CN111796989A - Method for preventing screen capture in Linux system and computer readable storage medium - Google Patents
Method for preventing screen capture in Linux system and computer readable storage medium Download PDFInfo
- Publication number
- CN111796989A CN111796989A CN202010937888.7A CN202010937888A CN111796989A CN 111796989 A CN111796989 A CN 111796989A CN 202010937888 A CN202010937888 A CN 202010937888A CN 111796989 A CN111796989 A CN 111796989A
- Authority
- CN
- China
- Prior art keywords
- application
- function
- drm
- gem
- linux system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3051—Monitoring arrangements for monitoring the configuration of the computing system or of the computing system component, e.g. monitoring the presence of processing resources, peripherals, I/O links, software programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Abstract
The invention discloses a method for preventing screen capture in a Linux system and a computer readable storage medium. The method for preventing screen capture in the Linux system comprises the following steps: when the hook function monitors that the sys _ open function of the Linux system is called, acquiring the sys _ open function; and acquiring the pathname of an application calling the sys _ open function, judging whether the application is positioned in a screen capturing white list when the pathname is/dev/fb 0, if so, allowing the application to perform screen capturing, and otherwise, forbidding the application to perform screen capturing. By adopting the method and the device, the sys _ open function of the Linux system is monitored through the hook function, and the application which does not allow screen capture can be intercepted in advance according to the preset screen capture white list, so that the Linux system can be effectively prevented from being screen captured, the data safety in the Linux system can be effectively improved, the method is simple to realize, hardware does not need to be changed, the cost is low, and the method and the device are suitable for wide popularization.
Description
Technical Field
The invention relates to the field of Linux systems, in particular to a method for preventing screen capture in a Linux system and a computer readable storage medium.
Background
With the national emphasis on domestic operating systems, Linux series operating systems are widely popularized. The system security under Linux is increasingly emphasized, and particularly the security in enterprises and units storing confidential data is more important. However, screen capture as a data copy method is easy to cause leakage of data of the Linux system.
In the related art, a commonly used method for preventing screen capture and divulgence is to add a watermark to a screen to mark a data source, but the method can only achieve the effect of retrospective tracing and cannot realize interception in advance.
Disclosure of Invention
The embodiment of the invention provides a method for preventing screen capture in a Linux system and a computer readable storage medium, which are used for solving the problem of poor effectiveness of the method for preventing screen capture in the Linux system in the prior art.
The method for preventing screen capture in the Linux system comprises the following steps:
when the hook function monitors that a sys _ open function of the Linux system is called, acquiring the sys _ open function;
and acquiring a path name of an application calling the sys _ open function, judging whether the application is positioned in a screen capturing white list when the path name is/dev/fb 0, if so, allowing the application to perform screen capturing, and otherwise, forbidding the application to perform screen capturing.
According to some embodiments of the invention, the method further comprises:
setting a safe application list, wherein display data of applications in the safe application list cannot be captured;
allocating a secure memory pool for drawing to the applications in the secure application list;
when the hook function monitors that a drm _ gem _ object _ init () function of the Linux system is executed, acquiring the drm _ gem _ object _ init () function;
judging whether the application executing the drm _ gem _ object _ init () function is in the safe application list, if so, applying for a drawing space from the safe memory pool, and otherwise, applying for the drawing space from a common memory pool;
when the hook function monitors that a drm _ gem _ handle _ create function of the Linux system is called, acquiring the drm _ gem _ handle _ create function;
if the application calling the drm _ gem _ handle _ create function is located in the safe application list, buffering the relevant information of the application;
when the hook function monitors that a drm _ gem _ object _ lookup function of the Linux system is called, acquiring the drm _ gem _ object _ lookup function;
and judging whether the relevant information of the application calling the drm _ gem _ object _ lookup function is consistent with the buffered relevant information, if so, allowing the application to access the secure memory pool, and otherwise, forbidding the application to access the secure memory pool.
According to some embodiments of the present invention, the determining whether the application executing the drm _ gem _ object _ init () function is in a secure application list comprises:
if the application executing the drm _ gem _ object _ init () function is located in the secure application list, adding a USE _ SECURITY _ PANEL parameter to the parameter flags of the drm _ gem _ object _ init () function;
judging whether the parameter flags of the drm _ gem _ object _ init () function comprises the USE _ SECURITY _ PANEL parameter, if so, judging that the application of the drm _ gem _ object _ init () function is in a SECURITY application list, otherwise, judging that the application of the drm _ gem _ object _ init () function is not in the SECURITY application list.
According to some embodiments of the invention, the related information comprises: application information, memory addresses, file descriptors.
According to some embodiments of the invention, the method further comprises:
and judging whether the display hardware supports image synthesis, if so, sending the drawing buffer of the application in the safe application list and the drawing buffer of the common application to the display hardware for display, otherwise, adopting a software algorithm to mix the drawing buffer of the application in the safe application list and the drawing buffer of the common application in real time and sending the mixed drawing buffer of the application and the drawing buffer of the common application to the CRTC for display.
According to the computer readable storage medium of the embodiment of the invention, the computer readable storage medium is stored with an implementation program of information transmission, and the program is executed by a processor to implement the steps of the method for preventing screen capture in the Linux system.
By adopting the embodiment of the invention, the sys _ open function of the Linux system is monitored through the hook function, and the application which does not allow screen capture can be intercepted in advance according to the preset screen capture white list, so that the Linux system can be effectively prevented from being screen captured, the data safety in the Linux system can be effectively improved, the method is simple to realize, hardware does not need to be changed, the cost is low, and the method is suitable for wide popularization.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. In the drawings:
FIG. 1 is a flowchart of a method for preventing screen capture in a Linux system according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
As shown in fig. 1, a method for preventing screen capture in a Linux system according to an embodiment of the present invention includes:
s1, when the hook function detects that the sys _ open function of the Linux system is called, acquiring the sys _ open function;
s2, obtaining a path name of an application calling the sys _ open function, judging whether the application is located in a screen capturing white list when the path name is/dev/fb 0, if so, allowing the application to perform screen capturing, and if not, forbidding the application to perform screen capturing.
It should be noted that the screen capture white list defines applications that can be used for screen capture, and when the screen capture white list includes all applications in the Linux system, it indicates that all applications are allowed to screen capture; when the screen capture white list is empty, all application screen capture in the Linux system is forbidden; when the screen capture white list is not empty and does not contain all the applications in the Linux system, the screen capture of the running part of the applications can be performed, and the screen capture of the part of the applications is forbidden.
By adopting the embodiment of the invention, the sys _ open function of the Linux system is monitored through the hook function, and the application which does not allow screen capture can be intercepted in advance according to the preset screen capture white list, so that the Linux system can be effectively prevented from being screen captured, the data safety in the Linux system can be effectively improved, the method is simple to realize, hardware does not need to be changed, the cost is low, and the method is suitable for wide popularization.
On the basis of the above-described embodiment, various modified embodiments are further proposed, and it is to be noted herein that, in order to make the description brief, only the differences from the above-described embodiment are described in the various modified embodiments.
According to some embodiments of the invention, the method further comprises:
setting a safe application list, wherein display data of applications in the safe application list cannot be captured;
allocating a secure memory pool for drawing to the applications in the secure application list;
when the hook function monitors that a drm _ gem _ object _ init () function of the Linux system is executed, acquiring the drm _ gem _ object _ init () function;
judging whether the application executing the drm _ gem _ object _ init () function is in the safe application list, if so, applying for a drawing space from the safe memory pool, and otherwise, applying for the drawing space from a common memory pool;
when the hook function monitors that a drm _ gem _ handle _ create function of the Linux system is called, acquiring the drm _ gem _ handle _ create function;
if the application calling the drm _ gem _ handle _ create function is located in the safe application list, buffering the relevant information of the application;
when the hook function monitors that a drm _ gem _ object _ lookup function of the Linux system is called, acquiring the drm _ gem _ object _ lookup function;
and judging whether the relevant information of the application calling the drm _ gem _ object _ lookup function is consistent with the buffered relevant information, if so, allowing the application to access the secure memory pool, and otherwise, forbidding the application to access the secure memory pool.
Thereby, it is possible to provide a solution by: judging whether the application can be subjected to screen capture; the double judgment of judging whether the application can be shot can effectively prevent the data from being shot, thereby further improving the protection effect of the data.
According to some embodiments of the present invention, the determining whether the application executing the drm _ gem _ object _ init () function is in a secure application list comprises:
if the application executing the drm _ gem _ object _ init () function is located in the secure application list, adding a USE _ SECURITY _ PANEL parameter to the parameter flags of the drm _ gem _ object _ init () function;
judging whether the parameter flags of the drm _ gem _ object _ init () function comprises the USE _ SECURITY _ PANEL parameter, if so, judging that the application of the drm _ gem _ object _ init () function is in a SECURITY application list, otherwise, judging that the application of the drm _ gem _ object _ init () function is not in the SECURITY application list.
According to some embodiments of the invention, the related information comprises: application information, memory addresses, file descriptors.
According to some embodiments of the invention, the method further comprises:
and judging whether the display hardware supports image synthesis, if so, sending the drawing buffer of the application in the safe application list and the drawing buffer of the common application to the display hardware for display, otherwise, adopting a software algorithm to mix the drawing buffer of the application in the safe application list and the drawing buffer of the common application in real time and sending the mixed drawing buffer of the application and the drawing buffer of the common application to the CRTC for display.
According to the computer readable storage medium of the embodiment of the present invention, the computer readable storage medium stores thereon an implementation program of information transfer, which when executed by a processor implements the steps of:
s1, when the hook function detects that the sys _ open function of the Linux system is called, acquiring the sys _ open function;
s2, obtaining a path name of an application calling the sys _ open function, judging whether the application is located in a screen capturing white list when the path name is/dev/fb 0, if so, allowing the application to perform screen capturing, and if not, forbidding the application to perform screen capturing.
By adopting the embodiment of the invention, the sys _ open function of the Linux system is monitored through the hook function, and the application which does not allow screen capture can be intercepted in advance according to the preset screen capture white list, so that the Linux system can be effectively prevented from being screen captured, the data safety in the Linux system can be effectively improved, the method is simple to realize, hardware does not need to be changed, the cost is low, and the method is suitable for wide popularization.
On the basis of the above-described embodiment, various modified embodiments are further proposed, and it is to be noted herein that, in order to make the description brief, only the differences from the above-described embodiment are described in the various modified embodiments.
According to some embodiments of the invention, the program, when executed by the processor, may further implement the steps of:
setting a safe application list, wherein display data of applications in the safe application list cannot be captured;
allocating a secure memory pool for drawing to the applications in the secure application list;
when the hook function monitors that a drm _ gem _ object _ init () function of the Linux system is executed, acquiring the drm _ gem _ object _ init () function;
judging whether the application executing the drm _ gem _ object _ init () function is in the safe application list, if so, applying for a drawing space from the safe memory pool, and otherwise, applying for the drawing space from a common memory pool;
when the hook function monitors that a drm _ gem _ handle _ create function of the Linux system is called, acquiring the drm _ gem _ handle _ create function;
if the application calling the drm _ gem _ handle _ create function is located in the safe application list, buffering the relevant information of the application;
when the hook function monitors that a drm _ gem _ object _ lookup function of the Linux system is called, acquiring the drm _ gem _ object _ lookup function;
and judging whether the relevant information of the application calling the drm _ gem _ object _ lookup function is consistent with the buffered relevant information, if so, allowing the application to access the secure memory pool, and otherwise, forbidding the application to access the secure memory pool.
Thereby, it is possible to provide a solution by: judging whether the application can be subjected to screen capture; the double judgment of judging whether the application can be shot can effectively prevent the data from being shot, thereby further improving the protection effect of the data.
According to some embodiments of the present invention, the determining whether the application executing the drm _ gem _ object _ init () function is in a secure application list comprises:
if the application executing the drm _ gem _ object _ init () function is located in the secure application list, adding a USE _ SECURITY _ PANEL parameter to the parameter flags of the drm _ gem _ object _ init () function;
judging whether the parameter flags of the drm _ gem _ object _ init () function comprises the USE _ SECURITY _ PANEL parameter, if so, judging that the application of the drm _ gem _ object _ init () function is in a SECURITY application list, otherwise, judging that the application of the drm _ gem _ object _ init () function is not in the SECURITY application list.
According to some embodiments of the invention, the related information comprises: application information, memory addresses, file descriptors.
According to some embodiments of the invention, the program when executed by the processor further performs the steps of:
and judging whether the display hardware supports image synthesis, if so, sending the drawing buffer of the application in the safe application list and the drawing buffer of the common application to the display hardware for display, otherwise, adopting a software algorithm to mix the drawing buffer of the application in the safe application list and the drawing buffer of the common application in real time and sending the mixed drawing buffer of the application and the drawing buffer of the common application to the CRTC for display.
The method for preventing screen capture in the Linux system according to an embodiment of the present invention is described in detail in a specific embodiment. It is to be understood that the following description is illustrative only and is not intended to be in any way limiting. All similar structures and similar variations thereof adopted by the invention are intended to fall within the scope of the invention.
The method for preventing screen capture in the Linux system comprises two parts, wherein the first part monitors the execution of a key control function of screen capture in a hook mode, and the second part completes the screen capture separation and the authority control through the hook function on the basis of the first part.
Monitoring key control function execution of screen capture in a hook mode, comprising:
monitoring kernel key functions by a hook method, wherein the kernel key functions comprise: sys _ open, drm _ gem _ object _ init, drm _ gem _ handle _ create, drm _ gem _ handle _ delete, and drm _ gem _ object _ lookup.
The specific implementation method and process are as follows:
1.1, obtaining the address of a kernel key function through symbol searching;
1.2, transferring the initial address of the kernel key function into a hook control function by using jump;
1.3, realizing self-defining check in the hook control function and deciding whether to continue to the original key function.
On the basis of the first part, screen capture separation and authority control are completed through a hook function, and the method comprises the following steps:
setting whether the application can be subjected to screen capture, namely whether the application can initiate screen capture operation;
setting whether the application can be screenshot, namely whether the screenshot zone content can contain the application content;
setting whether the application can be subjected to screen capture, and classifying three strategies, namely allowing all applications to capture the screen; forbidding all application screen capturing; only applications in the screen capture white list are allowed to be subjected to screen capture.
When the execution of sys _ open is monitored, authority check is carried out, whether screen capture operation is continuously executed or not is selected, and the specific execution process is as follows:
when all applications are allowed to screen, sys _ open does not carry out any check and continues to execute the operation;
when all application screenshots are forbidden, checking sys _ open parameters, wherein the main parameters comprise a path name and an opening mode, the path is/dev/fb 0, returning an error, and forbidding opening a file;
when partial application screen capture is allowed, the sys _ open parameter is checked, wherein the main parameters comprise a path name and an open mode, the path is/dev/fb 0, whether the current process is in a white list is checked, if yes, the opening is continued, and if not, an error is returned to prohibit the file from being opened.
Whether the security application can be captured or not is set, the security application is stored in a security application list, display data of the security application cannot be captured by any other application, and the specific execution process is as follows:
2.1, after setting a safe application list, applying for a memory pool in the system, wherein the memory pool provides a space for drawing a safe application;
2.2, detecting that a drm _ gem _ object _ init () function is executed, wherein the drm _ gem _ object _ init () function is responsible for allocating a drawing space for the application, and when the situation that the safety application draws is monitored, checking and preparing to set a new parameter for the safety application;
2.2.1, if the process is not in the security application white list, the drm _ gem _ object _ init () function does not modify any parameter;
2.2.2, if the process is in a SECURITY application white list, modifying the parameter of the drm _ gem _ object _ init () function, and adding the USE _ SECURITY _ PANEL parameter to the flags;
2.3, if the flags parameter has the USE _ SECURITY _ PANEL parameter, applying the applied memory from the secure memory pool and returning the memory to the application;
2.4, if the flags parameter does not have the USE _ SECURITY _ PANEL parameter, applying the applied memory from the common memory and returning the memory to the application;
3. recording the state of the application drawing cache to prevent the application from accessing the drawing cache of other applications;
3.1, monitoring the calling of a drm _ gem _ handle _ create interface, and caching a memory address, a file descriptor, a process and a safety application relation if the process is in a safety application white list;
3.2, monitoring the calling of a drm _ gem _ handle _ delete interface, and if the information is in the cache, deleting the information from the cache;
3.3, monitoring drm _ gem _ object _ lookup, checking whether the information of the current process is consistent with the requested memory address and the file descriptor, if not, returning an error name, otherwise, returning a correct name;
the drm _ gem _ handle _ create encapsulates the memory resource requested for the second time (assuming that the name is fd after encapsulation), and the upper layer application sees all the encapsulated memory resource. For use after encapsulation, fd needs to find the memory resource again through drm _ gem _ object _ lookup, where information for secure and non-secure applications also needs to be isolated. If the cache information created in the drm _ gem _ handle _ create can be found, the security application is legal. If the cache cannot be found, the cache is not a security application, and the address in the security buffer cannot be translated to the cache, so that the effect of forbidding the non-security application to access the security buffer data is achieved. After the use, the cache information needs to be released and cleared, and the wrong information cannot be used when the cache information is searched later.
4. The synthetic display of the drawing cache of the safety application and the drawing cache of the common application is completed;
4.1, if the display hardware supports image synthesis, directly sending the drawing cache frame buffer of the common application and the drawing cache of the safety application to the display equipment;
4.2, if the display hardware does not support image synthesis, using a software algorithm to mix the framebuffer and the drawing cache of the security application in real time and sending the mixed data to the CRTC.
It should be noted that the above-mentioned embodiments are only preferred embodiments of the present invention, and are not intended to limit the present invention, and those skilled in the art can make various modifications and changes. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the method of the invention should not be construed to reflect the intent: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing inventive embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Claims (6)
1. A method for preventing screen capture in a Linux system is characterized by comprising the following steps:
when the hook function monitors that a sys _ open function of the Linux system is called, acquiring the sys _ open function;
and acquiring a path name of an application calling the sys _ open function, judging whether the application is positioned in a screen capturing white list when the path name is/dev/fb 0, if so, allowing the application to perform screen capturing, and otherwise, forbidding the application to perform screen capturing.
2. The method for preventing screen capture under the Linux system of claim 1, further comprising:
setting a safe application list, wherein display data of applications in the safe application list cannot be captured;
allocating a secure memory pool for drawing to the applications in the secure application list;
when the hook function monitors that a drm _ gem _ object _ init () function of the Linux system is executed, acquiring the drm _ gem _ object _ init () function;
judging whether the application executing the drm _ gem _ object _ init () function is in the safe application list, if so, applying for a drawing space from the safe memory pool, and otherwise, applying for the drawing space from a common memory pool;
when the hook function monitors that a drm _ gem _ handle _ create function of the Linux system is called, acquiring the drm _ gem _ handle _ create function;
if the application calling the drm _ gem _ handle _ create function is located in the safe application list, buffering the relevant information of the application;
when the hook function monitors that a drm _ gem _ object _ lookup function of the Linux system is called, acquiring the drm _ gem _ object _ lookup function;
and judging whether the relevant information of the application calling the drm _ gem _ object _ lookup function is consistent with the buffered relevant information, if so, allowing the application to access the secure memory pool, and otherwise, forbidding the application to access the secure memory pool.
3. The method for preventing screen capture under the Linux system of claim 2, wherein the determining whether the application executing the drm _ gem _ object _ init () function is in a secure application list comprises:
if the application executing the drm _ gem _ object _ init () function is located in the secure application list, adding a USE _ SECURITY _ PANEL parameter to the parameter flags of the drm _ gem _ object _ init () function;
judging whether the parameter flags of the drm _ gem _ object _ init () function comprises the USE _ SECURITY _ PANEL parameter, if so, judging that the application of the drm _ gem _ object _ init () function is in a SECURITY application list, otherwise, judging that the application of the drm _ gem _ object _ init () function is not in the SECURITY application list.
4. The method for preventing screen capture under the Linux system of claim 2, wherein the related information comprises: application information, memory addresses, file descriptors.
5. The method for preventing screen capture under the Linux system according to any of claims 2-4, wherein the method further comprises:
and judging whether the display hardware supports image synthesis, if so, sending the drawing buffer of the application in the safe application list and the drawing buffer of the common application to the display hardware for display, otherwise, adopting a software algorithm to mix the drawing buffer of the application in the safe application list and the drawing buffer of the common application in real time and sending the mixed drawing buffer of the application and the drawing buffer of the common application to the CRTC for display.
6. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon an implementation program of information transfer, which when executed by a processor implements the steps of the method for preventing screen shots under the Linux system according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010937888.7A CN111796989B (en) | 2020-09-09 | 2020-09-09 | Method for preventing screen capture in Linux system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010937888.7A CN111796989B (en) | 2020-09-09 | 2020-09-09 | Method for preventing screen capture in Linux system and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111796989A true CN111796989A (en) | 2020-10-20 |
| CN111796989B CN111796989B (en) | 2020-12-08 |
Family
ID=72834150
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010937888.7A Active CN111796989B (en) | 2020-09-09 | 2020-09-09 | Method for preventing screen capture in Linux system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111796989B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114547632A (en) * | 2020-11-19 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Information protection method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105787373A (en) * | 2016-05-17 | 2016-07-20 | 武汉大学 | Android terminal data leak-proof method in mobile office system |
| CN106201468A (en) * | 2016-06-28 | 2016-12-07 | 北京金山安全软件有限公司 | Screen capture processing method and device and electronic equipment |
| CN106791168A (en) * | 2017-01-13 | 2017-05-31 | 北京奇虎科技有限公司 | Information of mobile terminal guard method, device and mobile terminal |
| CN109033850A (en) * | 2018-06-29 | 2018-12-18 | 深信服科技股份有限公司 | A kind of processing method of screenshot picture, device, terminal and computer storage medium |
| CN110737926A (en) * | 2018-07-19 | 2020-01-31 | 华为技术有限公司 | display method, device and storage medium |
| US20200134222A1 (en) * | 2018-10-30 | 2020-04-30 | Citrix Systems, Inc. | Protecting Screenshots of Applications Executing in a Protected Workspace Container Provided in a Mobile Device |
-
2020
- 2020-09-09 CN CN202010937888.7A patent/CN111796989B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105787373A (en) * | 2016-05-17 | 2016-07-20 | 武汉大学 | Android terminal data leak-proof method in mobile office system |
| CN106201468A (en) * | 2016-06-28 | 2016-12-07 | 北京金山安全软件有限公司 | Screen capture processing method and device and electronic equipment |
| CN106791168A (en) * | 2017-01-13 | 2017-05-31 | 北京奇虎科技有限公司 | Information of mobile terminal guard method, device and mobile terminal |
| CN109033850A (en) * | 2018-06-29 | 2018-12-18 | 深信服科技股份有限公司 | A kind of processing method of screenshot picture, device, terminal and computer storage medium |
| CN110737926A (en) * | 2018-07-19 | 2020-01-31 | 华为技术有限公司 | display method, device and storage medium |
| US20200134222A1 (en) * | 2018-10-30 | 2020-04-30 | Citrix Systems, Inc. | Protecting Screenshots of Applications Executing in a Protected Workspace Container Provided in a Mobile Device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114547632A (en) * | 2020-11-19 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Information protection method, device, equipment and storage medium |
| CN114547632B (en) * | 2020-11-19 | 2023-10-13 | 成都鼎桥通信技术有限公司 | Information protection method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111796989B (en) | 2020-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6073482B2 (en) | Secure disk access control | |
| EP3430556B1 (en) | System and method for process hollowing detection | |
| CN104598809B (en) | Program monitoring method and defending method thereof, as well as relevant device | |
| US8464252B2 (en) | Per process virtual machines | |
| CN108469986B (en) | Data migration method and device | |
| CN105740046B (en) | A kind of virtual machine process behavior monitoring method and system based on dynamic base | |
| US10783041B2 (en) | Backup and recovery of data files using hard links | |
| CN109508224B (en) | User data isolation protection system and method based on KVM | |
| WO2016033966A1 (en) | Protection method and device for application data | |
| CN104715209A (en) | Outgoing document encryption protection method | |
| US10587652B2 (en) | Generating false data for suspicious users | |
| Onarlioglu et al. | Privexec: Private execution as an operating system service | |
| CN105989252A (en) | Function level packing-oriented unpacking method and system | |
| CN110807191B (en) | Safe operation method and device of application program | |
| CN108229190B (en) | Transparent encryption and decryption control method, device, program, storage medium and electronic equipment | |
| CN111796989B (en) | Method for preventing screen capture in Linux system and computer readable storage medium | |
| Yalew et al. | Hail to the Thief: Protecting data from mobile ransomware with ransomsafedroid | |
| CN108985096B (en) | Security enhancement and security operation method and device for Android SQLite database | |
| CN104360869A (en) | Method for preventing underlying driver from intercepting messages | |
| CN107562514B (en) | Physical memory access control and isolation method | |
| CN105453104B (en) | System protection file security control device and management method | |
| CN111625296B (en) | Method for protecting program by constructing code copy | |
| CN115373878B (en) | Anti-screenshot extension protocol implementation system based on X framework | |
| US8788785B1 (en) | Systems and methods for preventing heap-spray attacks | |
| CN112966277A (en) | Webpage protection method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |