CN110443050A - A kind of processing method and system of forgery process in file transparent encrypting and deciphering system - Google Patents
A kind of processing method and system of forgery process in file transparent encrypting and deciphering system Download PDFInfo
- Publication number
- CN110443050A CN110443050A CN201910681391.0A CN201910681391A CN110443050A CN 110443050 A CN110443050 A CN 110443050A CN 201910681391 A CN201910681391 A CN 201910681391A CN 110443050 A CN110443050 A CN 110443050A
- Authority
- CN
- China
- Prior art keywords
- client
- server
- module
- attribute information
- credit database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of processing methods of the forgery process in file transparent encrypting and deciphering system, comprising: client obtains the process of starting, and obtains the process title of the process;Client is inquired in its credit database with the presence or absence of the process title obtained, and if so, client extracts the finger print information of process, and inquiry whether there is the finger print information in its credit database, server-side is sent by the attribute information and finger print information of its attribute information and process if there is no then client, and the operation of the process is blocked, server-side judges whether that the finger print information for the process that client is sent can be inquired in its credit database.It is poor that the present invention is able to solve ease for use present in the widely used identification method based on process fingerprint of the transparent encrypting and deciphering system of existing file, and maintenance workload is big, it is passive to solve the problems, such as, can not detect threat, can not divulge a secret the technical issues of collecting evidence.
Description
Technical field
The invention belongs to field of information security technology, more particularly, to the puppet in a kind of file transparent encrypting and deciphering system
Make the processing method and system of process.
Background technique
Extensive commercialization has been obtained in file transparent encrypting and deciphering system at present, realizes when electronic document is opened,
Memory is arrived in automatic decryption, correctly identifies for application program;When file saves, it is encrypted into disk automatically, prevents electronic document from letting out
It is close;Even if electronic document is copied away, but it is still in encrypted state, to solve enterprise to Commercial Secret Protection
Demand;In addition, file transparent encrypting and deciphering system does not change original file operation process, unaware for users.
A key technology in file transparent encrypting and deciphering system is how precisely to identify process, prevents from forging
Process;At present in the transparent encrypting and deciphering system that generally uses on the market, to the identification of process be normally based on process fingerprint (i.e. into
The MD5 value of journey) identification method, have the ability of stronger pre- anti-counterfeiting process.
However, the identification method based on process fingerprint still has and some can not neglect in the transparent encrypting and deciphering system of existing file
Slightly the technical issues of:
1, ease for use is poor: if some credit software (such as WORD of Microsoft) has updated a small patch, causing
File content (such as winword.exe) changes, this, which will lead to the corresponding process of credit software, can not be identified as awarding
Letter process, or even forgery process can be mistaken for, at this time transparent encrypting and deciphering system can not in time, the progress of active intervene automatically,
To affect the user experience of the transparent encrypting and deciphering system.
2, maintenance workload is big: when new version occurs in credit software, then needing to resurvey process fingerprint, then to institute
Some clients are updated, not only heavy workload, but also almost without operability.
3, it is passive to solve the problems, such as: file transparent encrypting and deciphering system can not predict the version updating of credit software automatically, every time
All it is client active proposition problem, then passively solves the problems, such as again, seriously affect user experience.
4, can not detect threat: after having used file transparent encrypting and deciphering system, enterprise can think that always its own is in
Among the protection of file encryption-decryption system, it can not but know that how many daily illegal user is attempting to crack, therefore to similar
Potential threat can not be predicted.
5, can not divulge a secret evidence obtaining: after electronic document is divulged a secret, file transparent encrypting and deciphering system can not find strong evidence,
Has no fright power to the user of the process of forgery.
Summary of the invention
Aiming at the above defects or improvement requirements of the prior art, the present invention provides in a kind of file transparent encrypting and deciphering system
Forgery process processing method and system, it is intended that solve the widely used base of the transparent encrypting and deciphering system of existing file
The ease for use present in the identification method of process fingerprint is poor, maintenance workload is big, it is passive to solve the problems, such as, can not detect threat,
Can not divulge a secret the technical issues of collecting evidence.
To achieve the above object, according to one aspect of the present invention, it provides in a kind of file transparent encrypting and deciphering system
The processing method of forgery process, comprising the following steps:
(1) client obtains the process of starting, and obtains the process title of the process;
(2) client is inquired in its credit database with the presence or absence of the process title obtained in step (1), if do not deposited
The process is then directly being run, process terminates, and otherwise enters step (3);
(3) client extracts the finger print information of process, and inquiry whether there is the finger print information in its credit database,
And if so, directly running the process, process terminates, and otherwise enters step (4);
(4) attribute information and finger print information of its attribute information and process are sent server-side by client, and blocks
The operation of the process;
(5) server-side judges whether that the finger print information for the process that client is sent can be inquired in its credit database,
If it is, entering step (6), (8) are otherwise entered step;
(6) whether the number for the attribute information that server-side judgement receives the process is greater than a preset threshold N, if it is
Step (7) are transferred to, (8) are otherwise entered step;
(7) process is added in its credit database server-side, and the attribute information of the process is handed down to and is connected with it
The all clients connect, process terminate;
(8) attribute information of the attribute information of client and process is stored in its credit database by server, will
State of the client in credit database is set as non-credit state;
(9) server-side judges whether the process is forgery process according to the attribute information of the process, if yes then enter step
Suddenly (10) otherwise enter step (11);
(10) server-side sets blacklist for the corresponding field of the process in its credit database, is puppet by the process
The information for making process is sent to all clients connected to it in a broadcast manner, and process terminates;
(11) server-side in credit database by the corresponding field of the process be set as white list (also need when necessary from
It is dynamic to insert the time for pulling in white list, i.e. credit time), and the attribute information of the process is handed down to all visitors connected to it
Family end.
Preferably, step (1) specifically, use first global injection technique based on SetWindowsHookEx or
The process of starting, the application program then provided by Windows system are provided in real time based on the call back function of kernel-driven
Interface function (such as GetModuleFileName api function) obtains the process title of the process.
Preferably, the attribute information of client includes client id, client ip address, client mac address, client
Hardware number, client operating system version, the computer name in client operating system, the user in client operating system
Name etc..
Preferably, the attribute information of process includes but is not limited to place path and the process respective file of process
Filename, file size, digital signature information, file explanation, FileVersion, name of product, product version, copyright information, original
Beginning filename etc..
Preferably, while process addition is stored in the credit database of server-side, which is added credit database
Time is also synchronized to be changed to the current time of server-side.
Preferably, judge that the process whether be forgery process is by sentencing according to the attribute information of the process in step (9)
Whether whether content under specified directory, in the attribute information that judges the process is enough in path where the process of breaking, sentences
It whether only include the initial information of software development phase or the attribute letter for judging the process in the attribute information for the process of breaking
It differs between the corresponding file size of process file size corresponding with the process of credit in breath and to realize whether greatly.
Preferably, the method further includes after step (11), client according to the credit database of server-side more
The newly credit database of its own.
It is another aspect of this invention to provide that providing a kind of processing system of the forgery process in file transparent encrypting and deciphering system
System, comprising:
First module, is set in client, for obtaining the process of starting, and obtains the process title of the process;
Second module, is set in client, obtains for inquiring in its credit database with the presence or absence of the first module
The process title taken, if there is no the process is then directly run, process terminates, and otherwise enters third module;
Third module, is set in client, looks into for extracting the finger print information of process, and in its credit database
It askes and whether there is the finger print information, and if so, directly running the process, process terminates, and otherwise enters the 4th module;
4th module, is set in client, for believing the attribute information of its attribute information and process and fingerprint
Breath is sent to server-side, and blocks the operation of the process;
5th module, is set in server-side, can inquire client in its credit database for judging whether
The finger print information for the process sent, if it is, otherwise entering the 8th module into the 6th module;
6th module, is set in server-side, judges whether the number for the attribute information for receiving the process is greater than one
Preset threshold N is if it is transferred to the 7th module, otherwise enters the 8th module;
7th module, is set in server-side, for the process to be added in its credit database, and by the process
Attribute information is handed down to all clients connected to it, and process terminates;
8th module, is set in server, for all depositing the attribute information of the attribute information of client and process
In Chu Qi credit database, non-credit state is set by state of the client in credit database;
9th module, is set in server-side, judges whether the process is pseudo- for the attribute information according to the process
Process is made, if yes then enter the tenth module, otherwise enters the 11st module;
Tenth module, is set in server-side, for the corresponding field of the process to be arranged in its credit database
For blacklist, it sends all clients connected to it, process in a broadcast manner by the information that the process is forgery process
Terminate;
11st module, is set in server-side, for the corresponding field of the process to be arranged in credit database
For white list (also needing to be automatically filled in the time for pulling in white list, i.e. credit time when necessary), and the attribute of the process is believed
Breath is handed down to all clients connected to it.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, can obtain down and show
Beneficial effect:
(1) due to can use all clients of enterprise present invention employs step (1), step (3) and step (4)
Collection process finger print information, i.e. crowdsourcing mechanism, in a large enterprise, as long as a client in thousands of clients
End has used new edition process, and server-side can detect, and be distributed to all clients in time, participates in without implementation consultant,
It is easily used.
(2) due to that present invention employs step (6) and step (7), can distinguish, store the process that all clients report
Finger print information, and (have the client more than or equal to the threshold value that the process fingerprint has all been reported to believe according to threshold value preset in advance
After breath), the finger print information of the process is included in credit database automatically, and be distributed to all clients, whole process enterprise pipe
Reason person, implementation consultant are without participating in, to significantly reduce because of the huge maintenance of software upgrading bring.
It (3) is new process when server-side recognizes the progress information since present invention employs steps (9) and step (11)
Afterwards, credit database can be added in the process automatically, and be handed down to all clients, thus solve the problems, such as it is timely, and based on
It is dynamic to solve the problems, such as, and overcome the defect that the existing identification method based on process fingerprint can only be solved the problems, such as passively.
(4) since present invention employs steps (9) and step (10), after server-side confirmation process is forgery process then certainly
It is dynamic that blacklist is added in the process, and it is handed down to all clients, it is possible to real-time detection is solved to potential threat, and in time
Certainly.
(5) progress information submitted due to present invention employs step (6) and step (8), collecting and storing client,
Path where computer name comprising client user, computer user's name, IP address, MAC Address, hardware number, process file
Etc. information, when client run market it is popular crack or cracked anti-counterfeiting algorithm, cured evidence is to blabber
Huge deterrent force is formed, so that blabber dare not divulge a secret, even be not desired to divulge a secret.
(6) since present invention employs step (12), it is incremental update mechanism that client, which updates credit database, to network
The degree of dependence of condition is low.
Detailed description of the invention
Fig. 1 is the flow chart of the processing method of the forgery process in file transparent encrypting and deciphering system of the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.As long as in addition, technical characteristic involved in the various embodiments of the present invention described below
Not constituting a conflict with each other can be combined with each other.
As shown in Figure 1, the present invention provides a kind of processing method of the forgery process in file transparent encrypting and deciphering system,
The following steps are included:
(1) client obtains the process of starting, and obtains the process title of the process;
Specifically, this step uses global injection technique based on SetWindowsHookEx or first based on interior
The call back function (Callback) of core driving to capture the process of starting, the application then provided by Windows system in real time
Routine interface (Application Programming Interface, abbreviation API) function (such as GetModuleFileName
Api function) obtain the process title of the process.
(2) client is inquired in its credit database with the presence or absence of the process title obtained in step (1), if do not deposited
The process is then directly being run, process terminates, and otherwise enters step (3);
It, will be into the form of database specifically, credit database was established in the client initialization stage
Journey, process title, the finger print information of process, credit time are stored in local.
Client is that directly by SQL statement, query procedure title whether there is in credit database in this step.
The later period updating maintenance of credit database mainly uses four kinds of mechanism:
Crowdsourcing mechanism: all clients can report process, and after new edition process occurs, server-side can be examined at the first time
It surveys.
Quickly intervene: when the process of certain side door software changes, i.e., only very small amount of client uses the process,
Administrator can WEB manage console on a key set it is white.
No matter automatic distributing: manually setting white or server-side backstage and set automatically white, can all carry out automatic distributing, allows all clients
End obtains in real time updates credit database.
Increment downloading: server-side credit database uses increment downloading mode, new data portion is only downloaded, to network item
Part relies on few.
(3) client extracts the finger print information of process, and inquiry whether there is the finger print information in its credit database,
And if so, directly running the process, process terminates, and otherwise enters step (4);
(4) attribute information and finger print information of its attribute information and process are sent server-side by client, and blocks
The operation of the process;
Specifically, the attribute information of client includes but is not limited to client id, client ip address, client
MAC Address, client hardware number, client operating system version, the computer name in client operating system, client behaviour
Make the user name etc. in system;
The attribute information of process includes but is not limited to the place path of process and the file of the corresponding file of process
Name, file size, digital signature information, file explanation, FileVersion, name of product, product version, copyright information, original text
Part name etc..
(5) server-side judges whether that the finger print information for the process that client is sent can be inquired in its credit database,
If it is, entering step (6), (8) are otherwise entered step;
(6) whether the number for the attribute information that server-side judgement receives the process is greater than a preset threshold N, if it is
Step (7) are transferred to, (8) are otherwise entered step;
Specifically, the value range of preset threshold N is greater than 2 and less than 1000, preferably equal to 30.
(7) process is added in its credit database server-side, and by the attribute information of the process (process title, into
Cheng Zhiwen, credit time) all clients connected to it are handed down to, process terminates;
Specifically, while process addition is stored in the credit database of server-side, the process corresponding credit time
(time of credit database is added) can also be synchronized to be changed to the current time of server-side.
(8) attribute information of the attribute information of client and process is stored in its credit database by server, will
State of the client in credit database is set as non-credit state;
The purpose of the attribute information of server-side storage client is to solidify evidence, in case can precisely find forgery when audit
The people of process.
(9) server-side judges whether the process is forgery process according to the attribute information of the process, if yes then enter step
Suddenly (10) otherwise enter step (11);
Specifically, the attribute information in this step according to the process judges whether the process is that forgery process specifically can be with
It is realized by following three kinds of modes:
One, general business software such as MS OFFICE be all mounted in C: Program Files Microsoft
Office Office15 catalogue, if the place path of the process not in specified directory, as E: code tools
Winword.exe, D: decrypt acad.exe etc., then may determine that the process is forgery process;
Two, general business software all has more perfect attribute information, such as digital signature information, file explanation, file version
Sheet, name of product, product version, copyright information, raw filename etc., if the content in the attribute information of the process is less, or
Only include the initial information of software development phase, such as to do in the attribute information of person's process, then can be determined that the process
To forge process;
Three, the corresponding file size of process file corresponding with the process of credit in the attribute information of the process is big
Small to be compared, if the two differs greatly, if the process file size of credit is 132M, and the corresponding file size of the process is
50K then can be determined that the process is forgery process.
(10) server-side sets blacklist for the corresponding field of the process in its credit database and (also needs when necessary
It is automatically filled in the time for pulling in blacklist), it sends the information that the process is forgery process in a broadcast manner and is connected thereto
All clients, process terminates.
(11) server-side in credit database by the corresponding field of the process be set as white list (also need when necessary from
It is dynamic to insert the time for pulling in white list, i.e. credit time), and (process title, is awarded process fingerprint by the attribute information of the process
The letter time) it is handed down to all clients connected to it automatically;
(12) client is according to its own credit database of the credit database update of server-side.
Specifically, client first obtains renewal time last time, such as 2019-07-2511:14:56 according to local credit library,
Server-side inquiry is directly arrived according to the time, such as select*from K_PROCESSINFO where SetTime >=' 2019-
07-25 11:14:56 ' realizes increment downloading and updates if returning has data.
As it will be easily appreciated by one skilled in the art that the foregoing is merely illustrative of the preferred embodiments of the present invention, not to
The limitation present invention, any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should all include
Within protection scope of the present invention.
Claims (8)
1. a kind of processing method of the forgery process in file transparent encrypting and deciphering system, which comprises the following steps:
(1) client obtains the process of starting, and obtains the process title of the process;
(2) client is inquired in its credit database with the presence or absence of the process title obtained in step (1), if there is no then
The process is directly run, process terminates, and otherwise enters step (3);
(3) client extracts the finger print information of process, and inquiry whether there is the finger print information in its credit database, if
In the presence of the process is then directly run, process terminates, and otherwise enters step (4);
(4) attribute information and finger print information of its attribute information and process are sent server-side by client, and blocking should be into
The operation of journey;
(5) server-side judges whether that the finger print information for the process that client is sent can be inquired in its credit database, if
It is then to enter step (6), otherwise enters step (8);
(6) whether the number for the attribute information that server-side judgement receives the process is greater than a preset threshold N, is if it is transferred to
Step (7), otherwise enters step (8);
(7) process is added in its credit database server-side, and the attribute information of the process is handed down to connected to it
All clients, process terminate;
(8) attribute information of the attribute information of client and process is stored in its credit database by server, by the visitor
State of the family end in credit database is set as non-credit state;
(9) server-side judges whether the process is forgery process according to the attribute information of the process, if yes then enter step
(10), (11) are otherwise entered step;
(10) server-side sets blacklist for the corresponding field of the process in its credit database, by the process be forge into
The information of journey is sent to all clients connected to it in a broadcast manner, and process terminates;
(11) server-side sets white list for the corresponding field of the process in credit database, and the attribute of the process is believed
Breath is handed down to all clients connected to it.
2. processing method according to claim 1, which is characterized in that step (1) is specifically, first using being based on
The global injection technique of SetWindowsHookEx or based on the call back function of kernel-driven come in real time capture starting into
Journey, the application program interface function then provided by Windows system (such as GetModuleFileName api function) obtain
Take the process title of the process.
3. processing method according to claim 1, which is characterized in that the attribute information of client includes client id, visitor
Family end IP address, client mac address, client hardware number, client operating system version, the meter in client operating system
User name etc. in calculation machine title, client operating system.
4. processing method according to claim 1, which is characterized in that the attribute information of process includes but is not limited to process
Place path and the filename of process respective file, file size, digital signature information, file explanation, FileVersion,
Name of product, product version, copyright information, raw filename etc..
5. processing method according to claim 1, which is characterized in that the credit database for being stored in server-side is added in process
While, the time which is added credit database is also synchronized to be changed to the current time of server-side.
6. processing method according to claim 1, which is characterized in that step is sentenced in (9) according to the attribute information of the process
The process of breaking whether be forgery process be by judge path where the process whether under specified directory, judge the category of the process
Property information in content it is whether enough, judge in the attribute information of the process whether only including software development phase just
Beginning information or judge the corresponding file size of process file corresponding with the process of credit in the attribute information of the process
It differs between size and to realize whether greatly.
7. processing method according to claim 1, which is characterized in that further comprise client root after step (11)
According to its own credit database of the credit database update of server-side.
8. a kind of processing system of the forgery process in file transparent encrypting and deciphering system characterized by comprising
First module, is set in client, for obtaining the process of starting, and obtains the process title of the process;
Second module, is set in client, for being inquired in its credit database with the presence or absence of the acquisition of the first module
Process title, if there is no the process is then directly run, process terminates, and otherwise enters third module;
Third module, is set in client, and for extracting the finger print information of process, and in its credit database, inquiry is
No there are the finger print informations, and if so, directly running the process, process terminates, and otherwise enter the 4th module;
4th module, is set in client, for sending out the attribute information of its attribute information and process and finger print information
It is sent to server-side, and blocks the operation of the process;
5th module, is set in server-side, for judging whether that can inquire client in its credit database sends
The finger print information of process otherwise enter the 8th module if it is, into the 6th module;
6th module, is set in server-side, and it is default to judge whether the number for the attribute information for receiving the process is greater than one
Threshold value N is if it is transferred to the 7th module, otherwise enters the 8th module;
7th module, is set in server-side, for the process to be added in its credit database, and by the attribute of the process
Information is handed down to all clients connected to it, and process terminates;
8th module, is set in server, for the attribute information of the attribute information of client and process to be stored in
In its credit database, non-credit state is set by state of the client in credit database;
9th module, is set in server-side, for the attribute information according to the process judge the process whether be forge into
Otherwise journey enters the 11st module if yes then enter the tenth module;
Tenth module, is set in server-side, for setting black for the corresponding field of the process in its credit database
The information that the process is forgery process is sent all clients connected to it in a broadcast manner by list, and process terminates;
11st module, is set in server-side, for setting white for the corresponding field of the process in credit database
List, and the attribute information of the process is handed down to all clients connected to it.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910681391.0A CN110443050B (en) | 2019-07-26 | 2019-07-26 | Method and system for processing counterfeit process in file transparent encryption and decryption system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910681391.0A CN110443050B (en) | 2019-07-26 | 2019-07-26 | Method and system for processing counterfeit process in file transparent encryption and decryption system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110443050A true CN110443050A (en) | 2019-11-12 |
CN110443050B CN110443050B (en) | 2021-02-09 |
Family
ID=68431628
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910681391.0A Active CN110443050B (en) | 2019-07-26 | 2019-07-26 | Method and system for processing counterfeit process in file transparent encryption and decryption system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110443050B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111092886A (en) * | 2019-12-17 | 2020-05-01 | 深信服科技股份有限公司 | Terminal defense method, system, equipment and computer readable storage medium |
CN111310180A (en) * | 2020-02-18 | 2020-06-19 | 上海迅软信息科技有限公司 | Computer process anti-counterfeiting method for enterprise information security |
CN112131565A (en) * | 2020-09-27 | 2020-12-25 | 浙江华途信息安全技术股份有限公司 | Transparent encryption and decryption anti-cracking method and management equipment thereof |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101650768A (en) * | 2009-07-10 | 2010-02-17 | 深圳市永达电子股份有限公司 | Security guarantee method and system for Windows terminals based on auto white list |
CN103425926A (en) * | 2012-05-14 | 2013-12-04 | 腾讯科技(深圳)有限公司 | Application program starting method, list configuring method, terminal and server |
CN103559438A (en) * | 2013-10-31 | 2014-02-05 | 上海上讯信息技术有限公司 | Progress identification method and progress identification system |
CN103856524A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Method and system for identifying legal content on basis of white list of user agent |
CN104580203A (en) * | 2014-12-31 | 2015-04-29 | 北京奇虎科技有限公司 | Website malicious program detection method and device |
CN105446741A (en) * | 2015-12-10 | 2016-03-30 | 北京邮电大学 | API (Application Program Interface) comparison based mobile application identification method |
US20160226908A1 (en) * | 2008-03-05 | 2016-08-04 | Facebook, Inc. | Identification of and countermeasures against forged websites |
CN106548048A (en) * | 2016-10-28 | 2017-03-29 | 北京优炫软件股份有限公司 | A kind of method for Process flowchart, device and system |
CN106778261A (en) * | 2015-11-20 | 2017-05-31 | 中兴通讯股份有限公司 | The treating method and apparatus of camouflage applications |
CN107077561A (en) * | 2017-01-10 | 2017-08-18 | 深圳怡化电脑股份有限公司 | Verify method, self-aided terminal and the application server of upper layer application identity |
CN107451469A (en) * | 2017-09-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of process management system and method |
CN107944232A (en) * | 2017-12-08 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of design method and system of the Active Defending System Against based on white list technology |
CN109446753A (en) * | 2018-09-10 | 2019-03-08 | 平安科技(深圳)有限公司 | Detect method, apparatus, computer equipment and the storage medium of pirate application program |
-
2019
- 2019-07-26 CN CN201910681391.0A patent/CN110443050B/en active Active
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160226908A1 (en) * | 2008-03-05 | 2016-08-04 | Facebook, Inc. | Identification of and countermeasures against forged websites |
CN101650768A (en) * | 2009-07-10 | 2010-02-17 | 深圳市永达电子股份有限公司 | Security guarantee method and system for Windows terminals based on auto white list |
CN103425926A (en) * | 2012-05-14 | 2013-12-04 | 腾讯科技(深圳)有限公司 | Application program starting method, list configuring method, terminal and server |
CN103856524A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Method and system for identifying legal content on basis of white list of user agent |
CN103559438A (en) * | 2013-10-31 | 2014-02-05 | 上海上讯信息技术有限公司 | Progress identification method and progress identification system |
CN104580203A (en) * | 2014-12-31 | 2015-04-29 | 北京奇虎科技有限公司 | Website malicious program detection method and device |
CN106778261A (en) * | 2015-11-20 | 2017-05-31 | 中兴通讯股份有限公司 | The treating method and apparatus of camouflage applications |
CN105446741A (en) * | 2015-12-10 | 2016-03-30 | 北京邮电大学 | API (Application Program Interface) comparison based mobile application identification method |
CN106548048A (en) * | 2016-10-28 | 2017-03-29 | 北京优炫软件股份有限公司 | A kind of method for Process flowchart, device and system |
CN107077561A (en) * | 2017-01-10 | 2017-08-18 | 深圳怡化电脑股份有限公司 | Verify method, self-aided terminal and the application server of upper layer application identity |
CN107451469A (en) * | 2017-09-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of process management system and method |
CN107944232A (en) * | 2017-12-08 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of design method and system of the Active Defending System Against based on white list technology |
CN109446753A (en) * | 2018-09-10 | 2019-03-08 | 平安科技(深圳)有限公司 | Detect method, apparatus, computer equipment and the storage medium of pirate application program |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111092886A (en) * | 2019-12-17 | 2020-05-01 | 深信服科技股份有限公司 | Terminal defense method, system, equipment and computer readable storage medium |
CN111092886B (en) * | 2019-12-17 | 2023-05-12 | 深信服科技股份有限公司 | Terminal defense method, system, equipment and computer readable storage medium |
CN111310180A (en) * | 2020-02-18 | 2020-06-19 | 上海迅软信息科技有限公司 | Computer process anti-counterfeiting method for enterprise information security |
CN112131565A (en) * | 2020-09-27 | 2020-12-25 | 浙江华途信息安全技术股份有限公司 | Transparent encryption and decryption anti-cracking method and management equipment thereof |
Also Published As
Publication number | Publication date |
---|---|
CN110443050B (en) | 2021-02-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11934497B2 (en) | Content anti-piracy management system and method | |
US11063744B2 (en) | Document flow tracking using blockchain | |
CN111209346B (en) | Block chain data archiving method and device and computer readable storage medium | |
EP1680727B1 (en) | Distributed document version control | |
US10536459B2 (en) | Document management systems and methods | |
CN103595730B (en) | A kind of ciphertext cloud storage method and system | |
CN101410800B (en) | System and method for a software distribution service | |
CN110443050A (en) | A kind of processing method and system of forgery process in file transparent encrypting and deciphering system | |
CN112765245A (en) | Electronic government affair big data processing platform | |
CN114365133A (en) | System or method for implementing forgotten rights on metadata driven blockchains with secret sharing and consensus on reads | |
US7793335B2 (en) | Computer-implemented method, system, and program product for managing log-in strikes | |
US20070294338A1 (en) | Database access method and system capable of concealing the contents of query | |
US20060288056A1 (en) | File version management device, method, and program | |
US8204949B1 (en) | Email enabled project management applications | |
US8745155B2 (en) | Network storage device collector | |
US20070112784A1 (en) | Systems and Methods for Simplified Information Archival | |
JPH09509772A (en) | Method and apparatus for protecting object changes in a distributed digital directory | |
CA2667264A1 (en) | Systems and methods for information organization | |
CN103618652A (en) | Audit and depth analysis system and audit and depth analysis method of business data | |
KR101977178B1 (en) | Method for file forgery check based on block chain and computer readable recording medium applying the same | |
CN110535903B (en) | Real-time and efficient enterprise address book updating method | |
CN102571380A (en) | Multi-instance GIS platform unified user management method and system | |
CN111797426B (en) | Method and system for distrust notification service | |
KR20090024336A (en) | Document chaser | |
CN108965317A (en) | A kind of network data guard system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |