system is the sightless embedded OS of user.
Computer system of the present invention wherein, is all preserved I/O port controlling parameter information in the Nonvolatile rewriteable medium of computer system He in the internal memory presumptive area.
Computer system of the present invention, wherein the service end module is Web server, client modules is a browser commonly used.
Computer system of the present invention, wherein service end module and client modules are SNMP server.
The present invention also provides a kind of method that realizes the control of I/O port access in computer system of the present invention, said method comprising the steps of:
The method of I/O port access control of the present invention, wherein said step 4 also comprises: I/O port access control parameter information is sent to the I/O Status Monitor.
The method of I/O port access control of the present invention, the setting of the I/O port access controlled variable that sets in advance in the wherein said step 3 may further comprise the steps:
The department of computer science of the present invention I/O port access control method of unifying has not only realized the access control of I/O port flexibly, has prevented that also the user from deleting the access control function to the I/O port voluntarily, and has made the user can see the interface disabling situation intuitively.
Description of drawings
In conjunction with the embodiments the present invention is described in detail below with reference to the accompanying drawings, wherein:
Fig. 1 is the structural representation of computer system of the present invention;
Fig. 2 is the process flow diagram of I/O port access control method of the present invention;
Fig. 3 utilizes client modules to carry out the process flow diagram that parameter is provided with;
Fig. 4 is the data structure diagram of the I/O port access controlled variable in the computer system of the present invention;
Relate to the structural representation that I/O port access controlled variable be provided with the html page of part of Fig. 5 for using in the present invention;
Fig. 6 is the structural representation that is included in the I/O Status Monitor in the Be Controlled computing machine of computer system of the present invention;
Fig. 7 is the synoptic diagram of the state indication panel of I/O Status Monitor shown in Figure 6.
Embodiment
Fig. 1 shows the structural representation of computer system of the present invention, and shown controlled computer comprises service operations system (SOS), operating system of user (COS), virtual machine monitor (VMM), I/O Status Monitor and hardware platform.Wherein, operating system of user is the operating system that the final user uses, such as widows XP; The service operations system is the operating system that various services are provided for operating system of user; Virtual machine monitor is highest level " the privilege layer " that runs directly on the hardware, has the system resource control, be used for the software layer that hardware control system resource (processor, internal memory, miscellaneous equipment etc.) is distributed, described operating system of user and service operating system are on this virtual machine monitor; The I/O Status Monitor is used to show the forbidding situation of current I/O port; Wherein, described hardware platform virtual support computations.
Above-mentioned operating system of user includes client modules, be used for carrying out alternately to realize the visit of I/O port access controlled variable with the service end module of service operations system, the system manager can be by the service end module of this client modules from the service operations system configuration information that gets parms, so that check the situation that is provided with of the I/O port access controlled variable of controlled computer, also can by client modules to parameter setting change, the I/O port access control parameter information after client modules will be changed sends to the service end module in the service operations system.
In above-mentioned service operations system, include the service end module, be used for carrying out alternately and carrying out the setting of I/O port access controlled variable with client modules, the service end module receives the request of I/O port access controlled variable, the configuration information that gets parms of client's module and sends to client modules, the changed information that reception is provided with from the parameter of client modules, and according to the changed information that is received I/O port access controlled variable is upgraded.
Operation has the I/O switch control module in above-mentioned virtual machine monitor (VMM), be used for according to I/O port access controlled variable, whether decision allows to carry out the I/O instruction from operating system of user, to transmit control signal simultaneously to the I/O Status Monitor, to show the forbidding situation of current I/O port.
In the computer system shown in Fig. 1, each controlled computer links together by network.Preferably, use remote computer controlled computer to be carried out centralized control by the system manager by network.Therefore, the service end module in the preferred service operating system has network function, and the client modules that comprises in the remote computer also has network function to carry out alternately with the service end module in the remote computer.Should be pointed out that the controlled computer shown in Fig. 1 can be provided with I/O access control parameter by the client modules in the operating system of user, therefore a controlled computer also can constitute computer system of the present invention.
For safety, in computer system of the present invention, client modules can adopt some restrictions to the visit of service operations system, makes to have only the keeper can change setting, such as by modes such as authentications.
Be presented in the computer system of the present invention below with reference to Fig. 2, carry out the method step of I/O port access control.
Fig. 2 shows the process flow diagram of I/O port access control method of the present invention.At first, operating system of user sends the request of I/O port access.Particularly, in operating system of user, user's operation or the request of application triggers I/O port access, this request of access is submitted to the operating system of user kernel after being converted into function call, hardware drive program in the operating system of user kernel is converted to the I/O instruction that I/O port access controller can be discerned with this function call, submits to I/O port access controller by CPU then and goes to carry out.
Then, virtual machine monitor is intercepted and captured the instruction from the I/O of service operations system.Owing to adopted Intel Virtualization Technology in the present invention, therefore on hardware platform of the present invention, CPU supports the instruction of two classes, one class is to use the ROOT instruction for virtual machine monitor specially, another kind of is specially for operating in the NON-ROOT instruction that operating system is used on the virtual machine monitor, therefore, when CPU receives from the I/O of operating system of user instruction, just give virtual machine monitor with control, for example, call the VM-ENTRY order, make to become the ROOT pattern from the NON-ROOT mode switch, and virtual machine monitor is transferred in the I/O instruction handled, virtual machine monitor been has just has been intercepted and captured the I/O instruction from operating system of user like this.
Then, I/O switch control module in the virtual machine monitor is according to the type of these I/O instructions of being intercepted and captured, configuration information gets parms from the predetermined region of memory of storage I/O port access controlled variable, and judge it is to forbid that these I/O instructions carry out according to the parameter information that obtains, still allow to carry out this instruction.It should be noted that, because virtual monitor mainly is responsible for operating system and carries out resources allocation and management, and can not be based on self demand from such as directly obtaining I/O port access controlled variable configuration information on the hard disk, therefore need in predetermined region of memory, preserve a I/O port access control parameter information, the configuration information so that virtual machine monitor can get parms, for example, can be when system start-up will be stored in such as the I/O port access controlled variable in the hard disk and copy in the predetermined region of memory, and also need to upgrade the parameter setting in this predetermined region of memory after the parameter change by the service operations system.
Carry out if allow, CPU submits to the execution of I/O port access controller with these I/O instructions so, transmit control signal simultaneously and make its I/O of demonstration port status directly perceived to the I/O Status Monitor, behind the complete operation, the CPU power of will operating is given operating system of user, for example calls the VM-EXIT order, makes to become the NON-ROOT pattern from the ROOT mode switch, the hardware drive program of operating system of user returns to operating system of user with request results after obtaining the result of I/O request; Otherwise, forbid the execution of I/O instruction, and transmit control signal and make it show the I/O port status intuitively to the I/O Status Monitor, afterwards, the power of will operating is given operating system of user, for example, CPU calls the VM-EXIT order, become the NON-ROOT pattern from the ROOT mode switch, the hardware drive program of operating system of user returns to operating system of user with request results after obtaining the result of I/O request.Certainly, also can be arranged to the modification indicating status that under the situation that the parameter setting changes, just transmits control signal.The service operations optimum system choosing does not have the embedded OS of Presentation Function.
In the described method of Fig. 2, the I/O switch control module that is arranged in virtual machine monitor is according to the I/O port access controlled variable that sets in advance, and determines whether allowing CPU to give I/O port access controller from the I/O instruction of user's operating system and carries out.Below, will be described in the department of computer science of the present invention the process that I/O port access controlled variable is provided with by client modules with reference to figure 3.
Fig. 3 shows by client modules and carries out the process flow diagram that parameter is provided with.At first, the keeper sends request of access by the service end module of client modules in the service operations system.Then, the service end module in the service operations system is obtained the I/O port access controlled variable configuration information that is stored in system's Nonvolatile rewriteable medium (such as hard disk, EEPROM, FLASH etc.), and these information are sent to client modules.Then, client modules shows after receiving parameter information, the keeper according to demand to I/O port access controlled variable setting change.Then, the parameter information after client modules will be changed sends to the service end module.After the service end module receives parameter setting information after the change, information updating parameter setting after using these to be provided with, comprise and revise the I/O port access controlled variable configuration information that is stored in (such as hard disk, EEPROM, FLASH etc.) in the Nonvolatile rewriteable medium, update stored in the I/O port access controlled variable of predetermined region of memory simultaneously.
When client modules operates in the operating system of user, in this case, client modules can carry out data transmission by shared drive and service end module that virtual machine monitor provides, and data layout can be arranged based on the demand of I/O port switch controlled variable setting.
In addition, can also carry out this parameter setting up procedure by network.At this moment client modules may operate in the operating system of user, also may operate in the remote computer.In computer network, the keeper can be provided with I/O port switch controlled variable by client modules in remote computation.At this moment, service end module and client modules all need have network function.Introduce the process that I/O access control parameter is set by computer network below.At first, the client modules in the remote computer can send request of access to the service end module by the IP address of using the service end module; Then be arranged in the service operations system and be in the service end module of waiting for the request of access state is sent to I/O port access control parameter information remote computer by network client modules; The keeper can check existing I/O port access controlled variable, and as required I/O port access controlled variable is provided with by client modules.I/O port access controlled variable after being provided with is sent to service end module in the controlled computer by the client modules in the remote computer by network.The service end module is used amended parameter information then, and the undated parameter setting comprises the parameter setting information that updates stored in the predetermined region of memory.
Among the present invention, be used to provide the service end module of network function to realize in Web Server mode, client modules just can use directly that existing web browser software communicates with in the operating system like this, realizes that finally controlled variable is provided with function.In addition, can also adopt alternate manner to realize, realize that with SNMP Server the client modules on the remote computer can use SNMPServer, and communicates by snmp protocol between the two such as the service end module.In addition, it should be noted that conducts interviews for the service operations system in the controlled computer need carry out control of authority, such as can the control that authentication realizes power that parameter is provided with being set at service end module place.
In the present invention, can designing of the data structure of I/O port access controlled variable as Fig. 4, mainly comprise I/O controller sequence number, three fields of I/O controller title and on off state, can allow and disabled status by " 0 " and " 1 " expression respectively, also can make expression otherwise, allow and " 0 " expression forbidding, perhaps use " Y " and " N " expression respectively such as " 1 " expression.
Fig. 5 shows under the situation of using the network settings parameter, and that can use in the present invention relates to the structural representation that I/O port access controlled variable is provided with the html page of part.It is corresponding that the display result of this page and parameter shown in Figure 4 are provided with, and wherein on off state is in disabled status for the floppy drive and the USB of " 1 ", and on off state is in the permission user mode for other I/O port of " 0 ".
The I/O Status Monitor that is comprised in the controlled computer of computer system of the present invention, be mainly used in the state that shows the I/O port, make the user intuitively understand I/O interface disabling situation in the computing machine, its structure mainly comprises connecting line joint, singlechip control chip and state indicating member composition as shown in Figure 6.The connecting line joint is used for connecting with the controlled computer main frame, and connected mode can be serial ports, parallel port, the multiple mode of USB mouth; Singlechip control chip is used for the dynamic demonstration of basis from the signal controlling state indicating member of main frame; The state indicating member is used for showing current I/O interface disabling situation according to the control signal from singlechip control chip that simple state indicating member comprises pilot lamp, such as light emitting diode, indicates I/O interface disabling situation by the state of pilot lamp.Certainly, under the situation of only using single indicator elment, also can omit singlechip control chip.
Fig. 7 is the synoptic diagram of the state indication panel of I/O Status Monitor shown in Figure 6.Each pilot lamp is represented a corresponding I/O port status.Realize that I/O port status function for monitoring also need transmit control signal to the I/O monitor intuitively to show the state of I/O port after obtaining status information in I/O port access control procedure.
Computer system provided by the present invention and I/O port access control method thereof, by the I/O switch control module in the virtual machine monitor, realized the control of I/O port access, make managerial personnel that I/O port access controlled variable can be set neatly by the service end module in client modules and the service operations system, and prevented module or information deletion that the unauthorized user will be relevant with this function effectively.In addition, the present invention can also show I/O interface disabling situation intuitively, and making the final user can be well understood to current which port can use, and which port blocking uses.
More than describe and introduced the present invention, but the present invention is not limited in described embodiment by the mode of embodiment.Should be noted in the discussion above that and without departing from the spirit and scope of the present invention situation under, also have many alternative modes and modification, also can adopt form of software to be presented in the operating system of user such as the I/O Status Monitor, check for the final user.
Claims (12)
1. a computer system comprises at least one operating system of user, the service operations system, and virtual machine monitor and hardware platform is characterized in that:
Operating system of user comprises client modules, is used for carrying out alternately with the service end module of service operations system, and receives the I/O port access control parameter information of input;
The service operations system comprises the service end module, is used for carrying out alternately with described client modules, and carries out the modification that is provided with of I/O port access controlled variable;
Virtual machine monitor comprises the I/O switch control module, is used for whether decision allows the I/O that carries out from operating system of user to instruct according to I/O port controlling parameter.
2. computer system according to claim 1 is characterized in that also comprising the I/O Status Monitor, is used for intuitively showing according to I/O port controlling parameter the state of I/O port.
3. computer system according to claim 1 and 2 is characterized in that, described service operations system is the sightless embedded OS of user.
4. computer system according to claim 1 and 2, wherein, described computer system comprises Nonvolatile rewriteable areas of dielectric and the predetermined region of memory that is used to store I/O port controlling parameter information.
5. according to the computer system shown in claim 1 or 2, it is characterized in that, also comprise the remote computer that is attached thereto by network, comprise client modules in the described remote computer with network function, the service end module that described service operations system is comprised also has network function, and the client modules in the remote computer is undertaken by comprising the service end module in network and the service operations system alternately.
6. computer system according to claim 5 is characterized in that, described service operations system is the sightless embedded OS of user.
7. computer system according to claim 5 wherein, is all preserved I/O port controlling parameter information in the Nonvolatile rewriteable medium of computer system He in the internal memory presumptive area.
8. computer system according to claim 5, wherein the service end module is Web server, client modules is a browser commonly used.
9. computer system according to claim 5, wherein service end module and client modules are SNMP server.
10. the method for I/O port access control said method comprising the steps of:
Step 1, operating system of user are sent the I/O operation requests;
Step 2, virtual machine monitor are intercepted and captured the I/O instruction from operating system of user;
Step 3, the region of memory predetermined from system obtains the I/O port access controlled variable that sets in advance, and setting judges whether disabled ports according to parameter;
Step 4 if parameter is set to forbidding, forbids that then execution changes the I/O instruction, otherwise, allow to carry out this I/O instruction.
11. method according to claim 10, wherein said step 4 also comprises: I/O port access control parameter information is sent to the I/O Status Monitor.
12. according to claim 10 or 11 described methods, the setting of the I/O port access controlled variable that sets in advance in the wherein said step 3 may further comprise the steps:
Step 1, the client modules service end module in the service operations system is sent request of access;
Step 2, the request of service end module responds client modules also sends I/O port access control parameter information to client modules;
Step 3, client modules receive I/O port access control parameter information and intuitively show, and receiving management person is to the setting of parameter information;
Step 4, the I/O port access control parameter information after client modules will be provided with sends the service end module to, upgrades the setting of I/O port access controlled variable according to these parameter informations.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100014828A CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100014828A CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101004767A true CN101004767A (en) | 2007-07-25 |
| CN100454278C CN100454278C (en) | 2009-01-21 |
Family
ID=38703901
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100014828A Active CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100454278C (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101271401B (en) * | 2008-04-23 | 2010-04-14 | 北京航空航天大学 | Server cluster unit system with single system image |
| CN101946244A (en) * | 2008-02-14 | 2011-01-12 | 国际商业机器公司 | Reserved device access contention reduction |
| CN102103674A (en) * | 2009-12-18 | 2011-06-22 | 联想(北京)有限公司 | Equipment control method and computer |
| CN103077018A (en) * | 2012-12-27 | 2013-05-01 | 广州英码信息科技有限公司 | Control method and system for device interface based on Android system |
| CN104301430A (en) * | 2014-10-29 | 2015-01-21 | 北京麓柏科技有限公司 | Software definition storage system and method and centralized control equipment of software definition storage system |
| CN104981784A (en) * | 2012-11-16 | 2015-10-14 | 跨网数据管理有限公司 | Software deployment and control method and system |
| CN105282241A (en) * | 2015-09-28 | 2016-01-27 | 青岛海尔智能家电科技有限公司 | Internet of Things equipment control method and apparatus |
| CN102103674B (en) * | 2009-12-18 | 2016-12-14 | 联想(北京)有限公司 | The control method of equipment and computer |
| CN106462689A (en) * | 2014-05-13 | 2017-02-22 | 日本电信电话株式会社 | Security system, management device, permission device, terminal device, security method, and program |
| CN106575383A (en) * | 2014-06-16 | 2017-04-19 | 互动解决方案公司 | Display information management system |
| CN108600044A (en) * | 2018-03-30 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of Interface status acquisition methods, device and equipment |
| CN110245527A (en) * | 2019-06-14 | 2019-09-17 | 深圳市同泰怡信息技术有限公司 | A kind of USB port right management method and device and equipment |
| CN111753340A (en) * | 2020-05-18 | 2020-10-09 | 贵州电网有限责任公司 | USB interface information security prevention and control method and system |
| CN112968790A (en) * | 2021-01-19 | 2021-06-15 | 唐山英莱科技有限公司 | Communication protection method for laser vision sensor and external equipment |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH0792761B2 (en) * | 1985-07-31 | 1995-10-09 | 株式会社日立製作所 | Input / output control method for virtual computer system |
| JPH10275116A (en) * | 1997-03-28 | 1998-10-13 | Mitsubishi Electric Corp | Computer system |
| US7370324B2 (en) * | 2003-09-30 | 2008-05-06 | Intel Corporation | Switching between a service virtual machine and a guest virtual machine in a virtual machine monitor environment |
-
2006
- 2006-01-19 CN CNB2006100014828A patent/CN100454278C/en active Active
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101946244A (en) * | 2008-02-14 | 2011-01-12 | 国际商业机器公司 | Reserved device access contention reduction |
| CN101946244B (en) * | 2008-02-14 | 2012-12-12 | 国际商业机器公司 | Reserved device access contention reduction |
| CN101271401B (en) * | 2008-04-23 | 2010-04-14 | 北京航空航天大学 | Server cluster unit system with single system image |
| CN102103674A (en) * | 2009-12-18 | 2011-06-22 | 联想(北京)有限公司 | Equipment control method and computer |
| CN102103674B (en) * | 2009-12-18 | 2016-12-14 | 联想(北京)有限公司 | The control method of equipment and computer |
| CN104981784A (en) * | 2012-11-16 | 2015-10-14 | 跨网数据管理有限公司 | Software deployment and control method and system |
| CN103077018A (en) * | 2012-12-27 | 2013-05-01 | 广州英码信息科技有限公司 | Control method and system for device interface based on Android system |
| CN103077018B (en) * | 2012-12-27 | 2016-04-27 | 广州英码信息科技有限公司 | A kind of control method of the equipment interface based on Android system and system |
| CN106462689B (en) * | 2014-05-13 | 2019-06-14 | 日本电信电话株式会社 | Security system, managing device, approval apparatus, terminal installation, safety method and recording medium |
| CN106462689A (en) * | 2014-05-13 | 2017-02-22 | 日本电信电话株式会社 | Security system, management device, permission device, terminal device, security method, and program |
| CN106575383A (en) * | 2014-06-16 | 2017-04-19 | 互动解决方案公司 | Display information management system |
| CN106575383B (en) * | 2014-06-16 | 2020-11-06 | 互动解决方案公司 | Display information management system |
| CN104301430A (en) * | 2014-10-29 | 2015-01-21 | 北京麓柏科技有限公司 | Software definition storage system and method and centralized control equipment of software definition storage system |
| CN104301430B (en) * | 2014-10-29 | 2016-04-13 | 北京麓柏科技有限公司 | Software definition storage system, method and common control equipment thereof |
| CN105282241A (en) * | 2015-09-28 | 2016-01-27 | 青岛海尔智能家电科技有限公司 | Internet of Things equipment control method and apparatus |
| CN108600044A (en) * | 2018-03-30 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of Interface status acquisition methods, device and equipment |
| CN110245527A (en) * | 2019-06-14 | 2019-09-17 | 深圳市同泰怡信息技术有限公司 | A kind of USB port right management method and device and equipment |
| CN111753340A (en) * | 2020-05-18 | 2020-10-09 | 贵州电网有限责任公司 | USB interface information security prevention and control method and system |
| CN112968790A (en) * | 2021-01-19 | 2021-06-15 | 唐山英莱科技有限公司 | Communication protection method for laser vision sensor and external equipment |
| CN112968790B (en) * | 2021-01-19 | 2024-01-05 | 英莱科技(苏州)有限公司 | Communication protection method for laser vision sensor and external equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100454278C (en) | 2009-01-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100454278C (en) | Control method for accessing computer system and I/0 ports | |
| US10728255B2 (en) | System and method for protection of entities across availability zones | |
| EP2513789B1 (en) | A secure virtualization environment bootable from an external media device | |
| JP4521456B2 (en) | Information processing system and control method of information processing system | |
| JP4537022B2 (en) | A data processing method, a storage area control method, and a data processing system that limit data arrangement. | |
| CN102460382B (en) | Annotating virtual application processes | |
| Berger et al. | TVDc: managing security in the trusted virtual datacenter | |
| Ta-Min et al. | Splitting interfaces: Making trust between applications and operating systems configurable | |
| EP2378711B1 (en) | Network policy implementation for a multi-virtual machine appliance | |
| US20090172165A1 (en) | Information Processing Apparatus and Information Processing System | |
| US20130275973A1 (en) | Virtualisation system | |
| CN104040525B (en) | Overwrite media is accessed by network connection | |
| US20100070972A1 (en) | Apparatus, method, and computer program product for processing information | |
| CN103890717B (en) | Basic input/output is provided in privileged domain(BIOS)Function | |
| JP5346405B2 (en) | Network system | |
| US9244705B1 (en) | Intelligent micro-virtual machine scheduling | |
| US9836585B2 (en) | User centric method and adaptor for digital rights management system | |
| JP2008242826A (en) | Information processing system and control method and program of information processing system | |
| JP6255336B2 (en) | Secure data storage method and device | |
| WO2013145434A1 (en) | Network system and method for controlling same | |
| Dufrasne et al. | IBM System Storage DS8000 Copy Services Scope Management and Resource Groups | |
| KR100735875B1 (en) | System and method for remote access to a server and running multiple operating systems using live booting medium | |
| JP4314311B2 (en) | Information processing apparatus and information processing system | |
| Valdez et al. | Retrofitting the ibm power hypervisor to support mandatory access control | |
| Windom et al. | Virtualizing Microsoft Tier 1 Applications with VMware VSphere 4 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |