CN105550582A - Method and system for accessing to virtual disk - Google Patents
Method and system for accessing to virtual disk Download PDFInfo
- Publication number
- CN105550582A CN105550582A CN201510917440.8A CN201510917440A CN105550582A CN 105550582 A CN105550582 A CN 105550582A CN 201510917440 A CN201510917440 A CN 201510917440A CN 105550582 A CN105550582 A CN 105550582A
- Authority
- CN
- China
- Prior art keywords
- virtual disk
- file
- function
- api
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and system for accessing to a virtual disk. The method comprises the following steps: starting a project, loading a virtual disk module, and registering a drive corresponding to a virtual disk path; intercepting to access an API function related to a virtual disk process to ensure that the system firstly process a file operation analogue function of the virtual disk module when calling the API function; and returning the analogue function processing result to a system API function and outputting result parameters. Through the manner, the data required for normal access can be integrated and process isolation can be realized at the same time, so that the safety of the virtual disk is improved.
Description
Technical field
The present invention relates to technical field of data security, especially relate to a kind of method and system of accesses virtual disk.
Background technology
In present project, be decrypted the file of an encryption, Documents Comparison is little can be directly decrypted and be stored in string memory in internal memory; When Documents Comparison is large and number of files is many, is normally compressed into a file and then encrypts, be then directly they are put into one relatively to hide and in the file not easily found by user in the process of deciphering.These two kinds of methods are not that to have cumbersome be exactly that security has problem in management.
Fig. 1 is access process processing mode conventional in prior art.Although virtual disk can preserve data, security is also faced with same problem.Because virtual disk realizes by driving layer IO to read and write the file of specifying, for WINDOWS, virtual disk needs to add an equipment in system, and the drive of open disk, all processes can access same virtual disk.Therefore, the security of its data cannot be ensured for some important files, or the security threshold of data cannot be improved.Particularly, data are easy to be found and access, even distorting under being exposed to disk corresponding to virtual drive; Can not carry out process isolation, all processes can access disk, and after system infections virus, data security cannot ensure.
Summary of the invention
Technical matters to be solved by this invention is: the new paragon providing accesses virtual disk, improves the security of virtual disk.
In order to solve the problems of the technologies described above, the technical solution used in the present invention is: a kind of method providing accesses virtual disk, comprising:
Star up engineering, loads virtual disk module, and registration corresponds to the drive in virtual disk path;
The api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
Return to the result of analog function in API calls, and Output rusults parameter.
For solving the problem, the present invention also provides a kind of system of accesses virtual disk, comprising:
Load Registering modules, for star up engineering, load virtual disk module, registration corresponds to the drive in virtual disk path;
Intercept process module, for the api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
Result output module, for returning to the result of analog function in API calls, and Output rusults parameter.
Beneficial effect of the present invention is: be different from prior art, namely virtual disk module is loaded after the present invention starts, and the api function that Intercept Interview virtual disk process is relevant, the system being is when calling, the file operation analog function of priority processing virtual disk module, and output processing result.By the way, of the present inventionly integratedly can normally access desired data, and implementation process isolation simultaneously, promote the security of virtual disk.
Accompanying drawing explanation
Fig. 1 is the usual manner schematic diagram of prior art process access;
Fig. 2 is the schematic flow sheet of the inventive method embodiment one;
Fig. 3 is the structured flowchart of present system embodiment two;
Fig. 4 is the schematic flow sheet in the specific embodiment of application the inventive method.
Embodiment
By describing technology contents of the present invention in detail, realized object and effect, accompanying drawing is coordinated to be explained below in conjunction with embodiment.
The design of most critical of the present invention is: a kind of virtual disk method realized based on application layer, by API Interception Technology, API reorientation is carried out to disk access, to virtual disk registration drive, by calling system API with the path of the self-defined drive in specified file place, process just can have access to desired data normally.
Please refer to Fig. 1, the embodiment of the present invention one provides a kind of method of accesses virtual disk, comprising:
S1: star up engineering, loads virtual disk module, and registration corresponds to the drive in virtual disk path;
S2: the api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
S3: return to the result of analog function in API calls, and Output rusults parameter.
A kind of virtual disk method that the present invention is based on application layer to realize, by API Interception Technology, API reorientation is carried out to disk access, process does not need to add hardware device to system, as long as caller registers a self-defining drive to virtual disk, by calling system API, the path of the self-defined drive in specified file place, process just can have access to desired data normally.This is identical with the disc code principle of accessing certain drive in a program, but different from based on the virtual disk driving layer to realize, and higher than driving layer virtual disk in security.
Should be understood that, API interception function of the present invention is the function for tackling API, and API calls is the function be blocked.
Particularly, in the engineering of caller, by loading virtual disk module, to virtual disk registration drive, the path of the corresponding virtual disk of this drive.
Wherein, step S2 is specially:
Obtain api function to the access process of virtual disk;
API tackles function and judges access process whether accesses virtual disk;
If so, after then processing the file operation analog function of virtual disk module, result is returned to caller by rreturn value or parameter;
Otherwise, then directly to be operated by API calls, namely perform subsequent logic request, and result is returned to caller.
Wherein, API calls is not operated, but directly returns numerical value or result.Because its operation is virtual disk, if returned by API calls, program can operate local disk thus cause mistake.
And when practical operation, API tackles function and judges whether accesses virtual disk realizes by following two kinds of modes access process, namely
API tackles function and judges access process whether accesses virtual disk by drive; Or
API tackles function and judges access process whether accesses virtual disk by the mark of access file.
Wherein, before operation simulation function, need virtual disk module creation storage area, for mark, the data message of storage file, storage area just can create before program starts, or carries out when other steps operate;
And accordingly, the step of the file operation analog function of process virtual disk module is specially:
When access file, access process specifies virtual disk path, and API calls obtains the memory location of file in disk from file system, and returns corresponding mark;
Identified by correspondence, the file system of virtual disk module obtains the position of file in virtual disk;
According to the data message of file and the file cursor location information of virtual disk module file system, read or write data.
And when returning results, by calling the respective function of virtual disk module file system to obtain data, and return to caller.
Particularly, after virtual disk module is loaded, can tackle the relevant api function of this process, for windows (other system principle is similar), by tackling the related function of disk operating CreateFile, WriteFile, ReadFile etc., system is made preferentially to remove to process the file manipulation function of virtual disk module when calling these functions.Interception function first can judge that whether the object of accessing is that virtual disk (is judge with drive at CreateFile, judges, as handle at other function with other mark.If operation virtual disk, then virtual disk data is processed; Otherwise directly system API is submitted in operation.After processing analog function, then result is turned back in the rreturn value of system API, as shown in drawings.All API calls of disk operating are tackled and simulated, the operation to disk can be controlled completely.For virtual disk module caller, the operation to virtual disk does not have anything different with the operation to physical disk.
When virtual disk module is loaded, virtual disk module can create storage area.When process specifies virtual disk path when opening a file, the position that function can first find file to deposit in disk from file system, then the mark that backspace file position is corresponding, this mark is the mark (such as handle) unique in virtual disk of file.When carrying out read-write operation to file, the file system of virtual disk module can find the position at file place, the file slider position of the data that the length that then basis will read data maybe will write and file system record by mark, read or write data.Virtual disk module obtains data by the corresponding function calling file system, and returns to caller.
By loading virtual disk module, this module becomes a submodule of process for this reason, and in an operating system, process is independently, can not interfere with each other.Therefore, the interception principle of virtual disk is only effective to the process loading virtual disk, and be invalid to other process, namely other process haves no right to access this virtual disk.Only have the process loading this module can the data of accesses virtual disk, this characteristic improves the security of virtual disk greatly.
Utilize API Interception Technology, tackle all disk operating, and be repositioned onto by handling function in the function that the present invention simulates, the function of simulation operates the file system on virtual disk storage space and returns results to system API.It is different from based on the virtual disk driving layer to realize that the present invention realizes principle, and higher than driving layer virtual disk in security.
Should be understood that, the present invention, except can be applicable in virtual disk, can also use following field:
Software security, by virtual disk module loading in suspicious process, all read-write operations are all the operations to virtual disk, can prevent the damage of virus to system data;
Or for improving hardware security and hardware performance, if the storage space of virtual disk is internal memory, i.e. virtual memory disk, can be used in and have in the process of carrying out frequent read-write disk, improve the read-write efficiency of disk, improve the serviceable life of hardware disk.
Be different from prior art, the embodiment of the present invention one loads virtual disk module, and the api function that Intercept Interview virtual disk process is relevant, the system being when calling, the file operation analog function of priority processing virtual disk module, and output processing result.By the way, of the present inventionly integratedly can normally access desired data, and implementation process isolation simultaneously, promote the security of virtual disk.
Accordingly, the embodiment of the present invention two provides a kind of system 100 of accesses virtual disk, comprising:
Load Registering modules 110, for star up engineering, load virtual disk module, registration corresponds to the drive in virtual disk path;
Intercept process module 120, for the api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
Result output module 130, for returning to the result of analog function in API calls, and Output rusults parameter.
Wherein, in a specific embodiment, described intercept process module 120 comprises:
Obtain process unit, for obtaining the access process of api function to virtual disk;
Interception judging unit, tackles function for API and judges access process whether accesses virtual disk;
Analog processing unit, for the treatment of the file operation analog function of virtual disk module;
Normal process unit, for result is returned to caller by rreturn value or parameter, performs subsequent logic request.
Wherein, described interception judging unit specifically for:
API tackles function and judges access process whether accesses virtual disk by drive; Or
API tackles function and judges access process whether accesses virtual disk by the mark of access file.
Wherein, in a concrete example, virtual disk module needs to create storage area, for mark, the data message of storage file;
And accordingly, intercept process unit specifically for:
When access file, access process specifies virtual disk path, and the function that system API is blocked obtains the memory location of file in disk from file system, and returns corresponding mark;
Identified by correspondence, the file system of virtual disk module obtains the position of file in virtual disk;
According to the data message of file and the file cursor location information of virtual disk module file system, read or write data.
Wherein, described result output module also for:
Obtain data by the respective function calling virtual disk module file system, and return to caller.
The foregoing is only embodiments of the invention; not thereby the scope of the claims of the present invention is limited; every equivalents utilizing instructions of the present invention and accompanying drawing content to do, or be directly or indirectly used in relevant technical field, be all in like manner included in scope of patent protection of the present invention.
Claims (10)
1. a method for accesses virtual disk, is characterized in that, comprising:
Star up engineering, loads virtual disk module, and registration corresponds to the drive in virtual disk path;
The api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
Return to the result of analog function in API calls, and Output rusults parameter.
2. the method for accesses virtual disk according to claim 1, is characterized in that, the api function that Intercept Interview virtual disk process is relevant, making system when calling described api function, and the step first processing the file operation analog function of virtual disk module comprises:
Obtain api function to the access process of virtual disk;
API tackles function and judges access process whether accesses virtual disk;
If so, after then processing the file operation analog function of virtual disk module, result is returned to caller by rreturn value or parameter;
Otherwise, then directly to be operated by API calls, and perform subsequent logic request, and result is returned to caller.
3. the method for accesses virtual disk according to claim 2, is characterized in that,
API tackles function and judges access process whether accesses virtual disk by drive; Or
API tackles function and judges access process whether accesses virtual disk by the mark of access file.
4. the method for accesses virtual disk according to claim 2, is characterized in that, virtual disk module creation storage area, for mark, the data message of storage file; Wherein, the step processing the file operation analog function of virtual disk module is specially:
When access file, access process specifies virtual disk path, and the function that system API is blocked obtains the memory location of file in disk from file system, and returns corresponding mark;
Identified by correspondence, the file system of virtual disk module obtains the position of file in virtual disk;
According to the data message of file and the file cursor location information of virtual disk module file system, read or write data.
5. the method for accesses virtual disk according to claim 1, is characterized in that, return to the result of analog function in API calls, and the step of Output rusults parameter is specially:
Obtain data by the respective function calling virtual disk module file system, and return to caller.
6. a system for accesses virtual disk, is characterized in that, comprising:
Load Registering modules, for star up engineering, load virtual disk module, registration corresponds to the drive in virtual disk path;
Intercept process module, for the api function that Intercept Interview virtual disk process is relevant, makes system when calling described api function, first processes the file operation analog function of virtual disk module;
Result output module, for returning to the result of analog function in API calls, and Output rusults parameter.
7. the system of accesses virtual disk according to claim 6, it is characterized in that, described intercept process module comprises:
Obtain process unit, for obtaining the access process of api function to virtual disk;
Interception judging unit, tackles function for API and judges access process whether accesses virtual disk;
Analog processing unit, for the treatment of the file operation analog function of virtual disk module;
Normal process unit, for result is returned to caller by rreturn value or parameter, performs subsequent logic request.
8. the system of accesses virtual disk according to claim 6, is characterized in that, described interception judging unit specifically for:
API tackles function and judges access process whether accesses virtual disk by drive; Or
API tackles function and judges access process whether accesses virtual disk by the mark of access file.
9. the system of accesses virtual disk according to claim 7, is characterized in that, virtual disk module creation storage area, for mark, the data message of storage file;
And, described intercept process unit specifically for:
When access file, access process specifies virtual disk path, and the function that system API is blocked obtains the memory location of file in disk from file system, and returns corresponding mark;
Identified by correspondence, the file system of virtual disk module obtains the position of file in virtual disk;
According to the data message of file and the file cursor location information of virtual disk module file system, read or write data.
10. the system of accesses virtual disk according to claim 6, is characterized in that, described result output module also for:
Obtain data by the respective function calling virtual disk module file system, and return to caller.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510917440.8A CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
| PCT/CN2016/092813 WO2017096926A1 (en) | 2015-12-11 | 2016-08-02 | Method and system for accessing virtual magnetic disk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510917440.8A CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105550582A true CN105550582A (en) | 2016-05-04 |
| CN105550582B CN105550582B (en) | 2018-08-14 |
Family
ID=55829769
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510917440.8A Active CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105550582B (en) |
| WO (1) | WO2017096926A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017096926A1 (en) * | 2015-12-11 | 2017-06-15 | 福建联迪商用设备有限公司 | Method and system for accessing virtual magnetic disk |
| WO2017113781A1 (en) * | 2015-12-30 | 2017-07-06 | 福建联迪商用设备有限公司 | Virtual memory data protection method and system |
| CN109240828A (en) * | 2018-08-27 | 2019-01-18 | 郑州云海信息技术有限公司 | Realize that Windows drive supports the method and system of extensive disk |
| CN112784263A (en) * | 2019-11-08 | 2021-05-11 | 精品科技股份有限公司 | Bit lock disk processing program management system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1373424A (en) * | 2001-11-29 | 2002-10-09 | 上海格尔软件股份有限公司 | Virtual magnetic disk method under windows |
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| CN102073598A (en) * | 2010-12-28 | 2011-05-25 | 北京深思洛克软件技术股份有限公司 | Method and device for protecting disc data security |
| US20130080773A1 (en) * | 2010-05-07 | 2013-03-28 | Zhuo Lu | File protecting method and a system therefor |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5974549A (en) * | 1997-03-27 | 1999-10-26 | Soliton Ltd. | Security monitor |
| CN101901313B (en) * | 2010-06-10 | 2013-12-18 | 中科方德软件有限公司 | Linux file protection system and method |
| CN102214127B (en) * | 2010-11-15 | 2013-01-09 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| CN102004886B (en) * | 2010-11-15 | 2012-07-25 | 上海安纵信息科技有限公司 | Data anti-leakage method based on operating system virtualization principle |
| CN105550582B (en) * | 2015-12-11 | 2018-08-14 | 福建联迪商用设备有限公司 | Access the method and system of virtual disk |
-
2015
- 2015-12-11 CN CN201510917440.8A patent/CN105550582B/en active Active
-
2016
- 2016-08-02 WO PCT/CN2016/092813 patent/WO2017096926A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1373424A (en) * | 2001-11-29 | 2002-10-09 | 上海格尔软件股份有限公司 | Virtual magnetic disk method under windows |
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| US20130080773A1 (en) * | 2010-05-07 | 2013-03-28 | Zhuo Lu | File protecting method and a system therefor |
| CN102073598A (en) * | 2010-12-28 | 2011-05-25 | 北京深思洛克软件技术股份有限公司 | Method and device for protecting disc data security |
Non-Patent Citations (2)
| Title |
|---|
| 冷涛: "电子文档安全存储关键技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
| 夏良: "基于映像文件的虚拟磁盘存储技术研究", 《硅谷》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017096926A1 (en) * | 2015-12-11 | 2017-06-15 | 福建联迪商用设备有限公司 | Method and system for accessing virtual magnetic disk |
| WO2017113781A1 (en) * | 2015-12-30 | 2017-07-06 | 福建联迪商用设备有限公司 | Virtual memory data protection method and system |
| CN109240828A (en) * | 2018-08-27 | 2019-01-18 | 郑州云海信息技术有限公司 | Realize that Windows drive supports the method and system of extensive disk |
| CN109240828B (en) * | 2018-08-27 | 2021-10-22 | 郑州云海信息技术有限公司 | Method and system for realizing support of large-scale disk by Windows drive letter |
| CN112784263A (en) * | 2019-11-08 | 2021-05-11 | 精品科技股份有限公司 | Bit lock disk processing program management system and method |
| CN112784263B (en) * | 2019-11-08 | 2024-03-08 | 精品科技股份有限公司 | Bit-locked disk handler management system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017096926A1 (en) | 2017-06-15 |
| CN105550582B (en) | 2018-08-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107480527B (en) | Lesso software prevention method and system | |
| US8429745B1 (en) | Systems and methods for data loss prevention on mobile computing systems | |
| EP3123311B1 (en) | Malicious code protection for computer systems based on process modification | |
| US11741253B2 (en) | Operating system service sanitization of data associated with sensitive information | |
| US8224796B1 (en) | Systems and methods for preventing data loss on external devices | |
| CN102004886B (en) | Data anti-leakage method based on operating system virtualization principle | |
| CN105550582A (en) | Method and system for accessing to virtual disk | |
| GB2499277A (en) | Checking write access to shared resources in a multithreaded processor | |
| US20210089684A1 (en) | Controlled access to data stored in a secure partition | |
| US9158710B2 (en) | Page coloring with color inheritance for memory pages | |
| CN109753347B (en) | System and method for realizing driving | |
| US9003533B1 (en) | Systems and methods for detecting malware | |
| US7484239B1 (en) | Detecting heap and stack execution in the operating system using regions | |
| CN106326733A (en) | Method and apparatus for managing applications in mobile terminal | |
| US7281271B1 (en) | Exception handling validation system and method | |
| RU2467389C1 (en) | Method of protecting software and dataware from unauthorised use | |
| US20140258720A1 (en) | Systems and methods for transparent per-file encryption and decryption via metadata identification | |
| CN117235735A (en) | Main and customer security access control method and system of trusted DCS controller system | |
| CN102737198B (en) | Object protection method and device | |
| CN110298175A (en) | A kind of processing method and relevant apparatus of dll file | |
| CN103051608B (en) | A kind of method and apparatus of movable equipment access monitoring | |
| US8788785B1 (en) | Systems and methods for preventing heap-spray attacks | |
| CN115587377A (en) | Confidential document data protection system and method based on shear plate | |
| CN101833485B (en) | System protection method based on snapshot | |
| US9916441B2 (en) | Mobile device and monitoring method adaptable to mobile device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |