CN101110836B - Real-time monitoring system authorization management method based on PE document - Google Patents
Real-time monitoring system authorization management method based on PE document Download PDFInfo
- Publication number
- CN101110836B CN101110836B CN200710045181A CN200710045181A CN101110836B CN 101110836 B CN101110836 B CN 101110836B CN 200710045181 A CN200710045181 A CN 200710045181A CN 200710045181 A CN200710045181 A CN 200710045181A CN 101110836 B CN101110836 B CN 101110836B
- Authority
- CN
- China
- Prior art keywords
- authorization code
- file
- authorization
- executable file
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a PE file-based real-time monitoring system authorization management method. When the authorization code is written in, the system sets up the authorization code and encrypts in the internal memory authorization form, and after the global path of the executable file demanding authorization is got, writes the authorization code cipher text in the available field of the PE executable file; when the authorization code is read out, the system reads the authorization code from the available field of the PE executable file or the data base file and decrypts according to the determine after getting the global path of the executable file demanding authorization, and then determines whether the authorization code is tampered, and writes the authorization code decrypted in the authorization form of the internal memory as backup. The present invention encrypts the authorization code and writes the authorization code directly in the PE executable file, even if the PE executable file renames or the save path of the PE executable file is changed, the system can also identifies exactly and gets the authorization code, without authorizing again the file renamed or with the path changed, and thus the usability of the real-time monitoring system is enhanced.
Description
Technical field
The present invention relates to a kind of real-time monitoring system authorization management method based on PE file (transplantable execution body file), is new departure of a kind of real-time monitoring system authorization code management of the executable file based on the PE form, belongs to the computer information technology field.
Background technology
Along with the develop rapidly of computer, the communication technology, information security has become a major issue in current information epoch.At information security field, Intrusion Detection Technique is the very important technology of information security field.At this, intruding detection system (Intrusion detection systems, IDS) be used for the attack that the computer user may suffer is produced alarm, it can be analyzed and the screen packet, and the program behavior in the supervisory control system is to prevent the generation of risky operation.In real time monitoring technique is a kind of of Intrusion Detection Technique, and all programs that it moves on can supervisory computer system are tackled undelegated operation, whether continue calling of next step by user's decision.Empowerment management is meant that real-time monitoring system deletes, adds and search the method for user to the associated authorization of this program record according to certain mode.Because the ease for use of system has directly influenced the sales volume of real-time monitoring system, and the method for empowerment management is an importance of system's ease for use.With regard to empowerment management, existing real-time monitoring system authorization management all is to distinguish different executable files with the absolute path that file is deposited, thereby recognizes the mandate of different executable file.There is certain defective in this authorization management method, for example, when the name of executable file or deposit the path when changing, even the content of executable file is not revised, supervisory control system but can not distinguished this executable file, so need carry out once loaded down with trivial details mandate again to this executable file, this has just reduced the ease for use of system.
Even to this day, utilizing network technology, is network new virus such as spy's program of breaking out again and again of carrier, worm-type virus, mail virus, QQ virus, MSN virus, recreation wooden horse with the network, has overturned traditional viral notion.Compare with traditional computer virus, internet worm has following characteristics: propagation velocity quickening greatly, quantity and kind are more and more, virus breaks out that scope is wide, attack approach variation etc.Under this trend, traditional scanning technique based on virus signature has seemed awkward, and just seems more and more important based on the real-time monitoring system of behavioural analysis.The now real-time monitoring system is also universal unlike the antivirus software that scans based on condition code, it is that the ease for use of real-time monitoring system is not high that important reasons is wherein arranged very, for example it requires the user that all programs that run on operating system are carried out loaded down with trivial details mandate and must or change the executable file of depositing the path and authorize again the change filename, moreover, damage if deposit the file or the database of mandate, the user has to all programs are authorized once more so.These above drawbacks cause the most at last the user can't stand frequent repeatedly mandate and finally abandoned the use of real-time monitoring system.So if can realize new empowerment management scheme to improve the ease for use of real-time monitoring system, this will be very beneficial for popularizing of real-time monitoring system.
By prior art documents, but finding can to discern without any real-time monitoring system renames or changes the executable file that the path code but not have variation.
Summary of the invention
The objective of the invention is to deficiency at existing real-time monitoring system authorization management, a kind of real-time monitoring system authorization management method based on the PE file is provided, still can discern and obtain its authorization code even the executable file of PE form is renamed or change the system of depositing behind the path, need not again this to be authorized again.
Be to realize this purpose, the present invention sets authorization code earlier and encrypts when writing authorization code in the internal memory authorization list, after the global path of obtaining the executable file that will authorize, the authorization code ciphertext is write the field utilized in the PE executable file; When reading, after system obtains the global path of the executable file that will authorize, read authorization code ciphertext and deciphering according to judging in field utilized from the PE file or the database file, judge again whether authorization code is distorted, standby in the authorization list of the authorization code write memory after will deciphering then.The present invention is to the field utilized in the executable file of the authorization code encryption and the PE form that writes direct, even renaming or change, the executable file of PE form deposits the path, system still can accurately discern and obtain its authorization code, need not again the file that renames or change behind the path is authorized again, thereby improved the ease for use of real-time monitoring system.
Method of the present invention specifically comprises: authorization code ablation process and authorization code read process.Wherein:
Described authorization code is write process, and its step is as follows:
1) system obtains the global path of the executable file that will authorize.
2) system preserves an initial key, and sets the authorization code of process file in the internal memory authorization list, and its form is:
| Sign | File signature | Authorization code 1 | ... | Authorization code n | Numbering |
Wherein file signature is the check code or the cryptographic Hash of executable file.
3) system encryption authorization code, at first judge depositing medium and whether can writing of executable file, if be read-only, the direct encrypted authorization code of system then, otherwise system judges whether the executable file that will write authorization code is the Windows protected file, if, the direct encrypted authorization code of system then, otherwise system judges whether the image file of process is the executable file of PE form, if not, the direct encrypted authorization code of system then, if the length of system-computed authorization code then, if the existing field of utilizing can be deposited down authorization code fully in the PE executable file, then system uses the secret key encryption authorization code of preserving; If the existing field of utilizing is not enough to deposit down all authorization codes, then system's continuation is sought in the PE executable file and can be utilized field, can deposit down complete authorization code up to the field utilized of being looked for; If still do not find enough fields utilized to deposit behind the systematic search one time, then will remain the authorization code of not depositing and separate in order to depositing in the authorization code database.
If the authorization code of system leaves discontinuous the utilization in the field in, then authorization code is cut apart according to the form of above-mentioned authorization code in system, and respectively each section authorization code is encrypted; Numbering in the authorization code form is used in reference to the deposit position to next section authorization code.
Described utilize field to be meant in the PE file, to exist many for executable file skimble-skamble field or space.
When 4) system writes the field utilized in the PE executable file with the authorization code ciphertext; according to judgement before; if the medium of depositing of executable file is read-only; maybe the executable file that will authorize is the Windows protected file; or deposit the authorization code ciphertext that fails to lay down in the PE file in addition, then system deposits the authorization code ciphertext of above situation in the authorization code database file in, otherwise; system drives to file system and sends the write request bag, and the authorization code ciphertext is write in the PE executable file.
Described authorization code read procedure, its step is as follows:
1) system obtains the global path of the executable file that will read authorization code.
When 2) reading the authorization code ciphertext in the field utilized of system from the PE file, judge earlier depositing medium and whether can writing of file, if be read-only, then the authorization code of executable file is searched by system from the authorization code database file, if do not find then provide the acquiescence authorization code to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code; If file deposit media property for writing, then system judges whether executable file is the Windows protected file, if, then the authorization code of executable file is searched by system from the authorization code database file, if do not find then provide the acquiescence authorization code to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code, otherwise whether executable file is judged by system is the executable file of PE form, if not, the authorization code of executable file is searched by system from the authorization code database file, do not provide the acquiescence authorization code if find then to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code; If then system drives the transmission read request packet to file, from the PE executable file, read in the authorization code ciphertext.
3) the system's authorization code decrypt ciphertext of key to reading of preserving in advance; Check whether the authorization code sign after the deciphering changes; If sign changes, then with dialog box form prompting user, to authorize again or the deletion executable file by user's decision, the read operation of authorization code finishes; If sign does not change, the then check code of system-computed PE executable file or cryptographic Hash, and the value that will draw compares with check code in the authorization code or cryptographic Hash, if it is different, then with dialog box form prompting user, again authorized or the deletion executable file by user's decision, the read operation of authorization code finishes; If file verification sign indicating number or cryptographic Hash are identical, then whether the systems inspection authorization code is read fully, if also have remaining authorization code, then the numbering according to the authorization code end reads follow-up authorization code ciphertext, repeat decryption step, till the authorization code ciphertext is read fully.
In the authorization list of the authorization code write memory after 4) system will decipher, so that inquiry once more later on.
Compared with prior art, the present invention has significant advantage and substantial progress.
The present invention encrypts the authorization code of the executable file of PE form, and the field utilized in the executable file of the PE form that writes direct.Even the executable file of PE form renames or changes and deposits the path like this, system still can accurately discern and obtain its authorization code, need not again the PE form executable file that renames or change behind the path is authorized again, thereby improved the ease for use of real-time monitoring system.In addition, the inventive method can directly be located authorization code when supervisory control system is read and write authorization code, need not to search for hereof authorization code.The integrality and the authentication property that have guaranteed authorization code at the sign and the signature of authorization code beginning.It is little that the present invention compares traditional authorization management method to the requirement of memory space.
Description of drawings
Fig. 1 is that the authorization code of empowerment management that the present invention is based on the executable file of PE form writes flow chart.
Fig. 2 is that the authorization code of empowerment management that the present invention is based on the executable file of PE form reads flow chart.
Embodiment
Below in conjunction with accompanying drawing and by specific embodiment technical scheme of the present invention is further described.Following examples do not constitute limitation of the invention.
The authorization code ablation process of the inventive method as shown in Figure 1, system preserves earlier an initial key, and sets the authorization code of process file, encrypted authorization code then in the internal memory authorization list.Obtain the global path of the executable file that will authorize in system after, system writes the field utilized in the PE executable file with the authorization code ciphertext.
With authorization code is write executable file " C: Program Files FlashFXP FlashFXP.exe " be example, concrete steps are as follows:
1) system obtains the global path of FlashFXP.exe
C:\Program?Files\FlashFXP\FlashFXP.exe;
2) system preserves an initial key, and sets the authorization code of process file in the internal memory authorization list.The form of authorization code is:
| Sign | The CRC check sign indicating number | Authorization code 1 | Authorization code 2 | Authorization code 3 | Numbering |
The CRC check sign indicating number (cyclic redundancy check (CRC) code) of system-computed FlashFXP.exe is 4 bytes, and identifier 1 byte, and to 3 bytes of concrete mandate of FlashFXP program file, so the authorization code total length is 7 bytes;
3) system encryption authorization code is at first judged depositing medium and whether can writing of executable file, if be read-only, then the direct encrypted authorization code of system for the FlashFXP.exe file, is deposited medium C dish for writing, then
System judges whether the executable file will write authorization code is the Windows protected file, if, the direct encrypted authorization code of system then; For the FlashFXP.exe file, not the Windows protected file, then
System judges whether the image file of process is the executable file of PE form, if not, the direct encrypted authorization code of system then; For the FlashFXP.exe file, be the executable file of PE form, then
The length of system-computed authorization code, if the existing field of utilizing can be deposited down authorization code fully in the PE executable file, then system uses the secret key encryption authorization code of preserving; If the existing field of utilizing is not enough to deposit down all authorization codes, then system's continuation is sought in the PE executable file and can be utilized field, can deposit down complete authorization code up to the field utilized of being looked for; If still do not find enough fields utilized to deposit behind the systematic search one time, then will remain the authorization code of not depositing and separate in order to depositing in the authorization code database; If the authorization code of system leaves discontinuous the utilization in the field in, then authorization code is cut apart according to the form of above-mentioned authorization code in system, and respectively each section authorization code is encrypted; Numbering in the authorization code form is used in reference to the deposit position to next section authorization code.
For the FlashFXP.exe file, totally 12 bytes of PointerToRawData, PointerToRelocations, NumberOfRelocations and four fields of NumberOfLinenumbers that joint heading item among the FlashFXP.exe is judged by system can be deposited down the authorization code ciphertext fully, therefore the numbering in the authorization code is not used, system uses RC5 algorithm for encryption authorization code expressly according to the key of preserving.
When 4) system writes the field utilized in the PE executable file with the authorization code ciphertext; still according to above-mentioned judgement; if that is: the medium of depositing of executable file is read-only; maybe the executable file that will authorize is the Windows protected file; or deposit the authorization code ciphertext that fails to lay down in the PE file in addition, then system deposits the authorization code ciphertext in the authorization code database file in, otherwise; system drives to file and sends the write request bag, and the authorization code ciphertext is write in the PE executable file.
For the FlashFXP.exe file; according to above-mentioned judgement; it deposit medium for writing; and not the Windows protected file; and can deposit down authorization code ciphertext in PointerToRawData, PointerToRelocations, NumberOfRelocations and four fields of NumberOfLinenumbers, so system writes these several fields of PointerToRawData, PointerToRelocations, NumberOfRelocations and NumberOfLinenumbers in the FlashFXP.exe executable file with the authorization code ciphertext.
The authorization code of the inventive method reads process as shown in Figure 2, system obtains the global path of the executable file that will read authorization code earlier, read the authorization code ciphertext according to judging in field utilized from the PE file or the database file then, to the authorization code decrypt ciphertext, and judge whether authorization code is distorted, in the authorization list of the authorization code write memory after will deciphering at last.
With from executable file " C: Program Files FlashFXP FlashFXP.exe " to read authorization code be example, concrete steps are as follows:
1) system obtains the global path of FlashFXP.exe
C:\Program?Files\FlashFXP\FlashFXP.exe;
When 2) reading the authorization code ciphertext in the field utilized of system from the PE file, judge that earlier file deposits medium and whether can write, if be read-only, then the authorization code of executable file is searched by system from the authorization code database file, if do not find then provide the acquiescence authorization code to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code.
Because of file FlashFXP.exe deposits medium C dish for writing, then
System judges whether executable file is the Windows protected file; if; then the authorization code of executable file is searched by system from the authorization code database file; if do not find then provide the acquiescence authorization code to executable file; and the authorization list of write memory, the read procedure of system finishing authorization code.Because of executable file FlashFXP.exe is not the Windows protected file, then
System judges whether executable file is the executable file of PE form, if not, the authorization code of executable file is searched by system from the authorization code database file, do not provide the acquiescence authorization code if find then to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code.System judges that according to the file header of FlashFXP.exe executable file FlashFXP.exe is the executable file of PE form, then system drives to file system and sends read request packet, reads in the authorization code ciphertext in the several fields of the PointerToRawData from FlashFXP.exe, PointerToRelocations, NumberOfRelocations and NumberOfLinenumbers.
3) system uses the authorization code decrypt ciphertext of RC5 algorithm to reading according to the key of preserving in advance.
Check whether the authorization code sign after the deciphering changes; If sign changes, then with dialog box form prompting user, to authorize again or the deletion executable file by user's decision, the read operation of authorization code finishes.
If sign changes, the CRC check sign indicating number of system-computed FlashFXP.exe, and the value that will draw with before write be kept at the CRC check sign indicating number of authorization code in expressly relatively, judge whether the CRC check value changes; If change, then with dialog box form prompting user, to authorize again or the deletion executable file by user's decision, the read operation of authorization code finishes.
For FlashFXP.exe, the CRC check value does not change, then
Whether the systems inspection authorization code is read fully, if also have remaining authorization code, then the numbering according to the authorization code end reads follow-up authorization code ciphertext, repeats decryption step, till the authorization code ciphertext is read fully.For FlashFXP.exe, authorization code is read fully.
4) system is an index with the process tag symbol of FlashFXP, in the authorization list with the authorization code write memory after the deciphering, so that inquiry once more.
The advantage of the reading/writing method of above-mentioned authorization code is, even if executable file C: ProgramFiles FlashFXP FlashFXP.exe changed absolute path (as make into: D: ProgramFiles FlashFXP FlashFXP.exe) or changed filename (as make into: C: ProgramFiles FlashFXP FlashFXP123.exe), use the real-time monitoring system of this empowerment management scheme to need not repetitive endowment again, perhaps when former executable file C: Program Files FlashFXP FlashFXP.exe be replaced by certain virus document, use the real-time monitoring system of this authorization management method in time to discover.
Claims (1)
1. the real-time monitoring system authorization management method based on transplantable execution body file comprises writing of authorization code and reading of authorization code, it is characterized in that:
The step that authorization code writes is:
1) system obtains the global path of the executable file that will authorize;
2) system preserves an initial key, and sets the authorization code of process file in the internal memory authorization list, and its form is:
Sign, file signature, authorization code 1 ..., authorization code n, numbering;
Wherein file signature is the check code or the cryptographic Hash of executable file;
3) system encryption authorization code, at first judge depositing medium and whether can writing of executable file, if be read-only, the direct encrypted authorization code of system then, otherwise system judges whether the executable file that will write authorization code is the Windows protected file, if, the direct encrypted authorization code of system then, otherwise system judges whether the image file of process is transplantable execution body file, if not, the direct encrypted authorization code of system then, if the length of system-computed authorization code then, if the existing field of utilizing can be deposited down authorization code fully in the transplantable execution body file, then system uses the secret key encryption authorization code of preserving; If the existing field of utilizing is not enough to deposit down all authorization codes, then system's continuation is sought in transplantable execution body file and can be utilized field, can deposit down complete authorization code up to the field utilized of being looked for; If still do not find enough fields utilized to deposit behind the systematic search one time, then will remain the authorization code of not depositing and separate in order to depositing in the authorization code database;
If the authorization code of system leaves discontinuous the utilization in the field in, then authorization code is cut apart according to the form of above-mentioned authorization code in system, and respectively each section authorization code is encrypted; Numbering in the authorization code form is used in reference to the deposit position to next section authorization code;
When 4) system writes the field utilized in the transplantable execution body file with the authorization code ciphertext, if the medium of depositing of executable file is read-only, maybe the executable file that will authorize is the Windows protected file, or also have in the transplantable execution body file and deposit the authorization code ciphertext that fails to lay down, then system deposits the authorization code ciphertext in the authorization code database file in, otherwise system drives to file and sends the write request bag, and the authorization code ciphertext is write in the transplantable execution body file;
The step that authorization code reads is:
1) system obtains the global path of the executable file that will read authorization code;
When 2) reading the authorization code ciphertext in the field utilized of system from transplantable execution body file, judge earlier depositing medium and whether can writing of file, if be read-only, then the authorization code of executable file is searched by system from the authorization code database file, if do not find then provide the acquiescence authorization code to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code; If file deposit media property for writing, then system judges whether executable file is the Windows protected file, if, then the authorization code of executable file is searched by system from the authorization code database file, if do not find then provide the acquiescence authorization code to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code, otherwise whether executable file is judged by system is transplantable execution body file, if not, the authorization code of executable file is searched by system from the authorization code database file, do not provide the acquiescence authorization code if find then to executable file, and the authorization list of write memory, the read procedure of system finishing authorization code; If then system drives the transmission read request packet to file, from transplantable execution body file, read in the authorization code ciphertext;
3) the system's authorization code decrypt ciphertext of key to reading of preserving in advance; Check whether the authorization code sign after the deciphering changes; If sign changes, then with dialog box form prompting user, to authorize again or the deletion executable file by user's decision, the read operation of authorization code finishes; If sign does not change, the then check code or the cryptographic Hash of the transplantable execution body of system-computed file, and the value that will draw compares with check code in the authorization code or cryptographic Hash, if it is different, then with dialog box form prompting user, again authorized or the deletion executable file by user's decision, the read operation of authorization code finishes; If file verification sign indicating number or cryptographic Hash are identical, then whether the systems inspection authorization code is read fully, if also have remaining authorization code, then the numbering according to the authorization code end reads follow-up authorization code ciphertext, repeat decryption step, till the authorization code ciphertext is read fully;
4) in the authorization list of system with the authorization code write memory, so that inquiry once more.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710045181A CN101110836B (en) | 2007-08-23 | 2007-08-23 | Real-time monitoring system authorization management method based on PE document |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710045181A CN101110836B (en) | 2007-08-23 | 2007-08-23 | Real-time monitoring system authorization management method based on PE document |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101110836A CN101110836A (en) | 2008-01-23 |
| CN101110836B true CN101110836B (en) | 2010-05-19 |
Family
ID=39042726
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710045181A Expired - Fee Related CN101110836B (en) | 2007-08-23 | 2007-08-23 | Real-time monitoring system authorization management method based on PE document |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101110836B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102737172B (en) * | 2011-04-13 | 2016-03-23 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus of verification process file in driving |
| CN103795703A (en) * | 2011-04-18 | 2014-05-14 | 北京奇虎科技有限公司 | Method for ensuring user network security and client |
| CN104700000B (en) * | 2015-03-05 | 2017-12-08 | 中国科学技术大学苏州研究院 | A kind of detection of private communication channel based on PE files and method for limiting |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1489049A (en) * | 2002-10-11 | 2004-04-14 | 华为技术有限公司 | Method for monitoring background programme |
| KR20040083409A (en) * | 2004-09-10 | 2004-10-01 | (주) 세이프아이 | method for computer protection with real-time monitoring and thereby computer and thereby system |
| CN1900941A (en) * | 2006-04-28 | 2007-01-24 | 傅玉生 | Computer safety protective method based on software identity identifying technology |
| WO2007017667A1 (en) * | 2005-08-10 | 2007-02-15 | Symbian Software Limited | Improving the security of operation of a computing device through the use of vendor ids |
-
2007
- 2007-08-23 CN CN200710045181A patent/CN101110836B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1489049A (en) * | 2002-10-11 | 2004-04-14 | 华为技术有限公司 | Method for monitoring background programme |
| KR20040083409A (en) * | 2004-09-10 | 2004-10-01 | (주) 세이프아이 | method for computer protection with real-time monitoring and thereby computer and thereby system |
| WO2007017667A1 (en) * | 2005-08-10 | 2007-02-15 | Symbian Software Limited | Improving the security of operation of a computing device through the use of vendor ids |
| CN1900941A (en) * | 2006-04-28 | 2007-01-24 | 傅玉生 | Computer safety protective method based on software identity identifying technology |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101110836A (en) | 2008-01-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101281468B (en) | Method and apparatus for generating firmware update file and updating firmware by using the firmware update file | |
| KR101067547B1 (en) | Secure software updates | |
| US9959583B2 (en) | Secure content distribution system | |
| JP3810425B2 (en) | Falsification detection data generation method, and falsification detection method and apparatus | |
| US8832458B2 (en) | Data transcription in a data storage device | |
| US7953972B2 (en) | System and method for managing files | |
| US7360057B2 (en) | Encryption of data in a range of logical block addresses | |
| US20110060915A1 (en) | Managing Encryption of Data | |
| US20060018484A1 (en) | Information processing device, information processing system, and program | |
| CN109344631B (en) | Data modification and block verification method, device, equipment and medium for block chain | |
| US9178694B2 (en) | Securing backing storage data passed through a network | |
| US20080077807A1 (en) | Computer Hard Disk Security | |
| US20130148810A1 (en) | Single use recovery key | |
| CN101925913A (en) | Method and system for encrypted file access | |
| CN102812473A (en) | Executable Identity Based File Access | |
| US20080307522A1 (en) | Data Management Method, Program For the Method, and Recording Medium For the Program | |
| CN101971186A (en) | Information leak prevention device, and method and program thereof | |
| JP2007280180A (en) | Electronic document | |
| US20100070518A1 (en) | Method for protecting private information and computer-readable recording medium storing program for executing the same | |
| JP2007280181A (en) | Electronic document processing program and electronic document processor | |
| US20080212770A1 (en) | Key Information Generating Method and Device, Key Information Updating Method, Tempering Detecting Method and Device, and Data Structure of Key Information | |
| CN101110836B (en) | Real-time monitoring system authorization management method based on PE document | |
| KR100910075B1 (en) | A data processing apparatus, a method and a recording medium having computer program recorded thereon for processing data | |
| CN108737079B (en) | Distributed quantum key management system and method | |
| US20080184039A1 (en) | Cryptographically controlling access to documents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100519 Termination date: 20120823 |