CN109214172B - Method and device for acquiring key value name of valid registry - Google Patents

Method and device for acquiring key value name of valid registry Download PDF

Info

Publication number
CN109214172B
CN109214172B CN201811103783.0A CN201811103783A CN109214172B CN 109214172 B CN109214172 B CN 109214172B CN 201811103783 A CN201811103783 A CN 201811103783A CN 109214172 B CN109214172 B CN 109214172B
Authority
CN
China
Prior art keywords
name
effective
node
host
attribute content
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811103783.0A
Other languages
Chinese (zh)
Other versions
CN109214172A (en
Inventor
王唯融
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201811103783.0A priority Critical patent/CN109214172B/en
Publication of CN109214172A publication Critical patent/CN109214172A/en
Application granted granted Critical
Publication of CN109214172B publication Critical patent/CN109214172B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application discloses a method and a device for obtaining key value names of valid registries, which are used for presetting a method for reading the key value names of the valid registries aiming at ADML (address translation markup language) type security baseline items and quickening the speed of reading the key value names of the valid registries. The method of the embodiment of the application is stored in an Active Directory Management Language (ADML) type security baseline project and comprises the following steps: the host loads the data of the extensible markup language XML in the ADML type safety baseline project into a memory; the host judges whether the attribute content of the first effective name exists in the strategy node of the XML data or not; if yes, the host reads the attribute content of the first effective name; and the host computer determines the attribute content of the first effective name as the key value name of the effective registry.

Description

Method and device for acquiring key value name of valid registry
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for obtaining a key name of a valid registry.
Background
The safety baseline is used for checking whether each safety configuration parameter in the Microsoft system meets the system check standard in order to meet the safety specification requirement of the Microsoft safety system, and the safety baseline also has the function of repairing the system. The security baseline exists in the form of a knowledge base, which typically includes a plurality of items, which may also be referred to as files, or put another way, a security baseline knowledge base securely stores a set of files for the method of checking and repairing the microsoft system. When a large number of Active Directory Management Language (ADML) type security baseline items exist in microsoft official security baselines, when checking whether the ADML type security baseline meets the security specification requirement of the security system, usually, a host loads extensible markup language (XML) data in the ADML type security baseline items into a memory, and then checks the ADML type security baseline items through a security baseline checking program developed by microsoft officials, the checking method is to acquire attribute contents of valid names from the XML data in the ADML type security baseline items, take the attribute contents of the valid names as valid registry key values, and the host can check the ADML type security baseline items through the valid registry key values to judge whether the security baseline meets the security specification requirement of the microsoft security system. The security baseline check program reads the valid key name used as a check and also reads the data of the commonly used settings.
However, there are many common setting items in the ADML-type security baseline items, and these common setting items refer to a baseline item with a high frequency of use, for example, a baseline item named "maximum log size". Since the files (i.e. items) in the security baseline repository are generally used by microsoft systems themselves and microsoft accessory software written by microsoft corporation, the extensible markup language (XML) data structure of the commonly used setting items (i.e. commonly used setting files) in these security baseline repositories is extremely complex, when the security baseline check program developed by microsoft officials reads XML data in the ADML type security baseline item, a large amount of system resources are consumed due to the simultaneous reading of the data of the commonly used setting items, and the host runs at a slow speed.
Disclosure of Invention
The embodiment of the application provides a method and a device for obtaining key value names of valid registries, which can preset a method for reading the key value names of the valid registries aiming at ADML (address translation markup language) type security baseline items and accelerate the speed of reading the key value names of the valid registries.
The embodiment of the application provides a method for obtaining a key value name of an effective registry, wherein the key value name of the effective registry is stored in an ADML (address translation markup language) type security baseline item, and the method comprises the following steps:
the host loads XML data in the ADML type security baseline project into a memory;
the host judges whether attribute content of a first valid name (value name) exists in a policy (policy) node of the XML data, wherein the policy node is used for describing specific authorized content;
if yes, the host reads the attribute content of the first effective name;
and the host computer determines the attribute content of the first effective name as the key value name of the effective registry.
Optionally, after the host determines whether the attribute content of the first effective name exists in the policy node of the XML data, the method further includes:
if not, the host reads a first lower-layer node of the strategy node;
the host judges whether element nodes exist in the first lower-layer nodes or not, wherein the element nodes are used for describing relevant attributes of element states;
if yes, the host reads a second lower layer node of the element node;
the host computer judges whether a text node exists in the second lower layer node, wherein the text node is used for displaying character contents on a webpage;
if not, the host reads the attribute content of the second effective name in the second lower-layer node;
and the host computer determines the attribute content of the second effective name as the key value name of the effective registry.
Optionally, after the host determines whether a text node exists in the second lower layer node, the method further includes:
if yes, the host judges whether a field of a third effective name exists in the text node;
if yes, the host reads the attribute content of the third effective name;
and the host computer determines the attribute content of the third effective name as the key value name of the effective registry.
Optionally, after the host determines whether a field of a third valid name exists in the text node, the method further includes:
if not, the host assigns the attribute content of the third effective name to a null value;
the host determines that the null value is the valid registry key name.
The embodiment of the present application provides an apparatus for obtaining a key-value name of a valid registry, where the key-value name of the valid registry is stored in an ADML-type security baseline entry, and the apparatus includes:
the loading unit is used for loading XML data in the ADML type security baseline item into a memory;
the first judging unit is used for judging whether attribute content of a first effective name exists in a strategy node of the XML data, and the strategy node is used for describing specific authorized content;
a first reading unit, configured to read attribute content of the first effective name when it is determined that the attribute content of the first effective name exists in a policy node of the XML data;
a first determining unit, configured to determine that the attribute content of the first valid name is the valid registry key name.
The apparatus for obtaining a key name of a valid registry further comprises:
a second reading unit, configured to read a first lower-level node of a policy node of the XML data when it is determined that there is no attribute content of the first effective name in the policy node;
a second determining unit, configured to determine whether an element node exists in the first lower node, where the element node is used to describe a correlation attribute of an element state;
a third reading unit, configured to read a second lower-layer node of the element nodes when it is determined that the element nodes exist in the first lower-layer node;
a third judging unit, configured to judge whether a text node exists in the second lower-layer node, where the text node is used to display text content on a web page;
a fourth reading unit, configured to read attribute content of a second effective name in the second lower-layer node when it is determined that a text node exists in the second lower-layer node;
a second determining unit, configured to determine that the attribute content of the second valid name is the valid registry key name;
a fourth judging unit, configured to, when it is determined that a text node exists in the second lower-layer node, judge whether a field of a third effective name exists in the text node;
the fifth reading unit is used for reading the attribute content of the third effective name when the field of the third effective name exists in the text node;
a third determining unit, configured to determine that the attribute content of the third effective name is the key value name of the effective registry;
the assignment unit is used for assigning the attribute content of the third effective name to a null value when the text node is determined to have no field of the third effective name;
a fourth determining unit, configured to determine that the null value is the valid registry key name.
The embodiment of the application provides a device for acquiring a key value name of a valid registry, and the device has the function of realizing the device behavior for acquiring the key value name of the valid registry in the method for acquiring the key value name of the valid registry. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above.
An embodiment of the present application provides a computer storage medium, where the computer storage medium is used to store computer software instructions for the apparatus for obtaining valid registry key names, and the computer storage medium includes a program designed to execute the apparatus for obtaining valid registry key names.
The embodiment of the application provides a computer program product, which comprises a computer software instruction, wherein the computer software instruction can be loaded through a processor to realize the flow of the method for acquiring the key value name of the effective registry.
According to the technical scheme, the embodiment of the application has the following advantages: after the host loads the data of the extensible markup language XML in the ADML type security baseline item into the memory, if the host determines that the attribute contents of the first effective name exist in the policy node of the XML data, the host reads the attribute contents of the first effective name, and determining the attribute content of the first effective name as an effective registry key value name, so that the host can check whether the ADML type security baseline meets the security specification requirements of the Microsoft security system by using the effective registry key value name, and according to the content, when the host writes security baseline check program check software developed by non-Microsoft officers, the above-described method of obtaining valid registry key names can be set for ADML repository items in microsoft official security baseline repository, by the steps and the method, the reading of the required key data, namely the valid registry key value name, can be accelerated.
Drawings
Fig. 1 is a schematic diagram of an embodiment of a method for obtaining key-value names of valid registries in the embodiment of the present application;
fig. 2 is a schematic diagram of another embodiment of a method for obtaining key names of valid registries in the embodiment of the present application;
fig. 3 is a schematic diagram of an embodiment of an apparatus for obtaining a key name of a valid registry in an embodiment of the present application;
fig. 4 is a schematic diagram of another embodiment of an apparatus for obtaining a valid registry key name in the embodiment of the present application.
Detailed Description
The embodiment of the application provides a method and a device for obtaining key value names of valid registries, which are used for presetting a method for reading the key value names of the valid registries aiming at ADML (address translation markup language) type security baseline items and quickening the speed of reading the key value names of the valid registries.
Referring to fig. 1, fig. 1 is a schematic view of an embodiment of a method for obtaining key-value names of a valid registry in the embodiment of the present application, where the embodiment of the method for obtaining key-value names of a valid registry in the embodiment of the present application includes:
101. the host loads XML data in the ADML type security baseline project into the memory;
in this embodiment, when writing security baseline check program check software developed by non-microsoft officials, in order to quickly extract a valid registry key name in an ADML type security baseline item, the host may first load XML data of the ADML type security baseline item into the memory.
102. The host judges whether the attribute content of the first effective name exists in the strategy node of the XML data;
in this embodiment, after reading the XML data in the ADML-type security baseline item, the host may determine whether the attribute content of the first valid name (value name) exists in the policy (policy) node of the XML data. It should be noted that the XML data of each ADML-type security baseline item is composed of multiple layers of data, the functions implemented by each layer of data are different, and the policy node is used for describing the specific content of the authorization.
If yes, go to step 103.
103. The host reads the attribute content of the first effective name;
in this embodiment, when the host determines that the attribute content of the first effective name exists in the policy node of the XML data, the attribute content of the first effective name is read.
104. The host computer determines the attribute content of the first valid name as a valid registry key name.
In this embodiment, after reading the attribute content of the first effective name, the host determines that the attribute content of the first effective name is a key name of the effective registry.
It should be noted that, in the embodiment of the present application, XML data is read for an ADML type security baseline item of a single entry, and if the ADML type security baseline item needs to be handled in batch, steps 101 to 104 in the embodiment may be executed in a loop to obtain a valid registry key name, where the valid registry key name is key data that needs to be called by a host.
In the embodiment of the application, after the host reads XML data in an ADML type security baseline item, if the host determines that the attribute content of the first effective name exists in a policy node of the XML data, the host reads the attribute content of the first effective name and determines that the attribute content of the first effective name is a valid registry key value name, so that when the host writes security baseline check software developed by a non-microsoft official, a method for reading valid registry key value names can be customized for the ADML repository item in the microsoft official security baseline repository, and thus, the reading of required key data, namely the valid registry key value names, is accelerated.
In the above, an embodiment of a method for obtaining a key value name of a valid registry in the embodiment of the present application is described in detail, referring to fig. 2, where fig. 2 is another embodiment of the method for obtaining a key value name of a valid registry in the embodiment of the present application, and the another embodiment of the method for obtaining a key value name of a valid registry in the embodiment of the present application includes:
201. the host loads XML data in the ADML type security baseline project into the memory;
202. the host judges whether the attribute content of the first effective name exists in the strategy node of the XML data;
if yes, go to step 203; if not, go to step 206.
203. The host reads the attribute content of the first effective name;
204. the host computer determines the attribute content of the first effective name as the key value name of the effective registry;
205. the host reads a first lower node of the strategy node;
in this embodiment, after the host determines that the policy node of the XML data does not have the attribute content of the first effective name, the host may read a lower node of the policy node, where the lower node is referred to as a first lower node in this embodiment.
206. The host judges whether an element node exists in the first lower-layer node;
in this embodiment, the host may determine whether an element (elements) node exists in a first lower node of the policy node, where the element node is used to describe a related attribute of an element state.
If not, go to step 207; if yes, go to step 208.
207. The host computer determines that reading the key value name of the valid registry fails;
208. the host reads a second lower layer node of the element node;
in this embodiment, when the host determines that the element node exists in the first lower layer node, the host reads the lower layer node of the element node, and in this embodiment, the lower layer node of the element node is referred to as a second lower layer node.
209. The host judges whether a text node exists in the second lower layer node;
in this embodiment, when the host reads the second lower node of the element node, it may be determined whether a text node exists in the second lower node, where the text node is used to display text content on the web page.
If not, go to step 210; if yes, go to step 212.
210. The host reads the attribute content of the second effective name in the second lower-layer node;
in this embodiment, when the host determines that there is no text node in the second lower layer node of the element node, the host may read the attribute content of the effective name in the second lower layer node, and in this embodiment, the attribute content of the effective name in the second lower layer node is referred to as the attribute content of the second effective name.
211. The host computer determines the attribute content of the second effective name as the key value name of the effective registry;
in this embodiment, after reading the attribute content of the second effective name in the second lower node, the host may determine that the attribute content of the second effective name is a valid registry key name.
212. The host judges whether a field of a third effective name exists in the text node;
in this embodiment, after determining that the attribute content of the second effective name is a key value name of the effective registry, the host may determine whether a field of the effective name exists in the text node, where the effective name in the text node is referred to as a third effective name. That is, the host may determine whether a field for the third valid name exists in the text node.
If yes, go to step 213; if not, go to step 214.
213. The host computer determines the attribute content of the third effective name as the key value name of the effective registry;
in this embodiment, when the host determines that the field of the third effective name exists in the text node, the host may determine that the attribute content of the third effective name is a key value name of the effective registry.
214. The host assigns the attribute content of the third effective name to a null value;
in this embodiment, when the host determines that the field of the third effective name does not exist in the text node, the host may assign the attribute content of the third effective name to a null value.
215. The host determines that the null value is a valid registry key name.
In this embodiment, after assigning the attribute content of the third effective name to a null value, the host may determine that the null value is a valid registry key name.
In the embodiment of the present application, after the host loads the data of XML in the ADML type security baseline item into the memory, the host computer can try to acquire the attribute content of the effective name in the XML data, the host computer determines the acquired attribute content of the effective name as a valid registry key name, therefore, when the host writes the inspection software of the security baseline inspection program not developed by Microsoft official, the step method for acquiring the key value name of the valid registry can be set for the ADML knowledge base item in the security baseline knowledge base of Microsoft official, and through the step method, therefore, a large amount of time can be saved, only the data of the key value names of the effective registry is obtained, redundant data except the key value names of the effective registry does not need to be obtained, the speed of obtaining the key value names of the effective registry which is used as key data of the inspection software is increased, and the running efficiency of the security baseline inspection program inspection software and the host computer is improved.
Another embodiment of the method for obtaining a key name of a valid registry in the embodiment of the present application is described above in detail, and for the convenience of understanding of the reader, the following description is provided with an embodiment in a specific application scenario.
With reference to the following text 1, described in the text 1 is a data structure of an ADML-type security baseline item of the embodiment of the present application.
Text 1
Figure BDA0001806721340000081
Figure BDA0001806721340000091
The translation of each english word in text 1 is as follows, policy name is policy node name, example is, key is main key, Software is Software, Microsoft is Microsoft, Windows is window, Terminal Services is Terminal Services, admx means name of namespace (without actual meaning), supported is supported, enum is enumeration, Unsupported is Unsupported, elements are elements, valuame is valid value name, MinEncryptionLevel has no special meaning, is key name of a registry, item is item, displayName is display name, string.adddaodoflle84428e 3a31453e 974b33 is a string of characters, decimal is decimal, string.3fbae57441c99284412f2f2f2978 is a string of characters.
In this embodiment, referring to the text 1, in order to check whether the ADML type security baseline item meets the security specification requirement of the microsoft security system through the security baseline check program, the host only needs to acquire the attribute content of the effective name in the "value name ═ MinEncryptionLevel" part in the 6 th line in the text 1, and the host can check whether the ADML type security baseline meets the security specification requirement of the microsoft security system by using the attribute content of the effective name as the key value name of the effective registry.
According to the operation steps in the embodiment shown in fig. 2, after the host loads XML data in an ADML type security baseline item into the memory, the host determines whether the policy (policy) node of the XML data has the attribute content of the valid name (valueName). As can be seen from the above text 1, the policy node does not have the attribute content of the valid name, so the host then reads the lower level node of the policy node, the host determines whether an element (elements) node exists in the lower level node of the policy node, as can be seen from the text 1, the element node exists in the lower level node of the policy node, then the host reads the lower level node of the element node, the host determines whether a text (text) node exists in the lower level node of the element node, as can be seen from the text 1, the lower level node of the element node does not have the text node, but an enumeration (enum) node, and since the enumeration node is a regular node and the attribute content of the valid name exists in the regular node, the host can directly obtain the attribute content "MinEncryptionLevel" of the valid name (valueName) from the enumeration node. It should be noted that, besides the enumerated node being a regular node, the decimal (decimal) node and the item (item) node are also regular nodes, and as long as the regular nodes are regular nodes, the attribute contents of the valid name exist in the nodes. In this way, the host computer already obtains the attribute content of the effective name in the XML data in the ADML type security baseline item, and the other data except the attribute content of the effective name are redundant data, so that the host computer does not need to spend time reading the redundant data. The host computer takes the attribute content of the effective name as the key name of the effective registry, so that the host computer finds the key data of the XML data in the ADML type security baseline item.
By the method for acquiring the key value name of the effective registry, the host can only acquire the attribute content of the effective name and use the attribute content as the key value name of the effective registry without reading other data in XML data, so that the host accelerates the speed of acquiring the key value name of the effective registry as key data of inspection software, and improves the running efficiency of the inspection software of a security baseline inspection program and the host.
The above describes a method for obtaining a key value name of a valid registry in the embodiment of the present application, and the following describes a device for obtaining a key value name of a valid registry in the embodiment of the present application. Referring to fig. 3, fig. 3 is a diagram illustrating an embodiment of an apparatus for obtaining key names of valid registries according to the present disclosure.
An embodiment of an apparatus for obtaining a key name of a valid registry in an embodiment of the present application includes:
a loading unit 301, configured to load XML data in the ADML-type security baseline item into a memory;
a first judging unit 302, configured to judge whether an attribute content of a first effective name exists in a policy node of the XML data, where the policy node is used to describe specific authorized content;
a first reading unit 303, configured to read attribute content of the first effective name when it is determined that the attribute content of the first effective name exists in a policy node of the XML data;
a first determining unit 304, configured to determine that the attribute content of the first valid name is a valid registry key name.
The apparatus for obtaining the key name of the valid registry further comprises:
a second reading unit 305 for reading a first lower node of the policy node when it is determined that the attribute contents of the first effective name do not exist in the policy node of the XML data;
a second determining unit 306, configured to determine whether an element node exists in the first lower node, where the element node is used to describe a relevant attribute of an element state;
a third reading unit 307 configured to read a second lower node of the element nodes when it is determined that the element nodes exist in the first lower node;
a third determining unit 308, configured to determine whether a text node exists in the second lower node, where the text node is used to display text content on a web page;
a fourth reading unit 309, configured to read attribute content of the second effective name in the second lower-layer node when it is determined that the text node exists in the second lower-layer node;
a second determining unit 310, configured to determine that the attribute content of the second valid name is a valid registry key name;
a fourth judging unit 311, configured to, when it is determined that a text node exists in the second lower-layer node, judge whether a field of a third effective name exists in the text node;
a fifth reading unit 312, configured to read attribute content of the third effective name when it is determined that a field of the third effective name exists in the text node;
a third determining unit 313 configured to determine that the attribute content of the third valid name is a valid registry key name;
the assigning unit 314 is configured to assign the attribute content of the third effective name to a null value when it is determined that the field of the third effective name does not exist in the text node;
a fourth determining unit 315, configured to determine that the null value is a valid registry key name.
In this embodiment of the application, after loading the XML data in the ADML type security baseline item into the memory, the loading unit 301 determines whether the attribute content of the valid name exists in the XML data through the reading unit and the determining unit, and if the attribute content of the valid name exists, the determining unit corresponding to the determining unit determines the attribute content of the valid name as the valid registry key name, so that the device for obtaining the valid registry key name can save a large amount of time to obtain only the data of the valid registry key name without reading other data in the XML data, speed up obtaining the valid registry key name as the key data of the inspection software, and improve the efficiency of the operation of the security baseline inspection program inspection software and the host.
Referring to fig. 4, another embodiment of the apparatus for obtaining a key name of a valid registry in the embodiment of the present application includes:
the apparatus 400 for obtaining valid registry key names may have a large difference due to different configurations or performances, and may include one or more Central Processing Units (CPUs) 401 (e.g., one or more processors) and a memory 405, where the memory 405 stores one or more applications or data.
Memory 405 may be volatile storage or persistent storage, among other things. The program stored in memory 405 may include one or more modules, each of which may include a sequence of instructions operating on a server. Still further, the central processor 401 may be configured to communicate with the memory 405 to perform a series of instruction operations in the memory 405 on the apparatus 400 for obtaining valid registry key names.
The means for validating registry key names 400 may also include one or more power supplies 402, one or more wired or wireless network interfaces 403, one or more input-output interfaces 404, and/or one or more operating systems, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, and the like.
The process executed by the central processing unit in the apparatus 400 for obtaining a key value name of a valid registry in the embodiment of the present application is similar to the method process described in the embodiment shown in fig. 1 and fig. 2, and is not repeated here.
The beneficial effects of the embodiment of the application are that after the central processing unit 401 loads the XML data in the ADML type security baseline item into the memory, the attribute content of the effective name is determined as the effective registry key value name by reading the attribute content of the effective name in the XML data, so that the device for obtaining the effective registry key value name can save a large amount of time and only obtain the data of the effective registry key value name without reading other data in the XML data, the speed of obtaining the effective registry key value name as the key data of the inspection software is accelerated, and the efficiency of the security baseline inspection program for inspecting the operation of the software and the host computer is improved.
An embodiment of the present invention further provides a computer storage medium, where the computer storage medium is used to store computer software instructions for the apparatus for obtaining valid registry key names, and the computer storage medium includes a program designed to execute the program for obtaining valid registry key names.
The embodiment of the present application further provides a computer program product, which includes computer software instructions that can be loaded by a processor to implement the method flows in the foregoing embodiments shown in fig. 1 and fig. 2.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

Claims (10)

1. A method for obtaining a valid registry key name stored in an active directory management language, ADML, type security baseline entry, comprising:
the host loads the data of the extensible markup language XML in the ADML type safety baseline project into a memory;
the host judges whether the attribute content of the first effective name exists in the strategy node of the XML data or not;
if yes, the host reads the attribute content of the first effective name;
and the host computer determines the attribute content of the first effective name as the key value name of the effective registry.
2. The method of claim 1, wherein after the host determines whether the attribute contents of the first effective name exist in the policy node of the XML data, the method further comprises:
if not, the host reads a first lower-layer node of the strategy node;
the host judges whether an element node exists in the first lower-layer node;
if yes, the host reads a second lower layer node of the element node;
the host judges whether a text node exists in the second lower layer node;
if not, the host reads the attribute content of the second effective name in the second lower-layer node;
and the host computer determines the attribute content of the second effective name as the key value name of the effective registry.
3. The method of claim 2, wherein after the host determines whether a text node exists in the second lower level node, the method further comprises:
if yes, the host judges whether a field of a third effective name exists in the text node;
if yes, the host reads the attribute content of the third effective name;
and the host computer determines the attribute content of the third effective name as the key value name of the effective registry.
4. The method of claim 3, wherein after the host determines whether a field of a third valid name exists in the text node, the method further comprises:
if not, the host assigns the attribute content of the third effective name to a null value;
the host determines that the null value is the valid registry key name.
5. An apparatus for obtaining a valid registry key name stored in an Active Directory Management Language (ADML) type security baseline entry, comprising:
a processor, a memory, an input-output device, and a bus;
the processor, the memory and the input and output equipment are respectively connected with the bus;
the processor is used for loading data of extensible markup language XML in the ADML type safety baseline project into a memory; judging whether the strategy node of the XML data has the attribute content of the first effective name or not; if yes, reading the attribute content of the first effective name; and determining the attribute content of the first effective name as the key value name of the effective registry.
6. The apparatus of claim 5, wherein the processor is further configured to:
when determining that the attribute content of the first effective name does not exist in the strategy node of the XML data, reading a first lower-layer node of the strategy node; and judging whether the first lower-layer node has an element node, if so, reading a second lower-layer node of the element node, judging whether the second lower-layer node has a text node, if not, reading the attribute content of a second effective name in the second lower-layer node, and determining that the attribute content of the second effective name is the key value name of the effective registry.
7. The apparatus of claim 6, wherein the processor is further configured to:
when the text node exists in the second lower layer node, judging whether a field of a third effective name exists in the text node; if yes, reading the attribute content of the third effective name; and determining the attribute content of the third effective name as the key value name of the effective registry.
8. The apparatus of claim 7, wherein the processor is further configured to:
when the field of the third effective name exists in the text node, assigning the attribute content of the third effective name to be a null value; and determining the null value as the valid registry key name.
9. A computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1 to 4.
10. A computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of any of claims 1 to 4.
CN201811103783.0A 2018-09-20 2018-09-20 Method and device for acquiring key value name of valid registry Active CN109214172B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811103783.0A CN109214172B (en) 2018-09-20 2018-09-20 Method and device for acquiring key value name of valid registry

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811103783.0A CN109214172B (en) 2018-09-20 2018-09-20 Method and device for acquiring key value name of valid registry

Publications (2)

Publication Number Publication Date
CN109214172A CN109214172A (en) 2019-01-15
CN109214172B true CN109214172B (en) 2021-08-31

Family

ID=64984389

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811103783.0A Active CN109214172B (en) 2018-09-20 2018-09-20 Method and device for acquiring key value name of valid registry

Country Status (1)

Country Link
CN (1) CN109214172B (en)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060041522A1 (en) * 2004-08-18 2006-02-23 Xerox Corporation. Abstract document management systems and methods
CN101101547B (en) * 2006-07-04 2012-07-18 霍尼韦尔(北京)技术研发实验有限公司 Dynamic computer system and structure
US8037469B2 (en) * 2006-10-10 2011-10-11 Psion Teklogix Inc. System and method of configuring computer settings
CN103914370B (en) * 2012-12-31 2017-05-10 百度国际科技(深圳)有限公司 XML (Extensive Markup Language) configuration file based test method and device
CN103605675B (en) * 2013-10-30 2017-02-15 北京京东尚科信息技术有限公司 XML (extensive markup language) path expression extracting method and device
CN108319684A (en) * 2018-01-31 2018-07-24 国信优易数据有限公司 A kind of storage method and device of expandable mark language XML file

Also Published As

Publication number Publication date
CN109214172A (en) 2019-01-15

Similar Documents

Publication Publication Date Title
US5675795A (en) Boot architecture for microkernel-based systems
US8484641B2 (en) Implementing a versioned virtualized application runtime environment
US9262187B2 (en) Extension point declarative registration for virtualization
US20120130977A1 (en) Dynamic language checking
CN102073525B (en) Based on dynamic update method and the device of the Web service system of Java platform
US9734311B1 (en) Secure authentication of firmware configuration updates
CN105488125A (en) Page access method and apparatus
US20170168845A1 (en) Managing dependencies for human interface infrastructure (hii) devices
CN106462442B (en) System and method for loading virtual machine
US10855796B2 (en) Data storage method and device
DE112009004062T5 (en) ELECTRONIC DEVICE WITH OVERLAPPING LOADING TASK CHECKS AND HIGH LOAD TASK PERFORMANCE
CN111159215A (en) Mapping method and device of Java class and relational database and computing equipment
WO2013176967A1 (en) Virtualizing integrated calls to provide access to resources in a virtual namespace
CN109214172B (en) Method and device for acquiring key value name of valid registry
CN111399999B (en) Computer resource processing method, device, readable storage medium and computer equipment
US11416614B2 (en) Statistical detection of firmware-level compromises
CN104317660A (en) Bank parameter managing system
US10073852B2 (en) Computer-readable storage medium, file management apparatus, and file management method
CN109753506B (en) Data distributed storage method, device, terminal and storage medium
CN109739857B (en) Data distributed writing method and device under high concurrency, terminal and storage medium
CN115190010B (en) Distributed recommendation method and device based on software service dependency relationship
US8347070B1 (en) System and methods for sharing platform data with an ACPI module of a computer system
CN108089895B (en) Activity registration method and device in plug-in, electronic equipment and storage medium
CN110727467A (en) System and method for realizing server performance optimization processing under big data environment
CN110677353B (en) Data access method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant