CN103745166A - Method and device for inspecting file attribute value - Google Patents
Method and device for inspecting file attribute value Download PDFInfo
- Publication number
- CN103745166A CN103745166A CN201310741086.9A CN201310741086A CN103745166A CN 103745166 A CN103745166 A CN 103745166A CN 201310741086 A CN201310741086 A CN 201310741086A CN 103745166 A CN103745166 A CN 103745166A
- Authority
- CN
- China
- Prior art keywords
- file
- property value
- configuration file
- attribute value
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a device for inspecting a file attribute value. The method comprises the steps of generating a configuration file according to the file attribute value under the condition that the file is accessed, wherein the configuration file includes attribute value computation rules; computing the file according to the attribute value computation rules of the configuration file to obtain at least one file attribute value; inspecting whether at one file attribute value is identical to at least one attribute value corresponding to a pre-stored file or not. The file is computed according to the attribute value computation rules in the configuration file generated during file access, a computation result is compared with the attribute value corresponding to the pre-stored corresponding file, and accordingly the file attribute is prevented from being tampered.
Description
Technical field
The present invention relates to computer realm, and especially, relate to a kind of method of inspection and device of file attribute value.
Background technology
Prior art is by original md5 value the storage of md5 value hash method calculation document, when this document is detected, again obtain the current md5 value of file, more original md5 value and current md5 value, thereby judge that whether this document is complete, but there is following problem: because md5 value is only obtained by the content of calculation document, and file has a lot of other attributes, such as authority and No. ID etc., content at file is not changed, and in the situation that the authority of this document is modified, there is the problem that can not access in the user under this document.Therefore, whether prior art has the integrality that detects file by md5 value content can only be detected complete, therefore this technology is one-side testing mechanism, and not the integrity checking strategy of file, lacks the integrality that a set of complete scheme guarantees to detect file system itself in prior art.
The problem that causes existing other attribute of file to be easily tampered for only the integrality of file content being detected in correlation technique, not yet proposes effective solution at present.
Summary of the invention
The problem that causes existing other attribute of file to be easily tampered for only the integrality of file content being detected in correlation technique; the present invention proposes a kind of method of inspection and device of file attribute value; can protect each attribute of file, thus the danger of avoiding file to be tampered.
Technical scheme of the present invention is achieved in that
A kind of method of inspection of file attribute value is provided according to an aspect of the present invention.
This method of inspection comprises:
The in the situation that of access file, according to the attribute value generation configuration file of file, configuration file comprises property value computation rule;
By the property value computation rule calculation document of configuration file, obtain at least one property value of file;
Whether at least one property value of checking file is identical with at least one corresponding property value of pre-stored respective file.
And this method of inspection further comprises:
In the situation that at least one property value of checking file is identical with at least one property value of pre-stored respective file, judgement file is complete.
In addition, this method of inspection further comprises:
After according to the attribute value generation configuration file of file, encryption configuration file;
Before calling the property value computation rule calculation document of configuration file, deciphering configuration file.
Alternatively, this method of inspection further comprises:
Property value to pre-stored file is encrypted;
In the situation that testing, the property value of the file that deciphering has been encrypted.
And, based on key mode, be encrypted, and use mode that should key is decrypted.
Preferably, the property value of file according to below one of at least configuration form:
ID, file size, file amendment time, CRC-32 cryptographic hash, MD5 cryptographic hash, SHA cryptographic hash, the Haval signature value under access privilege, Inode number, file, under user's ID, user, organized.
A kind of verifying attachment of file attribute value is provided according to an aspect of the present invention.
Wherein, above-mentioned verifying attachment comprises:
File generating module, for the access file in the situation that, according to the attribute value generation configuration file of file, configuration file comprises property value computation rule;
Computing module, for by the property value computation rule calculation document of configuration file, obtains at least one property value of file;
Whether inspection module is identical with at least one corresponding property value of pre-stored respective file at least one property value of checking file.
And above-mentioned verifying attachment further comprises:
Judge module, in the situation that at least one property value of checking file is identical with at least one property value of pre-stored respective file, judgement file is complete.
In addition, above-mentioned verifying attachment further comprises:
Encryption and decryption module, for after according to the attribute value generation configuration file of file, encryption configuration file; Also, for before calling the property value computation rule calculation document of configuration file, decipher configuration file.
Preferably, encryption and decryption module is further used for the property value of pre-stored file to be encrypted; And in the situation that testing, the property value of the file that deciphering has been encrypted.
Property value computation rule in the configuration file that the present invention generates during by access file calculates file, result of calculation is contrasted with the corresponding property value of pre-stored respective file, thereby prevent that the attribute of file is tampered.
Accompanying drawing explanation
Fig. 1 is according to the process flow diagram of the method for inspection of the embodiment of the present invention;
Fig. 2 is the process flow diagram of key generation method according to an embodiment of the invention;
Fig. 3 is the process flow diagram of key generation method according to an embodiment of the invention;
Fig. 4 is the process flow diagram of the method for generation benchmark database according to an embodiment of the invention;
Fig. 5 is according to the block diagram of the verifying attachment of the embodiment of the present invention;
Fig. 6 is the schematic diagram of the verifying attachment of file attribute value according to an embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, the every other embodiment that those of ordinary skills obtain, belongs to the scope of protection of the invention.
According to embodiments of the invention, provide a kind of method of inspection of file attribute value.
As shown in Figure 1, according to the method for inspection of the embodiment of the present invention, comprise:
Step S101, the in the situation that of access file, according to the attribute value generation configuration file of file, configuration file comprises property value computation rule;
Step S103, by the property value computation rule calculation document of configuration file, obtains at least one property value of file;
Step S105, whether at least one property value of checking file is identical with at least one corresponding property value of pre-stored respective file, wherein can in benchmark database, store the property value (in literary composition also referred to as reference value) of All Files, and, in the situation that at least one property value of checking file is identical with at least one property value of pre-stored respective file, judgement file is complete.
In addition, according to the method for inspection of the embodiment of the present invention further after according to the attribute value generation configuration file of file, encryption configuration file; And before calling the property value computation rule calculation document of configuration file, deciphering configuration file.
Alternatively, according to the method for inspection of the embodiment of the present invention, further the property value of pre-stored file is encrypted; And in the situation that testing, the property value of the file that deciphering has been encrypted.
And, based on key mode, be encrypted, and use mode that should key is decrypted.
Fig. 2 is the process flow diagram of key generation method according to an embodiment of the invention, comprising:
User inputs key;
Secret key encryption database and the rule file of input;
Preserve user and input key.
Fig. 3 is the process flow diagram of key generation method according to an embodiment of the invention, comprising:
User changes key;
User inputs new key;
By old secret key decryption database and rule file;
Secret key encryption database and the rule file of input, delete old key, preserves new key.
Preferably, the property value of file according to below one of at least configuration form:
ID, file size, file amendment time, CRC-32 cryptographic hash, MD5 cryptographic hash, SHA cryptographic hash, the Haval signature value under access privilege, Inode number, file, under user's ID, user, organized.The method of inspection of the present invention is data integrity protection's scheme of far-end individual virtual machine under cloud computing environment.By the method for inspection of the present invention, can reach the integrality of protection distance host data; the access privilege that comprises file; Inode number, the possessory ID of file, the ID of group under the file owner; file size; the change time, CRC-32 cryptographic hash, MD5 cryptographic hash; SHA cryptographic hash, the contents such as Haval signature value.
Fig. 4 is the process flow diagram of the method for generation benchmark database according to an embodiment of the invention, comprising:
User calls and generates reference data library command;
Call deciphering module and decipher rule configuration file;
The reference value generating is put into benchmark database;
Call encrypting module and encrypt benchmark database.
In addition, encryption method of the present invention can also be encrypted with other file encrypting method well known in the art.
According to embodiments of the invention, provide a kind of verifying attachment of file attribute value.
As shown in Figure 5, according to the verifying attachment of the embodiment of the present invention, comprise:
File generating module 51, for the access file in the situation that, according to the attribute value generation configuration file of file, configuration file comprises property value computation rule;
Computing module 52, for by the property value computation rule calculation document of configuration file, obtains at least one property value of file;
Whether inspection module 53 is identical with at least one corresponding property value of pre-stored respective file at least one property value of checking file.
And, according to the verifying attachment of the embodiment of the present invention, further comprise:
Judge module (not shown), in the situation that at least one property value of checking file is identical with at least one property value of pre-stored respective file, judgement file is complete.
In addition according to the verifying attachment of the embodiment of the present invention, further comprise:
Encryption and decryption module (not shown), for after according to the attribute value generation configuration file of file, encryption configuration file; Also, for before calling the property value computation rule calculation document of configuration file, decipher configuration file.
Preferably, encryption and decryption module is further used for the property value of pre-stored file to be encrypted; And in the situation that testing, the property value of the file that deciphering has been encrypted.
Property value computation rule in the configuration file that the present invention generates during by access file calculates file, result of calculation is contrasted with the corresponding property value of pre-stored respective file, thereby prevent that the attribute of file is tampered.
According to one embodiment of present invention, provide as shown in Figure 6 a kind of verifying attachment of file attribute value, having comprised: key management module (encryption and decryption module as described herein), configuration module, database module, order management module and examining report.
Order management module is the core of structure, by order management module, sends every operation, and it can configure configuration file by the order of sending, thereby reaches the function of which attribute that detects file.When generating report, read the configuration item of configuration file, thereby detect file, last and one of benchmark database generates examining report.
In sum, by means of technique scheme of the present invention, property value computation rule in the configuration file that the present invention generates during by access file calculates file, result of calculation is contrasted with the corresponding property value of pre-stored respective file, thereby the attribute that prevents file is tampered, in addition technical scheme of the present invention is also encrypted by key management module all operations that relate to file, is encrypted deciphering in the time of file reading in the time of spanned file.With this, guarantee the security of native system itself.By technical scheme of the present invention; user can protect the file integrality of native system; once any attribute of file changes; user under file just can learn by examining report the attribute being modified of file; therefore, by configuration file, can configure the attribute of protected file, and can protected file attribute comprehensive; can also pass through encrypting storing configuration file and database, guarantee the security of native system content.
The foregoing is only preferred embodiment of the present invention, in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. a method of inspection for file attribute value, is characterized in that, comprising:
The in the situation that of the described file of access, according to the attribute value generation configuration file of described file, described configuration file comprises property value computation rule;
Property value computation rule by described configuration file calculates described file, obtains at least one property value of described file;
Whether at least one property value of checking described file is identical with at least one corresponding property value of pre-stored corresponding described file.
2. detection method according to claim 1, is characterized in that, further comprises:
In the situation that at least one property value of the described file of check is identical with at least one property value of pre-stored corresponding described file, judge that described file is complete.
3. detection method according to claim 1, is characterized in that, further comprises:
After according to the attribute value generation configuration file of described file, encrypt described configuration file;
Before the property value computation rule that calls described configuration file calculates described file, decipher described configuration file.
4. detection method according to claim 3, is characterized in that, further comprises:
Property value to pre-stored file is encrypted;
In the situation that testing, the property value of the file that deciphering has been encrypted.
5. according to the detection method described in claim 3 or 4, it is characterized in that, based on key mode, be encrypted, and use mode that should key is decrypted.
6. according to the detection method described in any one in claim 1-4, it is characterized in that, the property value of described file according to below one of at least configuration form:
ID, file size, file amendment time, CRC-32 cryptographic hash, MD5 cryptographic hash, SHA cryptographic hash, the Haval signature value under access privilege, Inode number, file, under user's ID, user, organized.
7. a verifying attachment for file attribute value, is characterized in that, comprising:
File generating module, in the situation that accessing described file, according to the attribute value generation configuration file of described file, described configuration file comprises property value computation rule;
Computing module, calculates described file for the property value computation rule by described configuration file, obtains at least one property value of described file;
Whether inspection module is identical with at least one corresponding property value of pre-stored corresponding described file at least one property value of checking described file.
8. pick-up unit according to claim 7, is characterized in that, further comprises:
Judge module, in the situation that at least one property value of the described file of check is identical with at least one property value of pre-stored corresponding described file, judges that described file is complete.
9. pick-up unit according to claim 7, is characterized in that, further comprises:
Encryption and decryption module, for after according to the attribute value generation configuration file of described file, encrypts described configuration file; Before also calculating described file for the property value computation rule calling described configuration file, decipher described configuration file.
10. pick-up unit according to claim 9, is characterized in that, described encryption and decryption module is further used for the property value of pre-stored file to be encrypted; And in the situation that testing, the property value of the file that deciphering has been encrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310741086.9A CN103745166A (en) | 2013-12-27 | 2013-12-27 | Method and device for inspecting file attribute value |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310741086.9A CN103745166A (en) | 2013-12-27 | 2013-12-27 | Method and device for inspecting file attribute value |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103745166A true CN103745166A (en) | 2014-04-23 |
Family
ID=50502183
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310741086.9A Pending CN103745166A (en) | 2013-12-27 | 2013-12-27 | Method and device for inspecting file attribute value |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103745166A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392184A (en) * | 2014-11-13 | 2015-03-04 | 北京海泰方圆科技有限公司 | Multi-stage electronic file record generating and checking method |
| CN104536876A (en) * | 2014-11-26 | 2015-04-22 | 四川长虹电器股份有限公司 | An Android platform based automatically updating and testing method and system |
| CN105245550A (en) * | 2015-10-29 | 2016-01-13 | 广州酷狗计算机科技有限公司 | Domain name hijacking judgment method and device |
| CN106708853A (en) * | 2015-11-13 | 2017-05-24 | 阿里巴巴集团控股有限公司 | Data check method and apparatus |
| CN107179939A (en) * | 2017-05-12 | 2017-09-19 | 北京理工大学 | A kind of information security contest topic method for detecting availability |
| CN108427889A (en) * | 2018-01-10 | 2018-08-21 | 链家网(北京)科技有限公司 | Document handling method and device |
| CN116561817A (en) * | 2023-07-12 | 2023-08-08 | 中国民航信息网络股份有限公司 | Target object processing method, device and equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040117727A1 (en) * | 2002-11-12 | 2004-06-17 | Shinya Wada | Method and apparatus for processing files utilizing a concept of weight so as to visually represent the files in terms of whether the weight thereof is heavy or light |
| CN1770051A (en) * | 2004-11-04 | 2006-05-10 | 华为技术有限公司 | File safety detection method |
| CN102768717A (en) * | 2012-06-29 | 2012-11-07 | 腾讯科技(深圳)有限公司 | Malicious file detection method and malicious file detection device |
-
2013
- 2013-12-27 CN CN201310741086.9A patent/CN103745166A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040117727A1 (en) * | 2002-11-12 | 2004-06-17 | Shinya Wada | Method and apparatus for processing files utilizing a concept of weight so as to visually represent the files in terms of whether the weight thereof is heavy or light |
| CN1770051A (en) * | 2004-11-04 | 2006-05-10 | 华为技术有限公司 | File safety detection method |
| CN102768717A (en) * | 2012-06-29 | 2012-11-07 | 腾讯科技(深圳)有限公司 | Malicious file detection method and malicious file detection device |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392184A (en) * | 2014-11-13 | 2015-03-04 | 北京海泰方圆科技有限公司 | Multi-stage electronic file record generating and checking method |
| CN104392184B (en) * | 2014-11-13 | 2017-12-29 | 北京海泰方圆科技股份有限公司 | A kind of method of the generation of Multi-stage electronic file voucher and verification |
| CN104536876A (en) * | 2014-11-26 | 2015-04-22 | 四川长虹电器股份有限公司 | An Android platform based automatically updating and testing method and system |
| CN105245550A (en) * | 2015-10-29 | 2016-01-13 | 广州酷狗计算机科技有限公司 | Domain name hijacking judgment method and device |
| CN106708853A (en) * | 2015-11-13 | 2017-05-24 | 阿里巴巴集团控股有限公司 | Data check method and apparatus |
| CN107179939A (en) * | 2017-05-12 | 2017-09-19 | 北京理工大学 | A kind of information security contest topic method for detecting availability |
| CN107179939B (en) * | 2017-05-12 | 2021-01-12 | 北京理工大学 | Information security competition question availability detection method |
| CN108427889A (en) * | 2018-01-10 | 2018-08-21 | 链家网(北京)科技有限公司 | Document handling method and device |
| CN116561817A (en) * | 2023-07-12 | 2023-08-08 | 中国民航信息网络股份有限公司 | Target object processing method, device and equipment |
| CN116561817B (en) * | 2023-07-12 | 2023-10-31 | 中国民航信息网络股份有限公司 | Target object processing method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103745166A (en) | Method and device for inspecting file attribute value | |
| US8225105B2 (en) | Method and apparatus for verifying integrity of computer system vital data components | |
| US8769675B2 (en) | Clock roll forward detection | |
| CN103824031B (en) | Use the method and system of safety of electronic file label guarantee safety of electronic file | |
| EP2759955A1 (en) | Secure backup and restore of protected storage | |
| CN101311942A (en) | Software encryption and decryption method and encryption and decryption device | |
| US20120096257A1 (en) | Apparatus and Method for Protecting Storage Data of a Computing Apparatus in an Enterprise Network System | |
| CN107784207B (en) | Display method, device and equipment of financial APP interface and storage medium | |
| CN104834835A (en) | Universal digital rights protection method under Windows platform | |
| CN105740725A (en) | File protection method and system | |
| CN106295257A (en) | A kind of authentication method being reinforced software and device | |
| CN105827574A (en) | File access system, file access method and file access device | |
| CN101615230A (en) | The method of a kind of file credible execution and credible protection | |
| CN109190401A (en) | A kind of date storage method, device and the associated component of Qemu virtual credible root | |
| US20160188894A1 (en) | Retention management in a facility with multiple trust zones and encryption based secure deletion | |
| CN106682521B (en) | File transparent encryption and decryption system and method based on driver layer | |
| CN105320895A (en) | High performance autonomous hardware engine for online encryption processing | |
| CN110175067A (en) | A kind of mobile application tank force three-dimensional defence method and system | |
| CN107092838A (en) | A kind of safety access control method of hard disk and a kind of hard disk | |
| CN102004887A (en) | Method and device for protecting program | |
| CN108133147A (en) | Guard method, equipment and the readable storage medium storing program for executing of executable code | |
| CN103902922A (en) | Method and system for preventing file from being stolen | |
| CN108229162A (en) | A kind of implementation method of cloud platform virtual machine completeness check | |
| CN104639313B (en) | A kind of detection method of cryptographic algorithm | |
| CN102708069A (en) | Protection method for memory data in Android system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 100193 Beijing, Haidian District, northeast Wang West Road, building 8, building 36, floor 5 Applicant after: Shuguang Cloud Computing Group Co Ltd Address before: 100193 Beijing, Haidian District, northeast Wang West Road, building 8, building 36, floor 5 Applicant before: Shuguang Cloud Computing Technology Co., Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140423 |