CN102509032B - Implementation method of print security monitoring system based on Windows underlying driver - Google Patents
Implementation method of print security monitoring system based on Windows underlying driver Download PDFInfo
- Publication number
- CN102509032B CN102509032B CN201110284627.0A CN201110284627A CN102509032B CN 102509032 B CN102509032 B CN 102509032B CN 201110284627 A CN201110284627 A CN 201110284627A CN 102509032 B CN102509032 B CN 102509032B
- Authority
- CN
- China
- Prior art keywords
- out task
- print out
- printer
- printing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 title claims abstract description 11
- 238000007689 inspection Methods 0.000 claims description 16
- 238000012550 audit Methods 0.000 claims description 5
- 230000003993 interaction Effects 0.000 abstract description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
Landscapes
- Accessory Devices And Overall Control Thereof (AREA)
Abstract
The invention provides an implementation method of a print security monitoring system based on a Windows underlying driver, which relates to the field of computer software and is mainly used for monitoring, managing and auditing the print of various documents. By establishing a print application server and a print database server, all network printers are connected with the print application server in a network or USB (Universal Serial Bus) data line manner and provide service for the outside in a sharing manner; a user client is connected to a shared printer through a client access controller and submits a print task to a print service program of the server; and the print service program sends the task to a print task monitoring program packaged in a Windows underlying driver (i.e. print processor) for processing, performs information interaction with the print database server and finally pushes to the printer for printing.
Description
Technical field
The present invention relates to computer software fields, be mainly used in monitoring, manage and examine the printing situation of various files, is a kind of the realize bottom layer driving of monitoring printing and application relevant to monitoring.
Background technology
National security is maintained secrecy, and the situation is tense, and the leakage of a state or party secret emerges in an endless stream, in the urgent need to constantly improving safe and secret work from management and technical elements; Company's leakage of a state or party secret is of common occurrence, and various safe and secret measures need further to be improved and be perfect; Power informatization industry leaks out by the approach of document print in order to prevent secret papers, realization and the application of printer monitor have been studied emphatically, form a set of perfect monitoring printing system, this system monitoring is thorough, comprehensive, pervasive, better compatible to the printer of various models and brand.
Summary of the invention
The object of the invention is from the print out task of the network printer is carried out to monitoring and controlling.What the present invention proposed is a kind of printing safety monitoring system implementation method based on Windows bottom layer driving, between the network printer and subscription client, bottom embeds monitoring printing run time version, when user submits to print out task to print, must print by being just pushed to printer after the inspection of monitoring printing software, finally realize the monitoring of print out task.
The technical scheme that the present invention realizes is as follows:
In LAN (Local Area Network), dispose a print application server and print data storehouse server.All-network printer is all connected on this print application server by netting twine or USB connecting line, and externally provides service in the mode of sharing.All subscription clients can only be by this server access controller could access printer and realize print out task.Monitoring printing run time version is installed on this server, when user submits to print out task to give printer printing, is just carried out monitor code before, after safety inspection, determine whether printer is printed this task.Print data storehouse server is for carrying out information interaction with print monitor.
When printing by this monitoring software, print out task specifically comprises the following steps:
1), before subscription client connects the printer sharing of printing server, must check through client-access controller;
2) after inspection is passed through, subscription client is connected to the printer sharing of print application server and submits print out task to;
3) service of the Windows system print on printing server PrintSpooler receives print out task, and print file are generated to printable file layout;
4) print service PrintSpooler calls print monitor (print out task watchdog routine run time version is embedded in Windows print processor program);
5) print monitor calling task information security checks that run time version carries out audit, the inspection of task, and check result is returned to a print monitor;
6) after inspection is passed through, print monitor is given true printer processes program by print out task, and final realization printed.
Further scheme of the present invention can be:
The network transmission protocol between described subscription client and print application server, print application server and the network printer, supports optional encryption security feature.
Further scheme of the present invention can be:
Described network transmission protocol message content adopts special purpose system algorithm to be encrypted.
Further scheme of the present invention can be:
The safety inspection step of described print monitor comprises:
1) check whether the subscription client network address, port, agreement, hardware NIC address information meet the security strategy of setting;
2) check the legitimacy of subscription client login authentication information (user name, password, certificate);
3) in the print job information of inspection subscription client, whether there is sensitive information;
4) in print out task, add watermark, to reach the functions such as the discriminating of the file true and false, copyright protection.
the invention has the beneficial effects as follows:
1) the present invention checks and record the legitimacy of its print out task before print out task starts, and finally determines whether to allow to print, and guarantees the Secure execution of print out task.Legal print out task records audit, and print What backs up file, has improved the evidence obtaining ability that secret document is revealed;
2) the present invention cleverly in conjunction with and utilize Windows print service message mechanism to trigger print control code, can be not extra take Windows system resource, for illegal print job, can finish current print out task thread, can not cause legal print out task to stop up;
3) the present invention monitors print out task from print service bottom, comprehensively, thoroughly, without various printer driver are customized and transformed, flexible, pervasive; Realized the doulbe-sides' victory of print system security and availability.
Accompanying drawing explanation
The inventive method schematic diagram 1, wherein 1-7 represents execution sequence.
Embodiment
The design of print monitor
Print monitor is divided into client-access controller and print out task watchdog routine.
Client-access controller is to be deployed on print application server access port, when connecting printer, user need to pass through client-access controller, the client-access controller inspection network address, port, agreement, hardware NIC address information are carried out legitimacy, check the legitimacy of login authentication information, finally by connection printer permissions, give client.
Print out task watchdog routine is by the print processor in encapsulation printer driver, by print processor, realizes the safety inspection of print out task and control.In implementation procedure, need to set up print job information database information platform.Comprise following monitoring step:
1) intercept and capture print out task, obtain user name, printed document title, print state information, the print out task number of print out task start time, print out task submission;
2) call dynamic link library, print job information is inserted to print out task is recorded to audit in connection data storehouse in database table;
3) print job information safety inspection;
4) send print What prints to true printer;
5) call dynamic link library, print out task status information is upgraded in connection data storehouse in database;
6) call dynamic link library, backup printed document content;
7) finish monitoring printing flow process.
The configuration of printing server
Set up print application server, by network or usb data line interconnection network printer, foundation need to be used the user account of printer, and is only allowing user to submit print out task to user's Warrant Bounds, and can not managing printing task queue and printer.Set up print data storehouse server, for print monitor and database information, carry out alternately.Set up corresponding print job information table, print job information look-up table, for keeper to the inspection of print out task and audit.
The configuration of printer
The print processor of customization is installed, and print processor is applied to this printer; In printer attribute, printer is set and to printing user, shares; Setup and use background printing, so that program is accepted printing faster; While being arranged on background processed last page, start to print; Arrange and retain the document of printing.
A typical interactive examples: subscription client user connects print application server, input login authentication information, after print application server checks the network address of subscription client, port, agreement, hardware NIC address, login authentication information, by the authority that connects printer, give subscription client, subscription client connects after printer, print out task is submitted to system print service routine, after the inspection of print out task watchdog routine, be pushed to printer and print.
Claims (1)
1. the printing safety monitoring system implementation method based on Windows bottom layer driving, is characterized in that, when subscription client is monitored printing by this method, comprises following steps:
1) subscription client, before connecting the printer sharing of printing server, must check through client-access controller;
The inspection of client-access controller comprises: check whether the subscription client network address, port, agreement, hardware NIC address information meet the security strategy of setting; Check the legitimacy of subscription client login authentication information;
2) after inspection is passed through, subscription client is connected to the printer sharing of print application server and submits print out task to;
3) service of the Windows system print on printing server PrintSpooler receives print out task, and print file are generated to printable file layout;
4) print service PrintSpooler calls print out task watchdog routine, and print monitor run time version is encapsulated in Windows print processor, and this is applied in printer;
5) print out task watchdog routine is intercepted and captured print out task, obtains user name, printed document title, print state information, the print out task number of print out task start time, print out task submission;
6) print out task monitoring journey is called dynamic link library, and print job information is inserted to print out task is recorded to audit in connection data storehouse in database table;
7) print out task monitor call print job information safety inspection run time version is audited, is checked, check result is returned to print out task watchdog routine;
8) after inspection is passed through, print out task watchdog routine is given printer processes by print out task, sends print What and prints to true printer, and final realization printed;
9) print out task monitor call dynamic link library, print out task status information is upgraded in connection data storehouse in database;
10) print out task monitor call dynamic link library, backup printed document content;
11) finish monitoring printing flow process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110284627.0A CN102509032B (en) | 2011-09-23 | 2011-09-23 | Implementation method of print security monitoring system based on Windows underlying driver |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110284627.0A CN102509032B (en) | 2011-09-23 | 2011-09-23 | Implementation method of print security monitoring system based on Windows underlying driver |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102509032A CN102509032A (en) | 2012-06-20 |
| CN102509032B true CN102509032B (en) | 2014-09-10 |
Family
ID=46221115
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110284627.0A Active CN102509032B (en) | 2011-09-23 | 2011-09-23 | Implementation method of print security monitoring system based on Windows underlying driver |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102509032B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102799440B (en) * | 2012-07-24 | 2014-12-31 | 深圳市深信服电子科技有限公司 | Print auditing method and system under Windows system |
| CN102819612A (en) * | 2012-08-29 | 2012-12-12 | 北京鼎盾信息科技有限公司 | Full text search method based on print documents |
| CN103605487A (en) * | 2013-11-18 | 2014-02-26 | 江苏敏捷科技股份有限公司 | Method for transparently capturing print data |
| WO2015178989A2 (en) | 2014-03-03 | 2015-11-26 | Ctpg Operating, Llc | System and method for securing a device with a dynamically encrypted password |
| CN104794403A (en) * | 2015-04-03 | 2015-07-22 | 深圳冀东之星科技开发有限公司 | Secure information monitoring and printing method and system |
| CN104794404A (en) * | 2015-04-03 | 2015-07-22 | 深圳冀东之星科技开发有限公司 | Information secure printing monitoring method with intelligent consumable material and system thereof |
| CN106981141A (en) * | 2017-05-09 | 2017-07-25 | 马鞍山澄果电子科技有限公司 | A kind of Internet of Things printing device and lease monitoring management system |
| CN108229184B (en) * | 2017-12-22 | 2023-10-03 | 三六零数字安全科技集团有限公司 | Reliable printing audit method based on Android system |
| CN108376056A (en) * | 2018-02-09 | 2018-08-07 | 浙江印歌网络科技有限公司 | Method of printing and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1808415A (en) * | 2005-01-22 | 2006-07-26 | 鸿富锦精密工业(深圳)有限公司 | Multi-point file print control system and method |
| CN101078976A (en) * | 2006-04-24 | 2007-11-28 | 株式会社理光 | Print system |
| CN101140504A (en) * | 2006-09-05 | 2008-03-12 | 鸿富锦精密工业(深圳)有限公司 | Print job monitoring system and method |
| JP4198154B2 (en) * | 2003-02-26 | 2008-12-17 | サイエンスパーク株式会社 | Electronic computer storing print control program, program and program recording medium |
| CN101458614A (en) * | 2007-12-14 | 2009-06-17 | 元镁科技股份有限公司 | Output monitoring system, method and computer readable medium |
| CN101770351A (en) * | 2009-01-06 | 2010-07-07 | 佳能株式会社 | Print system, print server, control method thereof, and program |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7522299B2 (en) * | 2003-06-30 | 2009-04-21 | Microsoft Corporation | System and method for automatic configuration |
-
2011
- 2011-09-23 CN CN201110284627.0A patent/CN102509032B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4198154B2 (en) * | 2003-02-26 | 2008-12-17 | サイエンスパーク株式会社 | Electronic computer storing print control program, program and program recording medium |
| CN1808415A (en) * | 2005-01-22 | 2006-07-26 | 鸿富锦精密工业(深圳)有限公司 | Multi-point file print control system and method |
| CN101078976A (en) * | 2006-04-24 | 2007-11-28 | 株式会社理光 | Print system |
| CN101140504A (en) * | 2006-09-05 | 2008-03-12 | 鸿富锦精密工业(深圳)有限公司 | Print job monitoring system and method |
| CN101458614A (en) * | 2007-12-14 | 2009-06-17 | 元镁科技股份有限公司 | Output monitoring system, method and computer readable medium |
| CN101770351A (en) * | 2009-01-06 | 2010-07-07 | 佳能株式会社 | Print system, print server, control method thereof, and program |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102509032A (en) | 2012-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102509032B (en) | Implementation method of print security monitoring system based on Windows underlying driver | |
| AU780201B2 (en) | Remote printing of secure and/or authenticated documents | |
| US7661147B2 (en) | System for controlling use of digitally encoded products | |
| EP2755162B1 (en) | Identity controlled data center | |
| US9336369B2 (en) | Methods of licensing software programs and protecting them from unauthorized use | |
| CN101453327B (en) | Information leakage prevention system | |
| CN1956449A (en) | Encipher transmission method and equipment system for preventing cpying data resource | |
| CN104680079A (en) | Electronic document security management system and electronic document security management method | |
| US20030051172A1 (en) | Method and system for protecting digital objects distributed over a network | |
| US8776258B2 (en) | Providing access rights to portions of a software application | |
| JP2012517047A (en) | Clipboard security system and method | |
| CN1815946A (en) | Method for realizing digital information safety access | |
| WO2012170960A1 (en) | Method and apparatus for file assurance | |
| CN104951712A (en) | Data safety protection method in Xen virtualization environment | |
| CN103218181A (en) | Data safety printing control method based on virtual printer technology | |
| US9129098B2 (en) | Methods of protecting software programs from unauthorized use | |
| CN111046405B (en) | Data processing method, device, equipment and storage medium | |
| US8355508B2 (en) | Information processing apparatus, information processing method, and computer readable recording medium | |
| CN114595433B (en) | Data security reinforcement method for information system | |
| JP6208645B2 (en) | License management method and license management system | |
| KR100939106B1 (en) | Method for preventing unauthorized copies of data stored in removable storage apparatus and system adapted to the same | |
| CN107358107A (en) | Printer dynamic management system | |
| CN1662868A (en) | Digital rights management system on a virtual private network | |
| CN106803041A (en) | Data safety print control program based on virtual printer technology | |
| WO2024042692A1 (en) | System for managing three-dimensional data of components |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: NANJING NARI CO., LTD. STATE ELECTRIC NET CROP. Free format text: FORMER OWNER: NANJING NARI CO., LTD. Effective date: 20130206 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20130206 Address after: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Applicant after: State Grid Electric Power Research Insititute Applicant after: Nanjing Nari Co., Ltd. Applicant after: State Grid Corporation of China Address before: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Applicant before: State Grid Electric Power Research Insititute Applicant before: Nanjing Nari Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171114 Address after: 211106 Jiangning City, Nanjing Province, the integrity of the road No. 19, Co-patentee after: NARI Technology Development Co., Ltd. Patentee after: State Grid Electric Power Research Insititute Co-patentee after: State Grid Corporation of China Address before: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Co-patentee before: Nanjing Nari Co., Ltd. Patentee before: State Grid Electric Power Research Insititute Co-patentee before: State Grid Corporation of China |
|
| TR01 | Transfer of patent right |