CN104021355B - A kind of multi-process operates the security method menu of same file simultaneously - Google Patents

A kind of multi-process operates the security method menu of same file simultaneously Download PDF

Info

Publication number
CN104021355B
CN104021355B CN201410278171.0A CN201410278171A CN104021355B CN 104021355 B CN104021355 B CN 104021355B CN 201410278171 A CN201410278171 A CN 201410278171A CN 104021355 B CN104021355 B CN 104021355B
Authority
CN
China
Prior art keywords
file
associated program
user
security module
program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410278171.0A
Other languages
Chinese (zh)
Other versions
CN104021355A (en
Inventor
王超
赵孝军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Cloud Information Technology Co Ltd
Original Assignee
Inspur Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Electronic Information Industry Co Ltd filed Critical Inspur Electronic Information Industry Co Ltd
Priority to CN201410278171.0A priority Critical patent/CN104021355B/en
Publication of CN104021355A publication Critical patent/CN104021355A/en
Application granted granted Critical
Publication of CN104021355B publication Critical patent/CN104021355B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides the security method menu that a kind of multi-process operates same file simultaneously, and which implements process and is:Between file kernel and application program, a file security module, each operation of this document security module by hook intercepting and capturing user is added to indicate corresponding operation further according to file operation main body and operation read-write, its specific operation process is:User adds associated program;Associated program reads file;Associated program reading and writing of files;Task list is safeguarded.Compared to the prior art a kind of multi-process operates the security method menu of same file simultaneously, realizes that multi-process automatic integrity is checked and wrong alarm user is occurring, practical, applied widely, it is easy to promote.

Description

A kind of multi-process operates the security method menu of same file simultaneously
Technical field
The present invention relates to windows kernels and windows application-development technologies field, specifically a kind of practical Property strong, multi-process operate the security method menu of same file simultaneously.
Background technology
With developing rapidly for computer technology, electronic data has been directed to almost all of field, and the safety of data is got over Come more important, intentionally or accidentally between loss with destruction be likely to result in great loss.Many editing machines do not provide peace at present The notepad of total inspection, such as Microsoft, board, what the write to file was taken is mandatory covering, other editing machine Although such as Microsoft Visual Studio, Uedit etc. provide source file content and constantly check contrast mechanism, which is right The write of data equally uses pressure and covers, this to multi-process simultaneously operation file when easily cause the data for first writing to lose Lose, all that has been achieved is spoiled for the work before being allowed to.Based on this, a kind of multi-process is now provided while operating same file, the write to file The method for carrying out security inspection, the method can add associated program, and the file operation to associated program equally carries out safety Property check, it is practical.
The content of the invention
The technical assignment of the present invention is to solve the deficiencies in the prior art, there is provided a kind of practical, multi-process is operated simultaneously The security method menu of same file.
The technical scheme is that what is realized in the following manner, a kind of multi-process operates the safety of same file simultaneously Property method, which implements process and is:
Between file kernel and application program, add a file security module, this document security module to cut by hook Each operation of user is obtained, further according to file operation main body and the corresponding operation of operation read-write mark, its specific operation process is:
1), user addition associated program, check read-write operation of the associated program to program;
2), associated program read file, file security module log file check information, source file is backed up and is given birth to Into mission bit stream, mission bit stream here includes reading process ID, source file path, temporary file path and the source file of file most Modification time afterwards;
3), associated program reading and writing of files, associated program carries out validation of information to source file when to file write data, Check that whether which was changed by other processes this operation is outer, i.e., the last modification time of file security module contrast source file with The last modification time for being recorded, and provide a user with warning;
4), task list safeguard that file security module starts safeguards that thread carries out real-time inspection to task list, creates dimension Shield thread, is constantly checked to entering list, the task to failing is cleared up, and task list described here is process ID correspondence The list of mission bit stream, i.e., each mission bit stream are all unique, and process ID, the source file road of operation file are recorded in the list The last modification time of footpath, temporary file path and source file.
The step 1)Detailed operation process be:
First, to application program itself, security inspection is carried out to the read-write of file kernel, and other programs are arranged to close Connection program, monitors associated program to the read-write of file and provides a user with safety warning;
2nd, after user submits the program for needing association to, the document that associated program write is specified is carried out physical store by system, Computer is again started up, system loads associated program automatically;
3rd, associated program is passed to file security module by system, and file security module safeguards an associated program chained list.
The step 2)Detailed process be:
A, file security module copy source file generate temporary file, and, before written document, user's is all for associated program Operation is carried out on temporary file;
B, record source file path, make user read to source file at any time and write data;
The file path of C, record temporary file;
D, record source file last modification time, is made with associated program written document when as file security verify Foundation, if the last modification time of source file and record Time Inconsistency, report to the police to user;
E, record read the process ID of file, and add the information recorded in step B, C, D, E by file security module To inside task list.
The step 3)Detailed process be
A, traversal associated program chained list, judge whether the corresponding program of write process is associated program;
B, the last modification time of reading source file and record time are contrasted;
C, the preserving type that file is carried out according to judged result prompting user, preserving type here refer to covering or another Deposit.
The step 4)Detailed process be:
A, startup task manager module;
B, contrast task list and system process;
Continue step b after c, deletion failure task, until failing in system for task is deleted completely.
The produced compared with prior art beneficial effect of the present invention is:
A kind of multi-process of the present invention operates the security method menu of same file to realize that user is carried out when writing automatically simultaneously Integrity checking alerts user;User is provided addition associated program function, makes associated program same when file write is carried out Automatically carry out File Integrity Checking and report to the police to user;It is practical, it is applied widely, it is easy to promote.
Description of the drawings
Associated program list schematic diagram of the accompanying drawing 1 for the present invention.
Addition associated program schematic diagram of the accompanying drawing 2 for the present invention.
Task list schematic diagram of the accompanying drawing 3 for the present invention.
Accompanying drawing 4 reads file schematic diagram for the associated program of the present invention.
Associated program reading and writing of files schematic diagram of the accompanying drawing 5 for the present invention.
Accompanying drawing 6 safeguards schematic diagram for the task list of the present invention.
Specific embodiment
Operate the security method menu work of same file following in detail simultaneously a kind of multi-process of the present invention below in conjunction with the accompanying drawings Describe in detail bright.
The present invention mentality of designing be:The characteristics of considering windows message mechanisms, using the message intercept mode of system, I.e. hook is intercepted, and judges whether file operation main body is associated program and action type, that is, read or written document, to file operation Main body is associated program and carries out the action of read operation and carry out mission bit stream record, and the mission bit stream addition of record is taken office In business information list.For the write operation of associated program, file security module can carry out file security verification before writing, right The operation that verification does not pass through is reported to the police to user;The basis of the present invention is that other programs are added in associated program list Face, carries out security inspection such that it is able to the operating writing-file to these associated programs, and certain method can also provide application layer File read-write function.Based on this mentality of designing, as shown in Figure 1, a kind of multi-process is now provided while operating the peace of same file Full property method, the method is in application layer user operation part and drives layer file security writing module to be partially completed.
Wherein apply layer segment, there is provided two functions of user, A, readable written document, B, associated program can be added.
Next to that kernel file security module, file security module controls the read-write operation of associated program, in associated program Read document stage record source file information and generate mission bit stream, and be added in task list, while an assignment file is safeguarded, Prevent task list accidental destruction;The associated program written document stage, when file security module can read the last modification of source file Between compare with the last modification time recorded by mission bit stream, if result is consistent, then associated program can be directly to source file Middle write data, if inconsistent, then file security module is notified that application program is reported to the police to the write operation of user.
Which implements process:
Between file kernel and application program, add a file security module, this document security module to cut by hook Each operation of user is obtained, further according to file operation main body and the corresponding operation of operation read-write mark, its specific operation process is:
1), user addition associated program, check read-write operation of the associated program to program, this step not only can to from Body, the read-write to file carry out security inspection, moreover it is possible to other programs are arranged to associated program, and can monitor associated program pair The read-write of file and provide a user with safety warning.
2), associated program read file, file security module log file check information, source file is backed up and is given birth to Into mission bit stream, mission bit stream here includes reading process ID, source file path, temporary file path and the source file of file most Modification time afterwards.
3), associated program reading and writing of files, associated program carries out validation of information to source file when to file write data, Check that whether which was changed by other processes this operation is outer, i.e., the last modification time of file security module contrast source file with The last modification time for being recorded, and provide a user with warning.
4), task list safeguard that file security module starts safeguards that thread carries out real-time inspection to task list, creates dimension Shield thread, is constantly checked to entering list, the task to failing is cleared up, and task list described here is process ID correspondence The list of mission bit stream, i.e., each mission bit stream are all unique, and process ID, the source file road of operation file are recorded in the list The last modification time of footpath, temporary file path and source file.
As shown in Figure 2, the step 1)Detailed operation process be:
First, to application program itself, security inspection is carried out to the read-write of file kernel, and other programs are arranged to close Connection program, monitors associated program to the read-write of file and provides a user with safety warning;
2nd, after user submits the program for needing association to, the document that associated program write is specified is carried out physical store by system, Computer is again started up, system loads associated program automatically;
3rd, associated program is passed to file security module by system, and file security module safeguards an associated program chained list.
As shown in accompanying drawing 3, Fig. 4, the step 2)Detailed process be:
A, file security module copy source file generate temporary file, and, before written document, user's is all for associated program Operation is carried out on temporary file;
B, record source file path, make user read to source file at any time and write data;
The file path of C, record temporary file;
D, record source file last modification time, is made with associated program written document when as file security verify Foundation, if the last modification time of source file and record Time Inconsistency, report to the police to user;
E, record read the process ID of file, and add the information recorded in step B, C, D, E by file security module To inside task list.
As shown in Figure 5, the step 3)Detailed process be
A, traversal associated program chained list, judge whether the corresponding program of write process is associated program;
B, the last modification time of reading source file and record time are contrasted;
C, the preserving type that file is carried out according to judged result prompting user, preserving type here refer to covering or another Deposit.
As shown in Figure 6, the step 4)Detailed process be:
A, startup task manager module;
B, contrast task list and system process;
Continue step b after c, deletion failure task, until failing in system for task is deleted completely.
Embodiment of above is merely to illustrate the present invention, and not limitation of the present invention, about the common of technical field Technical staff, without departing from the spirit and scope of the present invention, can also make a variety of changes and modification, therefore all The technical scheme of equivalent falls within scope of the invention, and the scope of patent protection of the present invention should be defined by the claims.

Claims (4)

1. a kind of multi-process simultaneously operates the security method menu of same file, it is characterised in which implements process and is:
Between file kernel and application program, add a file security module, this document security module to intercept and capture by hook and use Each operation at family, further according to file operation main body and the corresponding operation of operation read-write mark, its specific operation process is:
Step 1), user addition associated program, check read-write operation of the associated program to program;
The detailed operation process of the step is:
First, to application program itself, security inspection is carried out to the read-write of file kernel, and other programs are arranged to associate journey Sequence, monitors associated program to the read-write of file and provides a user with safety warning;
2nd, after user submits the program for needing association to, the document that associated program write is specified is carried out physical store by system, again Start computer, system loads associated program automatically;
3rd, associated program is passed to file security module by system, and file security module safeguards an associated program chained list;
Step 2), associated program read file, file security module log file check information, source file is backed up and is given birth to Into mission bit stream, mission bit stream here includes reading process ID, source file path, temporary file path and the source file of file most Modification time afterwards;
Step 3), associated program reading and writing of files, associated program carries out validation of information to source file when to file write data, Check that whether which was changed by other processes this operation is outer, i.e., the last modification time of file security module contrast source file with The last modification time for being recorded, and provide a user with warning;
Step 4), task list safeguard that file security module starts safeguards that thread carries out real-time inspection to task list, creates dimension Shield thread, is constantly checked to entering list, the task to failing is cleared up, and task list described here is process ID correspondence The list of mission bit stream, i.e., each mission bit stream are all unique, and process ID, the source file road of operation file are recorded in the list The last modification time of footpath, temporary file path and source file.
2. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterised in that:Institute State step 2)Detailed process be:
Step A, file security module copy source file generate temporary file, and, before written document, user's is all for associated program Operation is carried out on temporary file;
Step B, record source file path, make user read to source file at any time and write data;
The file path of step C, record temporary file;
Step D, record source file last modification time, is made with associated program written document when as file security verify Foundation, if the last modification time of source file and record Time Inconsistency, report to the police to user;
Step E, record read the process ID of file, and add the information recorded in step B, C, D, E by file security module To inside task list.
3. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterised in that:Institute State step 3)Detailed process be
A, traversal associated program chained list, judge whether the corresponding program of write process is associated program;
B, the last modification time of reading source file and record time are contrasted;
C, the preserving type that file is carried out according to judged result prompting user, preserving type here refer to covering or separately deposit.
4. a kind of multi-process according to claim 1 operates the security method menu of same file simultaneously, it is characterised in that:Institute State step 4)Detailed process be:
Step a, startup task manager module;
Step b, contrast task list and system process;
Continue step b after step c, deletion failure task, until failing in system for task is deleted completely.
CN201410278171.0A 2014-06-20 2014-06-20 A kind of multi-process operates the security method menu of same file simultaneously Active CN104021355B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410278171.0A CN104021355B (en) 2014-06-20 2014-06-20 A kind of multi-process operates the security method menu of same file simultaneously

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410278171.0A CN104021355B (en) 2014-06-20 2014-06-20 A kind of multi-process operates the security method menu of same file simultaneously

Publications (2)

Publication Number Publication Date
CN104021355A CN104021355A (en) 2014-09-03
CN104021355B true CN104021355B (en) 2017-03-29

Family

ID=51438102

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410278171.0A Active CN104021355B (en) 2014-06-20 2014-06-20 A kind of multi-process operates the security method menu of same file simultaneously

Country Status (1)

Country Link
CN (1) CN104021355B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106020909B (en) * 2016-06-01 2019-10-29 努比亚技术有限公司 The control device and method of application process
CN106776050B (en) * 2016-10-17 2019-12-17 广州视源电子科技股份有限公司 Multi-user process mutual exclusion method and device
CN110825708A (en) * 2019-09-23 2020-02-21 武汉智美互联科技有限公司 Multi-process file reading and writing method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1740978A (en) * 2004-08-23 2006-03-01 华为技术有限公司 Method for realing sharing internal stored data base and internal stored data base system
CN101382953A (en) * 2008-09-19 2009-03-11 中兴通讯股份有限公司 Interface system for accessing file system in user space and file reading and writing method
CN103631904A (en) * 2012-12-25 2014-03-12 卡巴斯基实验室封闭式股份公司 System and method for selecting synchronous or asynchronous file access method during antivirus analysis

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1740978A (en) * 2004-08-23 2006-03-01 华为技术有限公司 Method for realing sharing internal stored data base and internal stored data base system
CN101382953A (en) * 2008-09-19 2009-03-11 中兴通讯股份有限公司 Interface system for accessing file system in user space and file reading and writing method
CN103631904A (en) * 2012-12-25 2014-03-12 卡巴斯基实验室封闭式股份公司 System and method for selecting synchronous or asynchronous file access method during antivirus analysis

Also Published As

Publication number Publication date
CN104021355A (en) 2014-09-03

Similar Documents

Publication Publication Date Title
KR101035178B1 (en) Systems and methods for automatic maintenance and repair of entites in data model
CN109388538B (en) Kernel-based file operation behavior monitoring method and device
CN100489728C (en) Method for establishing trustable operational environment in a computer
CN104932965B (en) Object method for real-time monitoring and device
US20150113242A1 (en) Restricting access to sensitive data in system memory dumps
CN106716333B (en) Method for completing secure erase operation
CN104520820A (en) Function evaluation using lightweight process snapshots
CN106294162B (en) A kind of third party's component method for testing security based on data mining
CN103793288A (en) Software watchdog system and method
CN104021355B (en) A kind of multi-process operates the security method menu of same file simultaneously
CN102650944A (en) Operation system security bootstrap device and bootstrap device
KR102024053B1 (en) Behavior based real- time access control system and control method
CN104751062B (en) A kind of method and device improving operating system reliability
CN104268468A (en) Protecting method and system of dynamic link library of Android system
JP5319830B2 (en) Data protection method and computer apparatus
CN106096421A (en) TPM-based high-security host security protection system and method
CN101833496B (en) Detection device based on host anti-object reusability of hard disk and detection method thereof
CN103514405A (en) Method and system for detecting buffer overflow
US20130067238A1 (en) Security mechanism for developmental operating systems
CN102222189A (en) Method for protecting operating system
KR101563494B1 (en) Real-time source code security weaknesses detection apparatus and method according to the file changes
CN107403097A (en) A kind of core system software running guard method
KR101562109B1 (en) Forgery verification system by comaparing pixels of a screenshot
KR101306656B1 (en) Apparatus and method for providing dynamic analysis information of malignant code
CN104715175A (en) Computer system safety protection method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20180816

Address after: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong.

Patentee after: Shandong wave cloud Mdt InfoTech Ltd

Address before: 250014 1036 Shun Ya Road, hi tech Zone, Ji'nan, Shandong.

Patentee before: Langchao Electronic Information Industry Co., Ltd.

CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park

Patentee after: Inspur cloud Information Technology Co., Ltd

Address before: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong.

Patentee before: SHANDONG LANGCHAO YUNTOU INFORMATION TECHNOLOGY Co.,Ltd.