A kind of multi-process operates the security method menu of same file simultaneously
Technical field
The present invention relates to windows kernel and windows application-development technologies field, specifically a kind of practical, security method menu that multi-process operates same file simultaneously.
Background technology
Along with the develop rapidly of computer technology, electronic data has related to nearly all field, and the security of data is more and more important, has a mind to or loss unintentionally may cause great loss with destroying.Current many editing machines do not provide safety inspection, notepad, board such as Microsoft, what writing of file taked is mandatory covering, although other editing machine provides source file content to check constantly contrast mechanism as Microsoft Visual Studio, Uedit etc., but its to data what write same employing is force to cover, this simultaneously very easily causes the loss of data first writing during operation file to multi-process, and all that has been achieved is spoiled for the work before making it.Based on this, now provide a kind of multi-process to operate same file, the method for carrying out security inspection that writes to file simultaneously, the method can be added associated program, and the file operation of associated program is carried out to security inspection equally, practical.
Summary of the invention
Technical assignment of the present invention is to solve the deficiencies in the prior art, and a kind of practical, security method menu that multi-process operates same file is simultaneously provided.
Technical scheme of the present invention realizes in the following manner, and this kind of multi-process operates the security method menu of same file simultaneously, and its specific implementation process is:
Between file kernel and application program, add a file security module, this document security module is intercepted and captured each operation of user by hook, then according to file operation main body and the corresponding operation of operation read-write sign, its specific operation process is:
1), user add associated program, check the read-write operation of associated program to program;
2), associated program file reading, file security module records file checking information, source file is backed up and generate mission bit stream, and the mission bit stream here comprises process ID, source file path, temporary file path and the last modification time of source file of reading file;
3), associated program reading and writing of files, associated program is when to file data writing, source file is carried out to validation of information, check whether it was revised by other process outside this operation, be the last modification time of file security module contrast source file and the last modification time recording, and provide warning to user;
4), task list is safeguarded, file security module starts safeguards that thread carries out real-time inspection to task list, thread is safeguarded in establishment, to entering list, check constantly, losing efficacy of task is cleared up, task list described here is the list of the corresponding mission bit stream of process ID, and each mission bit stream is all unique, records the last modification time of process ID, source file path, temporary file path and the source file of operation file in this list.
The detailed operating process of described step 1) is:
One, application programs self, the read-write of file kernel is carried out to security inspection, and other programming is become to associated program, monitor that associated program provides security to report to the police to the read-write of file with to user;
Two, user submits to needs after associated program, and the document that system writes appointment by associated program carries out physical store, again starts computing machine, and system loads associated program automatically;
Three, system passes to file security module by associated program, and file security module is safeguarded an associated program chained list.
Described step 2) detailed process is:
A, file security module copy source file generate temporary file, and associated program is before written document, and user's all operations is all to carry out on temporary file;
B, record source file path, user is read and data writing to source file at any time;
C, record the file path of temporary file;
D, record the last modification time of source file, while being done with associated program written document, as the foundation of file security verification, if last modification time and the writing time of source file are inconsistent, user is reported to the police;
E, record the process ID of file reading, and add the information recording in step B, C, D, E to task list the inside by file security module.
The detailed process of described step 3) is
A, traversal associated program chained list, whether judgement writes program corresponding to process is associated program;
B, read the last modification time of source file and contrast writing time;
C, the preserving type of pointing out user to carry out file according to judged result, the preserving type here refers to and covers or separately deposit.
The detailed process of described step 4) is:
A, initiating task manager module;
B, contrast task list and system process;
After c, deletion inefficacy task, continue step b, until losing efficacy in system of task is deleted completely.
The beneficial effect that the present invention compared with prior art produced is:
The security method menu that a kind of multi-process of the present invention operates same file is simultaneously realized user and is write fashionable automatic integrity inspection the alerts user of carrying out; User add associated program function is provided, makes associated program write and fashionablely equally automatically carry out File Integrity Checking and to User Alarms carrying out file; Practical, applied widely, be easy to promote.
Accompanying drawing explanation
Accompanying drawing 1 is associated program list schematic diagram of the present invention.
Accompanying drawing 2 is interpolation associated program schematic diagram of the present invention.
Accompanying drawing 3 is task list schematic diagram of the present invention.
Accompanying drawing 4 is associated program file reading schematic diagram of the present invention.
Accompanying drawing 5 is associated program reading and writing of files schematic diagram of the present invention.
Accompanying drawing 6 is safeguarded schematic diagram for task list of the present invention.
Embodiment
The security method menu that a kind of multi-process of the present invention is operated to same file simultaneously below in conjunction with accompanying drawing is described in detail below.
Mentality of designing of the present invention is: the feature of considering windows message mechanism, utilize the message intercept mode of system, it is hook intercepting, judge whether file operation main body is associated program and action type, read or written document, to file operation main body, be that mission bit stream record is carried out in associated program and the action of carrying out read operation, and the mission bit stream of record is added in mission bit stream list.For the write operation of associated program, file security module can be carried out file security verification before writing, and the operation that verification is not passed through is reported to the police to user; Basis of the present invention is to add other programs to associated program list the inside, thereby can carry out security inspection to the operating writing-file of these associated programs, and method also can provide the file read-write function of application layer certainly.Based on this mentality of designing, as shown in Figure 1, the security method menu that now provides a kind of multi-process simultaneously to operate same file, the method is in application layer user operation part and drive layer file security writing module partly to complete.
Wherein application layer part, provides user two functions, and A, read-write file, can add associated program at B.
Next is kernel file security module, the read-write operation of file security module controls associated program, reads document stage at associated program and records source file Information generation mission bit stream, and add in task list, safeguard an assignment file simultaneously, prevent task list accidental destruction; The associated program written document stage, file security module can read the last modification time of source file and the last modification time comparison that mission bit stream records, if result is consistent, so associated program can be directly to data writing in source file, if inconsistent, file security module can notification application be reported to the police to user's write operation so.
Its specific implementation process is:
Between file kernel and application program, add a file security module, this document security module is intercepted and captured each operation of user by hook, then according to file operation main body and the corresponding operation of operation read-write sign, its specific operation process is:
1), user add associated program, check the read-write operation of associated program to program, this step not only can be to self, the read-write of file is carried out to security inspection, other programming can also be become to associated program, and can monitor that associated program provides security to report to the police to the read-write of file with to user.
2), associated program file reading, file security module records file checking information, source file is backed up and generate mission bit stream, and the mission bit stream here comprises process ID, source file path, temporary file path and the last modification time of source file of reading file.
3), associated program reading and writing of files, associated program is when to file data writing, source file is carried out to validation of information, check whether it was revised by other process outside this operation, be the last modification time of file security module contrast source file and the last modification time recording, and provide warning to user.
4), task list is safeguarded, file security module starts safeguards that thread carries out real-time inspection to task list, thread is safeguarded in establishment, to entering list, check constantly, losing efficacy of task is cleared up, task list described here is the list of the corresponding mission bit stream of process ID, and each mission bit stream is all unique, records the last modification time of process ID, source file path, temporary file path and the source file of operation file in this list.
As shown in Figure 2, the detailed operating process of described step 1) is:
One, application programs self, the read-write of file kernel is carried out to security inspection, and other programming is become to associated program, monitor that associated program provides security to report to the police to the read-write of file with to user;
Two, user submits to needs after associated program, and the document that system writes appointment by associated program carries out physical store, again starts computing machine, and system loads associated program automatically;
Three, system passes to file security module by associated program, and file security module is safeguarded an associated program chained list.
As shown in accompanying drawing 3, Fig. 4, described step 2) detailed process is:
A, file security module copy source file generate temporary file, and associated program is before written document, and user's all operations is all to carry out on temporary file;
B, record source file path, user is read and data writing to source file at any time;
C, record the file path of temporary file;
D, record the last modification time of source file, while being done with associated program written document, as the foundation of file security verification, if last modification time and the writing time of source file are inconsistent, user is reported to the police;
E, record the process ID of file reading, and add the information recording in step B, C, D, E to task list the inside by file security module.
As shown in Figure 5, the detailed process of described step 3) is
A, traversal associated program chained list, whether judgement writes program corresponding to process is associated program;
B, read the last modification time of source file and contrast writing time;
C, the preserving type of pointing out user to carry out file according to judged result, the preserving type here refers to and covers or separately deposit.
As shown in Figure 6, the detailed process of described step 4) is:
A, initiating task manager module;
B, contrast task list and system process;
After c, deletion inefficacy task, continue step b, until losing efficacy in system of task is deleted completely.
Above embodiment is only for illustrating the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.