CN105550582B - Access the method and system of virtual disk - Google Patents
Access the method and system of virtual disk Download PDFInfo
- Publication number
- CN105550582B CN105550582B CN201510917440.8A CN201510917440A CN105550582B CN 105550582 B CN105550582 B CN 105550582B CN 201510917440 A CN201510917440 A CN 201510917440A CN 105550582 B CN105550582 B CN 105550582B
- Authority
- CN
- China
- Prior art keywords
- virtual disk
- file
- function
- api
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Abstract
The invention discloses a kind of method and system accessing virtual disk, wherein method includes:Star up engineering loads virtual disk module, drive of the registration corresponding to virtual disk path;The related api function of Intercept Interview virtual disk process so that system first handles the file operation analog function of virtual disk module when calling the api function;It returns in the handling result to API calls of analog function, and exports result parameter.By the above-mentioned means, the integrated of the present invention can normally access desired data, and process isolation is realized simultaneously, promote the safety of virtual disk.
Description
Technical field
The present invention relates to technical field of data security, more particularly, to a kind of method and system accessing virtual disk.
Background technology
In present project, an encrypted file is decrypted, Documents Comparison it is small can in memory directly into
Row is decrypted and stored in string memory;It is typically to be compressed into a file when in Documents Comparison, big and number of files is more
Then re-encrypt, be then during decryption directly they be put into a comparison hide and be not easy the file found by user
Underedge.Both methods is not that have cumbersome be exactly that safety is problematic for management.
Fig. 1 is the access process processing mode of routine in the prior art.Although virtual disk can preserve data, in safety
It is also faced with same problem in property.Since virtual disk is realized by driving layer IO to be written and read specified file
, by taking WINDOWS as an example, virtual disk needs to add an equipment, the drive of open disk in system, and all processes all may be used
To access the same virtual disk.Therefore, some important files can not be ensured with the safety of its data, Huo Zhewu
Method improves the safety threshold of data.Specifically, data are exposed under the corresponding disk of virtual drive, it is easy to are found and be visited
It asks, or even distorts;Process isolation cannot be carried out, all processes can access disk, and data are pacified after system infections virus
Ensure completely without method.
Invention content
The technical problem to be solved by the present invention is to:The new paragon for accessing virtual disk is provided, the peace of virtual disk is improved
Quan Xing.
In order to solve the above-mentioned technical problem, the technical solution adopted by the present invention is:A kind of side accessing virtual disk is provided
Method, including:
Star up engineering loads virtual disk module, drive of the registration corresponding to virtual disk path;
The related api function of Intercept Interview virtual disk process so that system is first handled when calling the api function
The file operation analog function of virtual disk module;
It returns in the handling result to API calls of analog function, and exports result parameter.
To solve the above problems, the present invention also provides a kind of systems accessing virtual disk, including:
Registration module is loaded, star up engineering is used for, loads virtual disk module, disk of the registration corresponding to virtual disk path
Symbol;
Intercept process module is used for the related api function of Intercept Interview virtual disk process so that system is described in calling
When api function, the file operation analog function of virtual disk module is first handled;
As a result output module for returning in the handling result to API calls to analog function, and exports result ginseng
Number.
The beneficial effects of the present invention are:It being different from the prior art, the present invention loads virtual disk module after starting, and
The related api function of Intercept Interview virtual disk process so that system is when calling, the file of priority processing virtual disk module
Operation simulation function, and export handling result.By the above-mentioned means, the integrated of the present invention can normally access desired data,
And process isolation is realized simultaneously, promote the safety of virtual disk.
Description of the drawings
Fig. 1 is the usual manner schematic diagram that prior art process accesses;
Fig. 2 is the flow diagram of the method for the present invention embodiment one;
Fig. 3 is the structure diagram of present system embodiment two;
Fig. 4 is using the flow diagram in the specific embodiment of the method for the present invention.
Specific implementation mode
To explain the technical content, the achieved purpose and the effect of the present invention in detail, below in conjunction with embodiment and coordinate attached
Figure is explained.
The design of most critical of the present invention is:A kind of virtual disk method realized based on application layer, is intercepted by API
Technology, API reorientations are carried out to disk access, drive are registered to virtual disk, by calling system API with where specified file
Desired data can be normally accessed in the path of self-defined drive, process.
Fig. 2 is please referred to, the embodiment of the present invention one provides a kind of method accessing virtual disk, including:
S1:Star up engineering loads virtual disk module, drive of the registration corresponding to virtual disk path;
S2:The related api function of Intercept Interview virtual disk process so that system is first located when calling the api function
Manage the file operation analog function of virtual disk module;
S3:It returns in the handling result to API calls of analog function, and exports result parameter.
The present invention is based on application layers come a kind of virtual disk method for realizing, by API Interception Technologies, to disk access into
Row API reorientations, process need not add hardware device to system, as long as caller is customized to virtual disk registration one
Drive, by calling system API, the path of self-defined drive, process can normally be accessed where specified file
Desired data.This is identical as the disc code principle of some drive is accessed in a program, but with based on driving layer realize void
Quasi- disk is different, and higher than driving layer virtual disk in terms of safety.
It should be understood that it is the function for intercepting API that API of the present invention, which intercepts function, and API calls
It is intercepted function.
Specifically, in the engineering of caller, by loading virtual disk module, drive, this disk are registered to virtual disk
The path of the corresponding virtual disk of symbol.
Wherein, step S2 is specially:
Obtain access process of the api function to virtual disk;
API intercepts function and judges whether access process accesses virtual disk;
If so, after the file operation analog function of processing virtual disk module, handling result is passed through into return value or ginseng
Number returns to caller;
Conversely, then directly being operated by API calls, that is, subsequent logic request is executed, and return result to tune
User.
Wherein, API calls are not operated, but directly return to numerical value or result.Because what it was operated is virtual magnetic
Disk, if being returned by API calls, program can operate local disk so as to cause mistake.
And in practical operation, API intercept function judge whether access process accesses virtual disk can be by following two kinds
Mode realizes, i.e.,
API intercepts function and judges whether access process accesses virtual disk by drive;Or
API intercepts function and judges whether access process accesses virtual disk by accessing the mark of file.
Wherein, before operation simulation function, virtual disk module creation storage space is needed, is used for the mark of storage file
Know, data information, storage space can be created that before program starts, or be carried out in other step operations;
And accordingly, handle virtual disk module file operation analog function the step of be specially:
When accessing file, accesses process and virtual disk path, API calls is specified to obtain file from file system
Storage location in disk, and return to corresponding mark;
It is identified by corresponding, the file system of virtual disk module obtains position of the file in virtual disk;
According to the data information of file and the file cursor location information of virtual disk module file system, reads or be written
Data.
And when returning the result, data can be obtained by calling the respective function of virtual disk module file system, and
Return to caller.
Specifically, after virtual disk module is loaded, the related api function of this process can be intercepted, with
For windows (other system principles are similar), by CreateFile, WriteFile, ReadFile etc. to disk operating
Correlation function intercepted so that system when calling these functions preferentially go processing virtual disk module file operation letter
Number.Intercepting function can first judge that the object accessed whether be virtual disk (in CreateFile is judged with drive, other
Function judges with other marks, such as handle.If it is operation virtual disk, then virtual disk data is handled;Otherwise
System API directly is submitted in operation.After having handled analog function, then return the result in the return value of system API, it is such as attached
Shown in figure.All API calls of disk operating are intercepted and simulated, the operation to disk can be controlled completely.It is right
For virtual disk module caller, to operating with the operation to physical disk without anything different for virtual disk.
When virtual disk module is loaded, virtual disk module can create storage space.When process specifies virtual disk
Path and when opening a file, function can be then back to first from the position found file in file system and stored in disk
The corresponding mark of document location, this mark are that file uniquely identifies (such as handle) in virtual disk.It is carried out to file
When read-write operation, the file system of virtual disk module can find the position where file with mark, and then basis will read number
According to length or to be written data and file system record file slider position, read or write-in data.Virtual disk mould
Block obtains data by calling the corresponding function of file system, and returns to caller.
By loading virtual disk module, this module becomes a submodule of this process, and in an operating system, process is
It is independent, it will not interfere with each other.Therefore, the interception principle of virtual disk is only effective to loading the process of virtual disk, to other
Process is invalid, that is, other processes have no right to access this virtual disk.The process for only loading this module can be with
The data of virtual disk are accessed, this characteristic greatly improves the safety of virtual disk.
Using API Interception Technologies, all disk operating are intercepted, and handling function is repositioned onto what the present invention was simulated
In function, the function of simulation again operates the file system on virtual disk memory space and returns result to system API.
Realization principle of the present invention is different from the virtual disk realized based on driving layer, and higher than driving layer virtual magnetic in terms of safety
Disk.
It should be understood that the present invention in addition to can be applicable in virtual disk, can also use following field:
Software security, by virtual disk module loading to suspicious process, all read-write operations are all to virtual magnetic
The operation of disk can prevent damage of the virus to system data;
Or for improving hardware security and hardware performance, if the memory space of virtual disk is memory, i.e. virtual memory
Disk can use in having the process frequently read and write to disk, improve the read-write efficiency of disk, improve hardware disk
Service life.
It is different from the prior art, the embodiment of the present invention one loads virtual disk module, and Intercept Interview virtual disk process
Related api function so that system is when calling, the file operation analog function of priority processing virtual disk module, and exports
Handling result.By the above-mentioned means, the integrated of the present invention can normally access desired data, and process isolation is realized simultaneously,
Promote the safety of virtual disk.
Accordingly, second embodiment of the present invention provides a kind of systems 100 accessing virtual disk, including:
Registration module 110 is loaded, star up engineering is used for, loads virtual disk module, registration corresponds to virtual disk path
Drive;
Intercept process module 120 is used for the related api function of Intercept Interview virtual disk process so that system is being called
When the api function, the file operation analog function of virtual disk module is first handled;
As a result output module 130 for returning in the handling result to API calls to analog function, and export knot
Fruit parameter.
Wherein, in a specific embodiment, the intercept process module 120 includes:
Process unit is obtained, for obtaining access process of the api function to virtual disk;
Judging unit is intercepted, intercepting function for API judges whether access process accesses virtual disk;
Analog processing unit, the file operation analog function for handling virtual disk module;
Normal processing unit executes subsequent logic for handling result to be returned to caller by return value or parameter
Request.
Wherein, the interception judging unit is specifically used for:
API intercepts function and judges whether access process accesses virtual disk by drive;Or
API intercepts function and judges whether access process accesses virtual disk by accessing the mark of file.
Wherein, in a specific example, virtual disk module needs to create storage space, is used for the mark of storage file
Know, data information;
And accordingly, intercept process unit is specifically used for:
When accessing file, the process that accesses specifies virtual disk path, and function intercepted system API is from file system
Storage location of the file in disk is obtained, and returns to corresponding mark;
It is identified by corresponding, the file system of virtual disk module obtains position of the file in virtual disk;
According to the data information of file and the file cursor location information of virtual disk module file system, reads or be written
Data.
Wherein, the result output module is additionally operable to:
Data are obtained by calling the respective function of virtual disk module file system, and return to caller.
Example the above is only the implementation of the present invention is not intended to limit the scope of the invention, every to utilize this hair
Equivalents made by bright specification and accompanying drawing content are applied directly or indirectly in relevant technical field, include similarly
In the scope of patent protection of the present invention.
Claims (6)
1. a kind of method accessing virtual disk, which is characterized in that including:
Star up engineering loads virtual disk module, drive of the registration corresponding to virtual disk path;
The related api function of Intercept Interview virtual disk process so that for system when calling the api function, first processing is virtual
The file operation analog function of disk module;
It returns in the handling result to API calls of analog function, and exports result parameter;Intercept Interview virtual disk into
The related api function of journey so that system first handles the file operation simulation of virtual disk module when calling the api function
The step of function includes:
Obtain access process of the api function to virtual disk;
API intercepts function and judges whether access process accesses virtual disk;
If so, after the file operation analog function of processing virtual disk module, handling result is returned by return value or parameter
Back to caller;
Conversely, then directly being operated by API calls, and subsequent logic request is executed, and returns result to caller;
Wherein, virtual disk module creation storage space, mark, data information for storage file;Wherein, virtual magnetic is handled
The step of file operation analog function of disk module is specially:
When accessing file, accesses process and virtual disk path, intercepted API calls is specified to be obtained from file system
Storage location of the file in disk, and return to corresponding mark;
It is identified by corresponding, the file system of virtual disk module obtains position of the file in virtual disk;
According to the data information of file and the file cursor location information of virtual disk module file system, number is read or is written
According to.
2. the method for accessing virtual disk according to claim 1, which is characterized in that
API intercepts function and judges whether access process accesses virtual disk by drive;Or
API intercepts function and judges whether access process accesses virtual disk by accessing the mark of file.
3. the method for accessing virtual disk according to claim 1, which is characterized in that return to the handling result to analog function
Into API calls, and the step of exporting result parameter is specially:
Data are obtained by calling the respective function of virtual disk module file system, and return to caller.
4. a kind of system accessing virtual disk, which is characterized in that including:
Registration module is loaded, star up engineering is used for, loads virtual disk module, drive of the registration corresponding to virtual disk path;
Intercept process module is used for the related api function of Intercept Interview virtual disk process so that system is calling the API
When function, the file operation analog function of virtual disk module is first handled;
As a result output module for returning in the handling result to API calls to analog function, and exports result parameter;
The intercept process module includes:
Process unit is obtained, for obtaining access process of the api function to virtual disk;
Judging unit is intercepted, intercepting function for API judges whether access process accesses virtual disk;
Analog processing unit, the file operation analog function for handling virtual disk module;
Normal processing unit executes subsequent logic request for handling result to be returned to caller by return value or parameter;
Wherein, virtual disk module creation storage space, mark, data information for storage file;
And the analog processing unit is specifically used for:
When accessing file, accesses process and virtual disk path, intercepted API calls is specified to be obtained from file system
Storage location of the file in disk, and return to corresponding mark;
It is identified by corresponding, the file system of virtual disk module obtains position of the file in virtual disk;
According to the data information of file and the file cursor location information of virtual disk module file system, number is read or is written
According to.
5. the system for accessing virtual disk according to claim 4, which is characterized in that the interception judging unit is specifically used
In:
API intercepts function and judges whether access process accesses virtual disk by drive;Or
API intercepts function and judges whether access process accesses virtual disk by accessing the mark of file.
6. the system for accessing virtual disk according to claim 4, which is characterized in that the result output module is additionally operable to:
Data are obtained by calling the respective function of virtual disk module file system, and return to caller.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510917440.8A CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
| PCT/CN2016/092813 WO2017096926A1 (en) | 2015-12-11 | 2016-08-02 | Method and system for accessing virtual magnetic disk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510917440.8A CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105550582A CN105550582A (en) | 2016-05-04 |
| CN105550582B true CN105550582B (en) | 2018-08-14 |
Family
ID=55829769
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510917440.8A Active CN105550582B (en) | 2015-12-11 | 2015-12-11 | Access the method and system of virtual disk |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105550582B (en) |
| WO (1) | WO2017096926A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105550582B (en) * | 2015-12-11 | 2018-08-14 | 福建联迪商用设备有限公司 | Access the method and system of virtual disk |
| CN105653980B (en) * | 2015-12-30 | 2019-06-11 | 福建联迪商用设备有限公司 | A kind of guard method and its system of virtual memory data |
| CN109240828B (en) * | 2018-08-27 | 2021-10-22 | 郑州云海信息技术有限公司 | Method and system for realizing support of large-scale disk by Windows drive letter |
| CN112784263B (en) * | 2019-11-08 | 2024-03-08 | 精品科技股份有限公司 | Bit-locked disk handler management system and method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1373424A (en) * | 2001-11-29 | 2002-10-09 | 上海格尔软件股份有限公司 | Virtual magnetic disk method under windows |
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| CN102073598A (en) * | 2010-12-28 | 2011-05-25 | 北京深思洛克软件技术股份有限公司 | Method and device for protecting disc data security |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5974549A (en) * | 1997-03-27 | 1999-10-26 | Soliton Ltd. | Security monitor |
| CN101853363B (en) * | 2010-05-07 | 2012-08-08 | 飞天诚信科技股份有限公司 | File protection method and system |
| CN101901313B (en) * | 2010-06-10 | 2013-12-18 | 中科方德软件有限公司 | Linux file protection system and method |
| CN102214127B (en) * | 2010-11-15 | 2013-01-09 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| CN102004886B (en) * | 2010-11-15 | 2012-07-25 | 上海安纵信息科技有限公司 | Data anti-leakage method based on operating system virtualization principle |
| CN105550582B (en) * | 2015-12-11 | 2018-08-14 | 福建联迪商用设备有限公司 | Access the method and system of virtual disk |
-
2015
- 2015-12-11 CN CN201510917440.8A patent/CN105550582B/en active Active
-
2016
- 2016-08-02 WO PCT/CN2016/092813 patent/WO2017096926A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1373424A (en) * | 2001-11-29 | 2002-10-09 | 上海格尔软件股份有限公司 | Virtual magnetic disk method under windows |
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| CN102073598A (en) * | 2010-12-28 | 2011-05-25 | 北京深思洛克软件技术股份有限公司 | Method and device for protecting disc data security |
Non-Patent Citations (2)
| Title |
|---|
| 基于映像文件的虚拟磁盘存储技术研究;夏良;《硅谷》;20110223;67 * |
| 电子文档安全存储关键技术研究;冷涛;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130215;6-19 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105550582A (en) | 2016-05-04 |
| WO2017096926A1 (en) | 2017-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8224796B1 (en) | Systems and methods for preventing data loss on external devices | |
| US8429745B1 (en) | Systems and methods for data loss prevention on mobile computing systems | |
| CN107480527B (en) | Lesso software prevention method and system | |
| CN106796634B (en) | Code pointer verification for hardware flow control | |
| US9576147B1 (en) | Security policy application through data tagging | |
| US7600231B2 (en) | Control method for controlling an application program | |
| CN105550582B (en) | Access the method and system of virtual disk | |
| CN107808094A (en) | The system and method for detecting the malicious code in file | |
| US9171178B1 (en) | Systems and methods for optimizing security controls for virtual data centers | |
| US9027078B1 (en) | Systems and methods for enforcing data loss prevention policies on sandboxed applications | |
| CN110135151B (en) | Trusted computing implementation system and method based on matching of LSM and system call interception | |
| CN105447397A (en) | File security level identification method based on kernel module | |
| WO2016206393A1 (en) | Method and apparatus for managing application and method and apparatus for implementing read-write operation | |
| US9659156B1 (en) | Systems and methods for protecting virtual machine program code | |
| US7484239B1 (en) | Detecting heap and stack execution in the operating system using regions | |
| CN108985096B (en) | Security enhancement and security operation method and device for Android SQLite database | |
| CN114491607A (en) | Cloud platform data processing method and device, computer equipment and storage medium | |
| US20140258720A1 (en) | Systems and methods for transparent per-file encryption and decryption via metadata identification | |
| KR101227187B1 (en) | Output control system and method for the data in the secure zone | |
| US20160092313A1 (en) | Application Copy Counting Using Snapshot Backups For Licensing | |
| CN103440465B (en) | A kind of mobile memory medium method of controlling security | |
| US20110145596A1 (en) | Secure Data Handling In A Computer System | |
| US7281271B1 (en) | Exception handling validation system and method | |
| RU2467389C1 (en) | Method of protecting software and dataware from unauthorised use | |
| CN112148709A (en) | Data migration method, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |