CN104021355A - Safety inspection method for simultaneously operating same file through multiple processes - Google Patents
Safety inspection method for simultaneously operating same file through multiple processes Download PDFInfo
- Publication number
- CN104021355A CN104021355A CN201410278171.0A CN201410278171A CN104021355A CN 104021355 A CN104021355 A CN 104021355A CN 201410278171 A CN201410278171 A CN 201410278171A CN 104021355 A CN104021355 A CN 104021355A
- Authority
- CN
- China
- Prior art keywords
- file
- associated program
- user
- security
- security module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a safety inspection method for simultaneously operating the same file through multiple processes. The safety method comprises the steps that a file safety module is added between a file kernel and an application program, the file safety module intercepts and captures each operation of a user through a hook, and corresponding operations are carried out according to the file operation body and operation reading-writing marks; the specific operation process comprises that a users adds associated programs, the associated programs read the file, the associated programs read and write the file, and a task list is maintained. Compared with the prior art, the safety inspection method for simultaneously operating the same file through the multiple processes achieves multi-process automatic completeness check, gives an alarm to the user when errors appear, and is high in practicability, wide in application range and easy to popularize.
Description
Technical field
The present invention relates to windows kernel and windows application-development technologies field, specifically a kind of practical, security method menu that multi-process operates same file simultaneously.
Background technology
Along with the develop rapidly of computer technology, electronic data has related to nearly all field, and the security of data is more and more important, has a mind to or loss unintentionally may cause great loss with destroying.Current many editing machines do not provide safety inspection, notepad, board such as Microsoft, what writing of file taked is mandatory covering, although other editing machine provides source file content to check constantly contrast mechanism as Microsoft Visual Studio, Uedit etc., but its to data what write same employing is force to cover, this simultaneously very easily causes the loss of data first writing during operation file to multi-process, and all that has been achieved is spoiled for the work before making it.Based on this, now provide a kind of multi-process to operate same file, the method for carrying out security inspection that writes to file simultaneously, the method can be added associated program, and the file operation of associated program is carried out to security inspection equally, practical.
Summary of the invention
Technical assignment of the present invention is to solve the deficiencies in the prior art, and a kind of practical, security method menu that multi-process operates same file is simultaneously provided.
Technical scheme of the present invention realizes in the following manner, and this kind of multi-process operates the security method menu of same file simultaneously, and its specific implementation process is:
Between file kernel and application program, add a file security module, this document security module is intercepted and captured each operation of user by hook, then according to file operation main body and the corresponding operation of operation read-write sign, its specific operation process is:
1), user add associated program, check the read-write operation of associated program to program;
2), associated program file reading, file security module records file checking information, source file is backed up and generate mission bit stream, and the mission bit stream here comprises process ID, source file path, temporary file path and the last modification time of source file of reading file;
3), associated program reading and writing of files, associated program is when to file data writing, source file is carried out to validation of information, check whether it was revised by other process outside this operation, be the last modification time of file security module contrast source file and the last modification time recording, and provide warning to user;
4), task list is safeguarded, file security module starts safeguards that thread carries out real-time inspection to task list, thread is safeguarded in establishment, to entering list, check constantly, losing efficacy of task is cleared up, task list described here is the list of the corresponding mission bit stream of process ID, and each mission bit stream is all unique, records the last modification time of process ID, source file path, temporary file path and the source file of operation file in this list.
The detailed operating process of described step 1) is:
One, application programs self, the read-write of file kernel is carried out to security inspection, and other programming is become to associated program, monitor that associated program provides security to report to the police to the read-write of file with to user;
Two, user submits to needs after associated program, and the document that system writes appointment by associated program carries out physical store, again starts computing machine, and system loads associated program automatically;
Three, system passes to file security module by associated program, and file security module is safeguarded an associated program chained list.
Described step 2) detailed process is:
A, file security module copy source file generate temporary file, and associated program is before written document, and user's all operations is all to carry out on temporary file;
B, record source file path, user is read and data writing to source file at any time;
C, record the file path of temporary file;
D, record the last modification time of source file, while being done with associated program written document, as the foundation of file security verification, if last modification time and the writing time of source file are inconsistent, user is reported to the police;
E, record the process ID of file reading, and add the information recording in step B, C, D, E to task list the inside by file security module.
The detailed process of described step 3) is
A, traversal associated program chained list, whether judgement writes program corresponding to process is associated program;
B, read the last modification time of source file and contrast writing time;
C, the preserving type of pointing out user to carry out file according to judged result, the preserving type here refers to and covers or separately deposit.
The detailed process of described step 4) is:
A, initiating task manager module;
B, contrast task list and system process;
After c, deletion inefficacy task, continue step b, until losing efficacy in system of task is deleted completely.
The beneficial effect that the present invention compared with prior art produced is:
The security method menu that a kind of multi-process of the present invention operates same file is simultaneously realized user and is write fashionable automatic integrity inspection the alerts user of carrying out; User add associated program function is provided, makes associated program write and fashionablely equally automatically carry out File Integrity Checking and to User Alarms carrying out file; Practical, applied widely, be easy to promote.
Accompanying drawing explanation
Accompanying drawing 1 is associated program list schematic diagram of the present invention.
Accompanying drawing 2 is interpolation associated program schematic diagram of the present invention.
Accompanying drawing 3 is task list schematic diagram of the present invention.
Accompanying drawing 4 is associated program file reading schematic diagram of the present invention.
Accompanying drawing 5 is associated program reading and writing of files schematic diagram of the present invention.
Accompanying drawing 6 is safeguarded schematic diagram for task list of the present invention.
Embodiment
The security method menu that a kind of multi-process of the present invention is operated to same file simultaneously below in conjunction with accompanying drawing is described in detail below.
Mentality of designing of the present invention is: the feature of considering windows message mechanism, utilize the message intercept mode of system, it is hook intercepting, judge whether file operation main body is associated program and action type, read or written document, to file operation main body, be that mission bit stream record is carried out in associated program and the action of carrying out read operation, and the mission bit stream of record is added in mission bit stream list.For the write operation of associated program, file security module can be carried out file security verification before writing, and the operation that verification is not passed through is reported to the police to user; Basis of the present invention is to add other programs to associated program list the inside, thereby can carry out security inspection to the operating writing-file of these associated programs, and method also can provide the file read-write function of application layer certainly.Based on this mentality of designing, as shown in Figure 1, the security method menu that now provides a kind of multi-process simultaneously to operate same file, the method is in application layer user operation part and drive layer file security writing module partly to complete.
Wherein application layer part, provides user two functions, and A, read-write file, can add associated program at B.
Next is kernel file security module, the read-write operation of file security module controls associated program, reads document stage at associated program and records source file Information generation mission bit stream, and add in task list, safeguard an assignment file simultaneously, prevent task list accidental destruction; The associated program written document stage, file security module can read the last modification time of source file and the last modification time comparison that mission bit stream records, if result is consistent, so associated program can be directly to data writing in source file, if inconsistent, file security module can notification application be reported to the police to user's write operation so.
Its specific implementation process is:
Between file kernel and application program, add a file security module, this document security module is intercepted and captured each operation of user by hook, then according to file operation main body and the corresponding operation of operation read-write sign, its specific operation process is:
1), user add associated program, check the read-write operation of associated program to program, this step not only can be to self, the read-write of file is carried out to security inspection, other programming can also be become to associated program, and can monitor that associated program provides security to report to the police to the read-write of file with to user.
2), associated program file reading, file security module records file checking information, source file is backed up and generate mission bit stream, and the mission bit stream here comprises process ID, source file path, temporary file path and the last modification time of source file of reading file.
3), associated program reading and writing of files, associated program is when to file data writing, source file is carried out to validation of information, check whether it was revised by other process outside this operation, be the last modification time of file security module contrast source file and the last modification time recording, and provide warning to user.
4), task list is safeguarded, file security module starts safeguards that thread carries out real-time inspection to task list, thread is safeguarded in establishment, to entering list, check constantly, losing efficacy of task is cleared up, task list described here is the list of the corresponding mission bit stream of process ID, and each mission bit stream is all unique, records the last modification time of process ID, source file path, temporary file path and the source file of operation file in this list.
As shown in Figure 2, the detailed operating process of described step 1) is:
One, application programs self, the read-write of file kernel is carried out to security inspection, and other programming is become to associated program, monitor that associated program provides security to report to the police to the read-write of file with to user;
Two, user submits to needs after associated program, and the document that system writes appointment by associated program carries out physical store, again starts computing machine, and system loads associated program automatically;
Three, system passes to file security module by associated program, and file security module is safeguarded an associated program chained list.
As shown in accompanying drawing 3, Fig. 4, described step 2) detailed process is:
A, file security module copy source file generate temporary file, and associated program is before written document, and user's all operations is all to carry out on temporary file;
B, record source file path, user is read and data writing to source file at any time;
C, record the file path of temporary file;
D, record the last modification time of source file, while being done with associated program written document, as the foundation of file security verification, if last modification time and the writing time of source file are inconsistent, user is reported to the police;
E, record the process ID of file reading, and add the information recording in step B, C, D, E to task list the inside by file security module.
As shown in Figure 5, the detailed process of described step 3) is
A, traversal associated program chained list, whether judgement writes program corresponding to process is associated program;
B, read the last modification time of source file and contrast writing time;
C, the preserving type of pointing out user to carry out file according to judged result, the preserving type here refers to and covers or separately deposit.
As shown in Figure 6, the detailed process of described step 4) is:
A, initiating task manager module;
B, contrast task list and system process;
After c, deletion inefficacy task, continue step b, until losing efficacy in system of task is deleted completely.
Above embodiment is only for illustrating the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (5)
1. multi-process operates a security method menu for same file simultaneously, it is characterized in that its specific implementation process is:
Between file kernel and application program, add a file security module, this document security module is intercepted and captured each operation of user by hook, then according to file operation main body and the corresponding operation of operation read-write sign, its specific operation process is:
1), user add associated program, check the read-write operation of associated program to program;
2), associated program file reading, file security module records file checking information, source file is backed up and generate mission bit stream, and the mission bit stream here comprises process ID, source file path, temporary file path and the last modification time of source file of reading file;
3), associated program reading and writing of files, associated program is when to file data writing, source file is carried out to validation of information, check whether it was revised by other process outside this operation, be the last modification time of file security module contrast source file and the last modification time recording, and provide warning to user;
4), task list is safeguarded, file security module starts safeguards that thread carries out real-time inspection to task list, thread is safeguarded in establishment, to entering list, check constantly, losing efficacy of task is cleared up, task list described here is the list of the corresponding mission bit stream of process ID, and each mission bit stream is all unique, records the last modification time of process ID, source file path, temporary file path and the source file of operation file in this list.
2. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterized in that: the detailed operating process of described step 1) is:
One, application programs self, the read-write of file kernel is carried out to security inspection, and other programming is become to associated program, monitor that associated program provides security to report to the police to the read-write of file with to user;
Two, user submits to needs after associated program, and the document that system writes appointment by associated program carries out physical store, again starts computing machine, and system loads associated program automatically;
Three, system passes to file security module by associated program, and file security module is safeguarded an associated program chained list.
3. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterized in that: detailed process described step 2) is:
A, file security module copy source file generate temporary file, and associated program is before written document, and user's all operations is all to carry out on temporary file;
B, record source file path, user is read and data writing to source file at any time;
C, record the file path of temporary file;
D, record the last modification time of source file, while being done with associated program written document, as the foundation of file security verification, if last modification time and the writing time of source file are inconsistent, user is reported to the police;
E, record the process ID of file reading, and add the information recording in step B, C, D, E to task list the inside by file security module.
4. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterized in that: the detailed process of described step 3) is
A, traversal associated program chained list, whether judgement writes program corresponding to process is associated program;
B, read the last modification time of source file and contrast writing time;
C, the preserving type of pointing out user to carry out file according to judged result, the preserving type here refers to and covers or separately deposit.
5. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterized in that: the detailed process of described step 4) is:
A, initiating task manager module;
B, contrast task list and system process;
After c, deletion inefficacy task, continue step b, until losing efficacy in system of task is deleted completely.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410278171.0A CN104021355B (en) | 2014-06-20 | 2014-06-20 | A kind of multi-process operates the security method menu of same file simultaneously |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410278171.0A CN104021355B (en) | 2014-06-20 | 2014-06-20 | A kind of multi-process operates the security method menu of same file simultaneously |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104021355A true CN104021355A (en) | 2014-09-03 |
| CN104021355B CN104021355B (en) | 2017-03-29 |
Family
ID=51438102
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410278171.0A Active CN104021355B (en) | 2014-06-20 | 2014-06-20 | A kind of multi-process operates the security method menu of same file simultaneously |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104021355B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106020909A (en) * | 2016-06-01 | 2016-10-12 | 努比亚技术有限公司 | Application process control device and method |
| CN106776050A (en) * | 2016-10-17 | 2017-05-31 | 广州视源电子科技股份有限公司 | Multi-user's process exclusive method and device |
| CN110825708A (en) * | 2019-09-23 | 2020-02-21 | 武汉智美互联科技有限公司 | Multi-process file reading and writing method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1740978A (en) * | 2004-08-23 | 2006-03-01 | 华为技术有限公司 | Method for realing sharing internal stored data base and internal stored data base system |
| CN101382953A (en) * | 2008-09-19 | 2009-03-11 | 中兴通讯股份有限公司 | Interface system for accessing file system in user space and file reading and writing method |
| CN103631904A (en) * | 2012-12-25 | 2014-03-12 | 卡巴斯基实验室封闭式股份公司 | System and method for selecting synchronous or asynchronous file access method during antivirus analysis |
-
2014
- 2014-06-20 CN CN201410278171.0A patent/CN104021355B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1740978A (en) * | 2004-08-23 | 2006-03-01 | 华为技术有限公司 | Method for realing sharing internal stored data base and internal stored data base system |
| CN101382953A (en) * | 2008-09-19 | 2009-03-11 | 中兴通讯股份有限公司 | Interface system for accessing file system in user space and file reading and writing method |
| CN103631904A (en) * | 2012-12-25 | 2014-03-12 | 卡巴斯基实验室封闭式股份公司 | System and method for selecting synchronous or asynchronous file access method during antivirus analysis |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106020909A (en) * | 2016-06-01 | 2016-10-12 | 努比亚技术有限公司 | Application process control device and method |
| CN106020909B (en) * | 2016-06-01 | 2019-10-29 | 努比亚技术有限公司 | The control device and method of application process |
| CN106776050A (en) * | 2016-10-17 | 2017-05-31 | 广州视源电子科技股份有限公司 | Multi-user's process exclusive method and device |
| CN106776050B (en) * | 2016-10-17 | 2019-12-17 | 广州视源电子科技股份有限公司 | Multi-user process mutual exclusion method and device |
| CN110825708A (en) * | 2019-09-23 | 2020-02-21 | 武汉智美互联科技有限公司 | Multi-process file reading and writing method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104021355B (en) | 2017-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109388538B (en) | Kernel-based file operation behavior monitoring method and device | |
| US9910735B1 (en) | Generating an application-consistent snapshot | |
| JP4806557B2 (en) | Storage device and computer system for managing logs | |
| CN101359355B (en) | Method for raising user's authority for limitation account under Windows system | |
| CN104932965B (en) | Object method for real-time monitoring and device | |
| US20150113242A1 (en) | Restricting access to sensitive data in system memory dumps | |
| US10817211B2 (en) | Method for completing a secure erase operation | |
| WO2008056944A1 (en) | Confirmation method of api by the information at call-stack | |
| JP5319830B2 (en) | Data protection method and computer apparatus | |
| CN106095619A (en) | A kind of virtual machine backup method and device | |
| CN101236531B (en) | Memory and its automatic protection realization method | |
| US20190180005A1 (en) | Managing Application Specific Feature Rights | |
| CN104021355A (en) | Safety inspection method for simultaneously operating same file through multiple processes | |
| CN101833496B (en) | Detection device based on host anti-object reusability of hard disk and detection method thereof | |
| CN103514405A (en) | Method and system for detecting buffer overflow | |
| CN103164649A (en) | Process behavior analysis method and system | |
| CN103176868A (en) | File status backup method | |
| CN112257037A (en) | Process watermarking method and system and electronic equipment | |
| US9009430B2 (en) | Restoration of data from a backup storage volume | |
| CN102737198B (en) | Object protection method and device | |
| JP2017060154A (en) | Digital evidence creation device, digital evidence creation program, and digital evidence creation method | |
| CN105426749A (en) | Method for controlling running of ELF files on basis of signature mechanism | |
| KR101306656B1 (en) | Apparatus and method for providing dynamic analysis information of malignant code | |
| KR101488595B1 (en) | Apparatus and method of maintaining template strucutre in wysiwyg based html editor | |
| CN117668889A (en) | Document operation method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180816 Address after: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong. Patentee after: Shandong wave cloud Mdt InfoTech Ltd Address before: 250014 1036 Shun Ya Road, hi tech Zone, Ji'nan, Shandong. Patentee before: Langchao Electronic Information Industry Co., Ltd. |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Patentee after: Inspur cloud Information Technology Co., Ltd Address before: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong. Patentee before: SHANDONG LANGCHAO YUNTOU INFORMATION TECHNOLOGY Co.,Ltd. |