CN102314579B - File filter protecting method, drive device and client end - Google Patents
File filter protecting method, drive device and client end Download PDFInfo
- Publication number
- CN102314579B CN102314579B CN201010217563.8A CN201010217563A CN102314579B CN 102314579 B CN102314579 B CN 102314579B CN 201010217563 A CN201010217563 A CN 201010217563A CN 102314579 B CN102314579 B CN 102314579B
- Authority
- CN
- China
- Prior art keywords
- file
- data
- encryption
- primary importance
- described file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to a file filter protecting method, a drive device and a client end. The method comprises the following steps that: when a request for storing an opened file to a storage medium is received, the data on a preset position in the file is cut to a first position of the file; an encryption identifier is added on the preset position, and other data except the encryption identifier in the file is encrypted; and the data on the first position of the file after being encrypted is transferred into a drive memory, and the encryption identifier in the file and the data except the data on the first position of the file are stored in the storage medium. The transparent encryption and decryption can be realized during the filtering of the files, and the identification efficiency of an application program can be improved.
Description
Technical field
The present invention relates to the file filter technology of client, particularly a kind of guard method of file filter, driving arrangement and client.
Background technology
Along with the development of terminal technology, transparent encryption and decryption is a main direction of file encryption system.Transparent encryption and decryption refers to, although a file is encrypted, its filename, suffix name are the same before all following and not encrypting, and the driver that need to process this file is also without doing any change.The encryption that is file is transparent for application program.
Realize transparent encryption and decryption, generally need in filter Driver on FSD, carry out automatic encryption and decryption to file.That is to say, driver need to know whether the file receiving is encrypted, and could determine whether this file to be carried out to encryption and decryption.Whether accomplish this point, just need to add some special data in original, being used for identifying this file is encrypt file, still, adds special data and can change the length of file.And the length that application call file reading size { GetFileSize (*) } function returns not is the readable length of file.So driver need to be in calling GetFileSize (*) function, return to " file size in disk " and deduct " length of file encryption mark ".Can bring so very many problems.
In order to address the above problem, conventional method comprises three kinds:
The first scheme, first compressed file is then put encryption identification in additional space after compression; Such as, a clear text file comprises 2 512Bytes, compress the last period (as the 1st 512Bytes) to clear text file, and will on the additional space after compression, add encryption identification.
First scheme: add file header, clear text file is added to file header, add encryption identification in file header; And the data of this clear text file are carried out to acute encryption; Such as, a clear text file comprises 2 512Bytes, adds file header above in clear text file (i.e. 2 512Bytes), in file header, add encryption identification, still, while getting file size, need to do special processing, while reading file, also need to do repeatedly skew, easily occur mess code.
The third scheme: add end-of-file, clear text file is added to end-of-file, add encryption identification in end-of-file; And the data of this clear text file are carried out to acute encryption; It is similar with interpolation file header that it adds end-of-file.
In the research and practice process to prior art, the present inventor finds, in the scheme of compressed file, for the file having compressed, will likely occur recompressing, and causes the situation of failed encryption.In addition, the file that is less than a certain size also cannot be encrypted by the mode of compressed file.And the scheme of adding file header and end-of-file, because scene to be processed is very many, causes being easy to occur the problems such as mess code.Therefore, in the industry cycle also do not have at present good scheme to solve the problems referred to above.
Summary of the invention
The embodiment of the present invention provides a kind of guard method, driving arrangement and client of file filter, and the problem of the transparent encryption and decryption when realizing file filter improves the recognition efficiency of application program.
For solving the problems of the technologies described above, the embodiment of the present invention provides a kind of guard method of file filter, and described method comprises:
When receiving while storing the file of opening the request of storage medium into, the data on predeterminated position in described file are clipped in the primary importance of described file, the primary importance of described file is the clear position of described file;
At the upper interpolation encryption identification of predeterminated position of described file, and other data except described encryption identification in described file are encrypted;
Data conversion storage in the primary importance of described file after encrypting, to driving in internal memory, and is stored into the data after the encryption outside the data in the primary importance of the encryption identification in described file and described file in storage medium.
Correspondingly, the embodiment of the present invention provides a kind of driving arrangement, and described driving arrangement comprises:
Cut cells, for receiving while storing the file of opening the request of storage medium into, clips to the data on the predeterminated position of described file in the primary importance of described file, and the primary importance of described file is the clear position of described file;
Adding device, for the upper interpolation encryption identification of the predeterminated position at described file;
Ciphering unit, for adding after encryption identification at described adding device, is encrypted other data except described encryption identification in this file;
Unloading unit, for the data conversion storage in the primary importance of described file after just encrypting, to driving internal memory, and data after encryption outside data in the primary importance of the encryption identification that adding device in described file is added and described file store in storage medium.
Correspondingly, the embodiment of the present invention provides a kind of client, and described client comprises: driving arrangement and storage medium, wherein,
Described storage medium, for storing the All Files of described client;
Described driving arrangement, for receiving while storing the file of opening the request of storage medium into, clips to the data on the predeterminated position of described file in the primary importance of described file; At the upper interpolation encryption identification of described predeterminated position, and other data except described encryption identification in this file are encrypted; Data conversion storage in the primary importance of the described file after described encryption, to driving in internal memory, and is stored into the data after the encryption outside the data in the primary importance of the encryption identification in described file and described file in storage medium.
As shown from the above technical solution, in the embodiment of the present invention, when receiving while storing the file of opening the request of storage medium into, data on the predeterminated position of the described file of opening are clipped in the primary importance of this file, and add encryption identification on the predeterminated position of shearing data, and other data except described encryption identification in this file are encrypted, simultaneously, by the data conversion storage in the described primary importance that clips to described file to driving in internal memory, and the data after the encryption the encryption identification in described file and the data in the primary importance of described file are stored in storage medium.That is to say, although added encryption identification on predeterminated position in the file of opening, and the size of adding the rear file of mark is the same with original text size, clip to and drive in internal memory by original data on the predeterminated position of interpolation encryption identification, the size of adding file after encryption identification is the same with original size, this application programs is transparent, that is to say, the length that the large small function of application call file reading returns is exactly the readable length of this file, and driver does not need length, the data etc. to this file again to process.Thereby improve the recognition efficiency of application program.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The process flow diagram of the guard method that Fig. 1 is a kind of file filter of providing in the embodiment of the present invention;
The application example figure of the guard method that Fig. 2 is a kind of file filter of providing in the embodiment of the present invention;
The application example figure of the guard method that Fig. 3 is the another kind of file filter that provides in the embodiment of the present invention;
The structural representation that Fig. 4 is a kind of driving arrangement of providing in the embodiment of the present invention;
The structural representation that Fig. 5 is the another kind of driving arrangement that provides in the embodiment of the present invention;
The structural representation that Fig. 6 is a kind of client of providing in the embodiment of the present invention;
The another kind of structural representation of a kind of client that Fig. 7 provides for the embodiment of the present invention.
Embodiment
We,, in connection with accompanying drawing, are described in detail embodiment of the present invention below.
Refer to Fig. 1, the process flow diagram of the guard method of a kind of file filter providing for the embodiment of the present invention, described method comprises:
Step 101: when receiving while storing the file of opening the request of storage medium into, the data on the predeterminated position of described file are clipped in the primary importance of described file, the primary importance of described file is the clear position of described file; Wherein, this clear position can be the afterbody of this file.
Here the shearing of indication can be the shearing on ordinary meaning, also can be that the data Replica on the predeterminated position of described file is deleted the data on predeterminated position after in the primary importance of described file again, also can be the primary importance to described file by the data Replica on the predeterminated position of described file, treat in the predeterminated position of described file, with encryption identification, original data cover to be fallen in step 102.
Wherein, described predeterminated position is: the optional position between the initial address of described file and last address, and the length of the data of described predeterminated position determines, such as, 5 bytes, 32 bytes etc.
Described storage medium can be hard disk, can be flash memory, can be also solid state hard disc or other storeies.
Optionally, described in the file opened, that is to say that driving can read the state of this file.But be not limited to this.
Step 102: at the upper interpolation encryption identification of described file predeterminated position, and other data except described encryption identification in this file are encrypted;
Step 103: the data conversion storage in the primary importance of described file after encrypting, to driving in internal memory, and is stored into the data after the encryption the encryption identification in described file and the data in the primary importance of described file in storage medium.
In this embodiment, if when user stores the file of opening into storage medium, and need to encrypt storage, drive and need to be encrypted storage to this file, drive and first extract the data on predeterminated position in described file, data on the predeterminated position of described extraction are transferred in the primary importance (being clear position) of this file, and add encryption identification on the predeterminated position that produces data, and other data except described encryption identification in this file are encrypted, simultaneously, the transferring data that this file transfer is moved on in file primary importance dumps in driving internal memory, and the data after the encryption the encryption identification adding in this file and the data in the primary importance of described file are stored in storage medium.That is to say, in the present embodiment, the upper encryption identification that added of predeterminated position in the file of opening, and after interpolation mark, the size of file is the same with original text size, is about to the upper original data conversion storage of predeterminated position of interpolation encryption identification to driving in internal memory.Do not change the size of original text due to the encryption of file, this application programs is transparent, that is to say, the length that application call file reading size { GetFileSize (*) } function returns is exactly the readable length of this file, driver does not need length, the data etc. to this file again to process, thereby has improved the recognition efficiency of application program.Certainly, those skilled in the art should be understood that the difference due to application program, and function reading may not be also { GetFileSize (*) }, as long as the size of energy file reading.
Optionally, described method can also comprise:
In the time receiving the request of reading described file, from storage medium, obtain described file according to described encryption identification, and described file is decrypted, the file after being deciphered;
In the time reading described file, from described driving internal memory, obtain the data in the primary importance of described file, and the data in the primary importance of described file are decrypted, and it is upper that data in the primary importance of described file of deciphering are reverted to the predeterminated position of the file after described deciphering.
Optionally, on the predeterminated position of described file, can be: arbitrary address between the initial address of described file and last address, that is to say, can be any one fixed byte in file, the present embodiment does not limit.For example, can be fixed byte corresponding to start address etc.
In this embodiment, in the time that needs are opened encrypt file, first the size of encrypt file is changed into the size of original text, first from storage medium, recall the data after encryption according to described encryption identification, and the data after the described encryption recalling are decrypted to the data after being deciphered from storage medium; Then from driving the data in the primary importance of obtaining described file internal memory, and the data in the primary importance of described file are decrypted, the data in the primary importance of the described file of deciphering are reverted in the predeterminated position of the file after described deciphering.At file reading, because the encryption of file does not change the size of original text, this application programs is transparent, has improved the recognition efficiency of application program.
Also referring to Fig. 2, is the application example figure of the guard method of a kind of file filter of providing in the embodiment of the present invention; In this embodiment, to add encryption identification as example before clear text file, but be not limited to this.As shown in the figure, the clear text file .txt opening is carried out to encryption and decryption in the time storing, at this embodiment,
Step 201: drive the request of the clear text file .txt opening being stored into storage medium that receives; In figure, clear text file represents with oblique line.It should be noted that .txt file layout is only for for example, can be also the multiple file layout such as .xls .doc in other embodiments.
Step 202: drive the afterbody (being primary importance) of the data on the predeterminated position above of this clear text file being transferred to this file, wherein, the space on described predeterminated position as shown in dotted line in this clear text file;
Step 203: drive the place being available above in this clear text file (being predetermined position) added to encryption identification, its encryption identification is shown in " ... " in figure, and other data except this encryption identification in this clear text file are encrypted, the clear text file after its encryption represents with cross spider;
Step 204: drive the data of the transfer of the storage of afterbody in this clear text file after encrypting are sheared out;
Step 205: drive the data of shearing are out stored in driving internal memory, and the data after the encryption the encryption identification adding in this clear text file and the data in the primary importance of described file are stored in storage medium;
Step 206: drive in the time receiving the request of reading described clear text file, recall the clear text file after described encryption according to described encryption identification from storage medium, and described clear text file is decrypted, the clear text file after being deciphered; Drive in the time reading described clear text file, from described driving internal memory, obtain the data on the predeterminated position of described clear text file, and these data are decrypted; And it is upper that the data after described deciphering are reverted to the predeterminated position of the file after the deciphering of described decryption unit, and return to the clear text file after described reduction.
In embodiments of the present invention, the clear text file that needs are encrypted, first will be stored in the primary importance of afterbody of this clear text file in the upper data of the initial predeterminated position of clear text file, at the upper interpolation encryption identification of the predeterminated position in this clear text file, afterwards, other data except encryption identification in this clear text file are encrypted, finally, the data of the afterbody primary importance storage in the clear text file after encrypting are transferred to and driven in internal memory, so that after this encryption is read in driving when clear text file, first from drive internal memory, obtain the data of afterbody (the being primary importance) storage of this clear text file, upper at the predeterminated position that is reverted to former clear text file, so that the physical length of this clear text file is the same with the length of original text, like this, just can not cause the size of actual file and the problem causing not of uniform size of the accessed file of application program, this mode of file being carried out automatic encryption and decryption when to file filter, because its size of encrypting front and back file does not change, for application program, it is transparent in the time of file filter, file being carried out to automatic encryption and decryption, thereby improve the recognition efficiency of application program.
Also referring to Fig. 3, is the application example figure of the guard method of the another kind of file filter that provides in the embodiment of the present invention.In this embodiment, comprise write request and read request, certainly, at other embodiment, also can only include write request, or read request, the present embodiment does not limit, and the predeterminated position in the present embodiment is take fixed byte as example, and its implementation procedure comprises as shown in the figure:
Step 301: when application layer receives user and will store clear text file the request of storage medium into, send write request to driving;
Wherein, in described write request, can comprise and will after clear text file encryption, be stored on storage medium, but be not limited to this.
Step 302: drive the afterbody (be primary importance, this primary importance is clear position) of the data of fixed byte above of this clear text file being transferred to this file;
The afterbody that the present embodiment is transferred to this file take the data of fixed byte before this clear text file is as example, but is not limited to this.
Step 303: drive the place being available above in this clear text file (being fixed byte place) added to encryption identification, and other data except this encryption identification in this clear text file are encrypted;
Step 304: drive the data that are placed on after the transfer of this clear text file afterbody are sheared out, store into and drive in internal memory;
Step 305: drive the data after the encryption outside the data of the afterbody of the encryption identification in this clear text file and described this file are stored in storage medium;
Step 306: drive the write response of application layer feedback;
Step 307: application layer sends read request to driving;
Wherein, described read request comprises and reads the file of storing in storage medium.
Step 308: drive in the time receiving described read request, recall described clear text file according to described encryption identification from storage medium;
Step 309: drive the clear text file after the described encryption recalling from storage medium is decrypted, the clear text file after being deciphered;
Step 310: drive in the time reading described clear text file, obtain the data of the fixed byte of described clear text file from described driving internal memory; And the described data of obtaining are reverted in the fixed byte of the clear text file after deciphering;
Step 311: drive to application layer and send and read response;
Step 312: application layer receive drive send read response after, beat this clear text file, and this clear text file represented to user.
In this embodiment, in the clear text file of opening, the data conversion storage of fixed byte is in the idle bytes of this file, and add encryption identification in this fixed byte, afterwards, other data except this encryption identification in this clear text file are encrypted, and by the data conversion storage that is stored in idle component in this clear text file after encrypting to driving in internal memory, thereby after making to add encryption identification, the size of this clear text file is the same with the size of former clear text file, that is to say, because the encryption of file does not change the size of original text, this application programs is transparent, that is to say, the length that application call file reading size { GetFileSize (*) } function returns is exactly the readable length of this file, driver does not need the length to this file again, data etc. are processed, thereby improve the recognition efficiency of application program.
The embodiment of the present invention also provides a kind of driving arrangement, its structural representation as shown in Figure 4, described driving arrangement comprises: cut cells 41, adding device 42, ciphering unit 43 and unloading unit 44, wherein, cut cells 41, for receiving while storing the file of opening the request of storage medium into, the data on the predeterminated position of described file are clipped in the primary importance of described file, the primary importance of described file is the clear position of described file; Adding device 42, for the upper interpolation encryption identification of the predeterminated position at described file; Ciphering unit 43, for adding after encryption identification at described adding device 42, is encrypted other data except described encryption identification in this file; Unloading unit 44, for by the data conversion storage in the primary importance of described file after encrypting to driving internal memory, and data after encryption outside data in the primary importance of the encryption identification that adding device in described file is added and described file store in storage medium.
In described driving arrangement, the implementation procedure of the function of unit refers in said method corresponding implementation procedure, specifically refers to above-mentionedly, does not repeat them here.
In this embodiment, data conversion storage in the file of opening on predeterminated position is in the primary importance of this file, and at the upper interpolation encryption identification of this predeterminated position, afterwards, other data except this encryption identification in this file are encrypted, and by the data conversion storage of primary importance in this file after encrypting to driving in internal memory, thereby after making to add encryption identification, the size of this file is the same with the size of former clear text file, has improved the recognition efficiency of application program.
On the basis of Fig. 4, described driving arrangement can also comprise: file acquisition unit 51, decryption unit 52, data capture unit 53 and reduction unit 54, its structural representation refers to Fig. 5, the structural representation of the another kind of driving arrangement providing for the embodiment of the present invention, as shown in the figure, file acquisition unit 51, for in unloading unit, by described file, other data except the data of described unloading store into after storage medium, read the request of described file during if receive, from storage medium, recall the data after encryption according to described encryption identification; Decryption unit 52, is decrypted the file after being deciphered for the data the encryption that described file acquisition unit is recalled from storage medium; Data capture unit 53 in the time reading described file, obtains the data in the primary importance of described file, and the data in the primary importance of described file is decrypted from described driving internal memory; Reduction unit 54, upper for the data in the primary importance of the described file of described data capture unit deciphering being reverted to the predeterminated position of the file after described decryption unit deciphering; Can also return to the file after described reduction.
In embodiments of the present invention, described driving arrangement can be integrated in client, also can independently dispose, and the present embodiment does not limit.
In described driving arrangement, the implementation procedure of the function of unit refers in said method corresponding implementation procedure, specifically refers to above-mentionedly, does not repeat them here.
In this embodiment, in the time that needs are opened encrypt file, first the size of encrypt file is changed into the size of original text, first from storage medium, obtained described file according to described encryption identification, and described file is decrypted to the file after being deciphered; Then from drive internal memory, obtain data original in fixed byte, these data are reverted in the file after deciphering.At file reading, because the encryption of file does not change the size of original text, avoid in the time driving kill file because the encryption of file has changed the problem that original text size is brought, thereby improved the recognition efficiency of application program.
The embodiment of the present invention also provides a kind of client, and its a kind of structural representation refers to Fig. 6, and described client comprises: driving arrangement 61 and storage medium 62, and wherein, described storage medium 62, for storing the All Files of described client; Described driving arrangement 61, for receiving while storing the file of opening the request of storage medium into, clips to the data on the predeterminated position of described file in the primary importance of described file, and the primary importance of described file is the clear position of described file; At the upper interpolation encryption identification of predeterminated position of described file, and other data except described encryption identification in this file are encrypted; Data conversion storage in the primary importance of described file after encrypting, to driving in internal memory, and is stored into the data after the encryption outside the data in the primary importance of the encryption identification in described file and described file in storage medium.
Optionally, described driving arrangement comprises: cut cells 611, and adding device 612, ciphering unit 613 and unloading unit 614, the function and efficacy of its unit is identical with the function and efficacy of unit in Fig. 4, specifically refers to above-mentionedly, does not repeat them here.
Optionally, on the basis of Fig. 6, described driving arrangement can also comprise: file acquisition unit 615, decryption unit 616, data capture unit 617 and reduction unit 618, specifically as shown in Figure 7, the another kind of structural representation of the client providing for the embodiment of the present invention.Wherein, the function and efficacy of unit is identical with the function and efficacy of unit in Fig. 5, specifically refers to above-mentionedly, does not repeat them here.
Hence one can see that, in embodiments of the present invention, the file that needs are encrypted, in the time of storage, first this file is added to encryption identification, again other data except encryption identification in this file are encrypted, and by after encrypting so that in the time that this encrypt file is used, the physical length of its file is the same with the length of original text, just can not cause size and the inconsistent problem of the accessed file of application program of actual file, for application program, it is transparent in the time of file filter, file being carried out to automatic encryption and decryption.
The embodiment of the present invention is mainly to have added hereof partial document data (such as encryption identification), but in the time opening file, first the size of file is changed and gets back to original text size, so just can not have actual file size and the accessed inconsistent problem of file size of application program.That is to say, the file that needs are encrypted, in the time of storage, first to this clear text file added encryption identification (the present embodiment take expressly bright see add encryption identification as example above), again other data except encryption identification in this file are encrypted, then, data after afterbody in clear text file after encrypting is shifted are transferred to and are driven in internal memory, so that in the time reading this encrypt file, again it is reverted in former clear text file from drive internal memory, so that the physical length of this clear text file is the same with the length of original text, just can not cause the size of actual file and the problem causing not of uniform size of the accessed file of application program, this, file is carried out the mode of automatic encryption and decryption when to file filter, because its size of encrypting front and back file does not change, for application program, it is transparent in the time of file filter, file being carried out to automatic encryption and decryption.Thereby improve the recognition efficiency of application program.
It should be noted that, in this article, relational terms such as the first and second grades is only used for an entity or operation to separate with another entity or operational zone, and not necessarily requires or imply and between these entities or operation, have the relation of any this reality or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby the process, method, article or the equipment that make to comprise a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or be also included as the intrinsic key element of this process, method, article or equipment.The in the situation that of more restrictions not, the key element being limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment that comprises described key element and also have other identical element.
Through the above description of the embodiments, those skilled in the art can be well understood to the mode that the present invention can add essential general hardware platform by software and realize, and can certainly pass through hardware, but in a lot of situation, the former is better embodiment.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product can be stored in storage medium, as ROM/RAM, magnetic disc, CD etc., comprise that some instructions (can be personal computers in order to make a computer equipment, server, or the network equipment etc.) carry out the method described in some part of each embodiment of the present invention or embodiment.
The above is only the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (6)
1. a guard method for file filter, is characterized in that, comprising:
When receiving while storing the file of opening the request of storage medium into, the data on the predeterminated position of described file are clipped in the primary importance of described file, the primary importance of described file is the clear position of described file;
In the predeterminated position of described file, add encryption identification, and other data except described encryption identification in described file are encrypted;
Data conversion storage in the primary importance of described file after encrypting, to driving in internal memory, and is stored into the data after the encryption the encryption identification in described file and the data in the primary importance of described file in storage medium.
2. method according to claim 1, is characterized in that, after described method, also further comprises:
In the time receiving the request of reading described file, from storage medium, recall the data after encryption according to described encryption identification, and the data after the described encryption recalling are decrypted to the file after being deciphered from storage medium;
From described driving internal memory, obtain the data in the primary importance of described file, and the data in the primary importance of described file are decrypted, the data in the primary importance of the described file after deciphering are reverted in the predeterminated position of the file after described deciphering.
3. method according to claim 1 and 2, is characterized in that, described predeterminated position is: arbitrary address between the initial address of described file and last address.
4. a protective device for file filter, is characterized in that, comprising:
Cut cells, for receiving while storing the file of opening the request of storage medium into, clips to the data on the predeterminated position of described file in the primary importance of described file, and the primary importance of described file is the clear position of described file;
Adding device, adds encryption identification for the predeterminated position at described file;
Ciphering unit, for adding after encryption identification at described adding device, is encrypted other data except described encryption identification in this file;
Unloading unit, for by the data conversion storage in the primary importance of described file after encrypting to driving internal memory, and data after encryption the encryption identification that adding device in described file is added and the data in the primary importance of described file store in storage medium.
5. device according to claim 4, is characterized in that, also comprises:
File acquisition unit for other data except the data of described unloading store into after storage medium by described file in unloading unit, while reading the request of described file, recalls the data after encryption according to described encryption identification if receive from storage medium;
Decryption unit, is decrypted the file after being deciphered for the data the encryption that described file acquisition unit is recalled from storage medium;
Data capture unit, for obtain the data the primary importance of described file from described driving internal memory, and is decrypted the data in the primary importance of described file;
Reduction unit, for reverting to the data in the primary importance of the described file of described data capture unit deciphering the predeterminated position of the file after described decryption unit deciphering.
6. according to the device described in claim 4 or 5, it is characterized in that, the protective device of described file filter is integrated in client, or independent deployment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010217563.8A CN102314579B (en) | 2010-07-01 | 2010-07-01 | File filter protecting method, drive device and client end |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010217563.8A CN102314579B (en) | 2010-07-01 | 2010-07-01 | File filter protecting method, drive device and client end |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102314579A CN102314579A (en) | 2012-01-11 |
| CN102314579B true CN102314579B (en) | 2014-06-04 |
Family
ID=45427736
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010217563.8A Active CN102314579B (en) | 2010-07-01 | 2010-07-01 | File filter protecting method, drive device and client end |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102314579B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111343132B (en) * | 2018-12-19 | 2022-03-01 | 华为技术有限公司 | File transmission detection method and device and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6185681B1 (en) * | 1998-05-07 | 2001-02-06 | Stephen Zizzi | Method of transparent encryption and decryption for an electronic document management system |
| EP1326156A2 (en) * | 2001-12-12 | 2003-07-09 | Pervasive Security Systems Inc. | Managing file access via a designated storage area |
| CN101561851A (en) * | 2008-04-16 | 2009-10-21 | 杭州正隆数码科技有限公司 | Open file encrypting method without distinguishing file types |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
-
2010
- 2010-07-01 CN CN201010217563.8A patent/CN102314579B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6185681B1 (en) * | 1998-05-07 | 2001-02-06 | Stephen Zizzi | Method of transparent encryption and decryption for an electronic document management system |
| EP1326156A2 (en) * | 2001-12-12 | 2003-07-09 | Pervasive Security Systems Inc. | Managing file access via a designated storage area |
| CN101561851A (en) * | 2008-04-16 | 2009-10-21 | 杭州正隆数码科技有限公司 | Open file encrypting method without distinguishing file types |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
Non-Patent Citations (2)
| Title |
|---|
| 基于文件系统过滤驱动的加密系统设计与实现;沈玮等;《计算机工程》;20091031;第35卷(第20期);第157-159页 * |
| 沈玮等.基于文件系统过滤驱动的加密系统设计与实现.《计算机工程》.2009,第35卷(第20期),第157-159页. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102314579A (en) | 2012-01-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4213628B2 (en) | Information terminal equipment | |
| CN108133008B (en) | Method, device, equipment and storage medium for processing service data in database | |
| EP2165284B1 (en) | Method and apparatus for securing data in memory device | |
| CN1193295C (en) | Distributed data archive device and system | |
| US20160117518A1 (en) | File Encryption/Decryption Device And File Encryption/Decryption Method | |
| CN109522328B (en) | Data processing method and device, medium and terminal thereof | |
| CN103400064B (en) | For file encryption and the method and apparatus of deciphering | |
| CN104866394B (en) | A kind of distributed document backup method and system | |
| CN109597717A (en) | A kind of data backup, restoration methods, device, electronic equipment and storage medium | |
| WO2017206754A1 (en) | Storage method and storage device for distributed file system | |
| CN103647636B (en) | The method and device of security access data | |
| EP2869232A1 (en) | Security key device for secure cloud services, and system and method of providing security cloud services | |
| CN111262910A (en) | Wireless equipment firmware protection method and system | |
| CN102281141A (en) | Document permission management method, apparatus and system | |
| CN104065681A (en) | Method and system for previewing encryption compression packet in appendix | |
| CN102004762B (en) | Generate the method and apparatus of e-book and download the method and apparatus of e-book | |
| US11791985B2 (en) | Tracking, storage and authentication of documented intellectual property | |
| JP2008152778A (en) | System for using virtual tape encryption format | |
| CN104462998A (en) | Domestic commercial cryptography algorithm based cloud storage encryption system and implementation method thereof | |
| CN111737718A (en) | Encryption and decryption method and device for jar packet, terminal equipment and storage medium | |
| CN108133026B (en) | Multi-data processing method, system and storage medium | |
| CN102314579B (en) | File filter protecting method, drive device and client end | |
| CN102982288B (en) | The encryption of data and the equipment of deciphering and method is performed in portable terminal | |
| Chang et al. | Line messenger forensics on windows 10 | |
| CN108563396B (en) | Safe cloud object storage method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Applicant after: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Applicant before: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: CHENGDU HUAWEI SYMANTEC TECHNOLOGY CO., LTD. TO: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220906 Address after: No. 1899 Xiyuan Avenue, high tech Zone (West District), Chengdu, Sichuan 610041 Patentee after: Chengdu Huawei Technologies Co.,Ltd. Address before: 611731 Qingshui River District, Chengdu hi tech Zone, Sichuan, China Patentee before: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. |