CN112052477A - Isolation method and system based on portable operating system disk - Google Patents
Isolation method and system based on portable operating system disk Download PDFInfo
- Publication number
- CN112052477A CN112052477A CN202010898628.3A CN202010898628A CN112052477A CN 112052477 A CN112052477 A CN 112052477A CN 202010898628 A CN202010898628 A CN 202010898628A CN 112052477 A CN112052477 A CN 112052477A
- Authority
- CN
- China
- Prior art keywords
- disk
- operating system
- driver
- device object
- portable operating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to an isolation method and system based on a portable operating system disk, wherein the portable operating system disk is inserted into a host, and the portable operating system disk operating system is started by host hardware; creating a filtering driving device object in an AddDevice dispatching function, and binding the filtering driving device object with a physical disk device object; registering an interface of a filter driving device object, and acquiring a symbolic link of the interface; storing the symbolic link of the interface in the context of the filtering DEVICE, receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filtering DEVICE when processing a subfunction IRP _ MN _ START _ DEVICE in an IRP _ MJ _ PNP dispatching function; judging whether the start part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing to access; if not, the physical disk device is judged to be the host hard disk, access is intercepted, access failure information is fed back, data of the portable operating system disk can be prevented from being copied to the host hard disk, and data leakage is prevented.
Description
Technical Field
The invention belongs to the technical field of data security, and particularly relates to an isolation method and an isolation system based on a portable operating system disk, which can ensure the data security of the portable operating system disk by performing data isolation on the portable operating system disk and a physical host.
Background
In many occasions of government and enterprises, the portable operating system disk becomes a standard configuration for working of workers, data is carried with the portable operating system disk, and the portable operating system can be started only by plugging the portable operating system disk into a notebook computer by any notebook computer. On one hand, the built-in program of the portable operating system mainly meets the office requirement and is accompanied by certain safety isolation to ensure the data safety; on the other hand, the portable operating system is low in cost, and financial cost is reduced.
Data in the portable operating system disk is encrypted through the whole disk, once a correct password is input and the portable operating system is started, the data in the portable operating system disk is presented in a plaintext mode, and at the moment, a worker can easily copy the data in the portable operating system disk to a hard disk of a physical host (such as a notebook computer), so that confidential data is leaked. In addition, in the using process, because the using environment of the physical host is unknown, viruses, trojans or malicious software may be carried on the hard disk of the physical host, and the portable operating system is mainly used for processing secret-related data, accessing a private network and the like, the data isolation between the portable operating system disk and the physical host also becomes an important requirement of the portable operating system.
Patent publication No. CN 107622204A discloses a domestic flat panel dual-system storage and starting method based on a domestic operating system, and relates to the technical field of operating systems. Aiming at domestic flat equipment, the invention designs a dual-system storage and starting method supporting a domestic operating system, and meets the requirement of an autonomous controllable system; through USB key verification, the high-security level system is transparent to the low-security level user; the dual systems are stored in different interface storage devices, and different requirements of different application scenes on storage capacity and access speed are met. The method has the advantages that the dual systems are physically isolated, rich application software of the android system can be utilized, and the autonomous and controllable domestic operating system for storing important data can be selected and used according to the security level of a user, so that high information security is ensured; different requirements of the system on the storage capacity and the read-write performance are met by using the storage devices with different interfaces. However, the comparison document relates to dual systems, and needs to relate to switching of the dual systems and data isolation of the dual systems, so that different systems can be used according to the safety level of a user, and the requirements of autonomous controllability and starting according to requirements are met; the dual-system storage is realized on physical media of different interfaces, the requirements of different application scenes on storage capacity and read-write performance are met, but the comparison file cannot realize the physical disk isolation of the embedded system and the local host, and the potential safety hazard of data leakage still exists.
Disclosure of Invention
The present invention is directed to overcome the disadvantages of the prior art and to provide a method and system for isolating a portable os based on a portable os disk, which can avoid the leakage of confidential data in the portable os disk,
the invention provides an isolation method based on a portable operating system disk, which comprises the following steps:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
Further, the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except that the interface type GUID at the end of the character string is different, and other character strings are the same.
Further, the interface symbol link of the filter driver device object is a variant of the filter driver device object instance ID, the symbol "\" of the filter driver device object instance ID is replaced with a symbol "#", and the interface symbol link of the filter driver device object is obtained by adding an interface class GUID at the end.
Further, the above method uses the diskperf disk filter framework to mask the host hard disk when processing the sub-function IRP _ MN _ START _ DEVICE in its IRP _ MJ _ PNP dispatch function.
Further, the step 2) further includes:
firstly, enumerating equipment connected below by a bus driver, and creating a physical disk equipment object PDO;
next, the system loads corresponding function drivers for the physical disk device object PDO; after the function driver is loaded, creating a function driver equipment object FDO by the function driver;
if the filter driver exists, the system loads the filter driver, and the filter driver object FiDO is created by the filter driver.
Further, the filtering driver device object FiDO, the functional driver device object FDO, and the physical disk device object PDO together form a device stack of the embedded operating system, and the filtering driver device object FiDO is located at an upper layer of the device stack, the functional driver device object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
The second aspect of the present invention further provides an isolation system based on a portable operating system disk, the system comprising: the system comprises a host and a portable operating system disk, wherein the portable operating system disk is detachably plugged into the host, the portable operating system disk comprises an isolation method program based on the portable operating system disk, and the isolation method program based on the portable operating system disk realizes the following steps when being executed by a processor of the host:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
Further, when the embedded operating system is started, firstly, the bus driver enumerates the devices connected below, and a physical disk device object PDO is created; next, the system loads corresponding function drivers for the physical disk device object PDO; after the function driver is loaded, creating a function driver equipment object FDO by the function driver; if the filter driver exists, the system loads the filter driver, and the filter driver creates a filter driver device object FiDO; the filtering driver device object FiDO, the functional driver device object FDO, and the physical disk device object PDO together form a device stack of an embedded operating system, and the filtering driver device object FiDO is located at an upper layer of the device stack, the functional driver device object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
Further, the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except that the interface type GUID at the end of the character string is different, and other character strings are the same.
The third aspect of the present invention also provides a computer-readable storage medium, where the computer-readable storage medium includes a program of an isolation method based on a portable operating system disk, and when the program of the isolation method based on the portable operating system disk is executed by a processor, the steps of the isolation method based on the portable operating system disk as described above are implemented.
The invention uses the diskperf disk filter frame in the Windows drive layer, shields the host hard disk when processing the subfunction IRP _ MN _ START _ DEVICE in the IRP _ MJ _ PNP dispatch function, realizes the physical isolation of the portable operating system disk and the host, avoids the worker from randomly copying the data of the portable operating system disk into the host hard disk, and effectively prevents the possibility of leakage of the confidential data of the portable operating system disk.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flow chart illustrating a method for creating a filter driver device object when an operating system is started according to the present invention.
FIG. 2 is a flow chart of the method for masking a host hard disk according to the present invention.
Detailed Description
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.
As shown in fig. 1 and fig. 2, a first aspect of the present invention provides an isolation method based on a portable operating system disk, including the following steps:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
In fact, step 6) above determines whether the symbolic link is marked with "\ \ is? Is there a And if yes, the physical disk device is judged to be a portable operating system disk and can be normally accessed, and if not, the physical disk device is judged to be a host hard disk, the access request is intercepted, and access failure information is returned.
The disk on the host is not the USB bus interface generally, and the embedded operating system generally adopts the USB bus interface, so the disk (such as a host hard disk) of the non-USB bus can be shielded in the disk filter according to the condition that the disk interface is not the USB bus, and the host can not be seen in the embedded operating system. And because the disk device instance ID of the USB bus always starts with the USBSTOR, the invention can judge according to the USB bus.
It can be understood that, usually, the portable operating system disk is protected by a full disk encryption method, the portable operating system disk of the present invention operates as an embedded system, that is, the portable operating system disk is plugged into a host, then a BIOS start method of the host is selected as USB, at this time, the portable operating system can be started, due to the effect of the filter program, the portable operating system is prompted to shield the host device, so that a worker cannot search for and obtain the host device, and then cannot copy the data in the portable operating system disk into the host device, thereby avoiding leakage of confidential data in the portable operating system disk.
Specifically, the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except that the interface type GUID at the end of the character string is different, and other character strings are the same.
Specifically, the interface symbol link of the filter driver device object is a modification of the filter driver device object instance ID, the symbol "\" of the filter driver device object instance ID is replaced with a symbol "#", and the interface symbol link of the filter driver device object is obtained by adding an interface class GUID at the end.
The isolation method of the invention uses the diskperf disk filter framework to mask the host hard disk when processing the sub-function IRP _ MN _ START _ DEVICE in the IRP _ MJ _ PNP dispatch function.
It can be understood that the diskperf disk filtering framework is a filtering driver Sample of microsoft, belongs to a class filtering driver, is installed on the DiskDrive class, and intercepts and filters the IRP request sent to the disk device by using an upper layer filtering method.
Further, the step 2) above further includes:
firstly, enumerating equipment connected below by a bus driver, and creating a physical disk equipment object PDO;
next, the system loads corresponding function drivers for the physical disk device object PDO;
after the function driver is loaded, creating a function driver equipment object FDO by the function driver;
if the filter driver exists, the system loads the filter driver, and the filter driver object FiDO is created by the filter driver.
Specifically, a "physical disk device object" is created by a system bus driver, and in the AddDevice function, is passed in by a parameter.
Further, the filtering driver device object FiDO, the functional driver device object FDO, and the physical disk device object PDO together form a device stack of the embedded operating system, and the filtering driver device object FiDO is located at an upper layer of the device stack, the functional driver device object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
The second aspect of the present invention further provides an isolation system based on a portable operating system disk, the system comprising: the system comprises a host and a portable operating system disk, wherein the portable operating system disk is detachably plugged into the host, the portable operating system disk comprises an isolation method program based on the portable operating system disk, and the isolation method program based on the portable operating system disk realizes the following steps when being executed by a processor of the host:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
Specifically, when an embedded operating system is started, firstly, a bus driver enumerates devices connected below, and a physical disk device object PDO is created; next, the system loads corresponding function drivers for the physical disk device object PDO; after the function driver is loaded, creating a function driver equipment object FDO by the function driver; if the filter driver exists, the system loads the filter driver, and the filter driver creates a filter driver device object FiDO; the filtering driver device object FiDO, the functional driver device object FDO, and the physical disk device object PDO together form a device stack of an embedded operating system, and the filtering driver device object FiDO is located at an upper layer of the device stack, the functional driver device object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
Further, the functional drive device object FDO is created by a functional drive, such as a Disk device typically created by a Disk drive, and the physical Disk device object PDO is created by a bus drive, such as an IDE hard Disk typically created by a PCI drive.
Specifically, the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except that the interface type GUID at the end of the character string is different, and other character strings are the same.
The third aspect of the present invention also provides a computer-readable storage medium, where the computer-readable storage medium includes a program of an isolation method based on a portable operating system disk, and when the program of the isolation method based on the portable operating system disk is executed by a processor, the steps of the isolation method based on the portable operating system disk as described above are implemented.
The invention uses the diskperf disk filter frame in the Windows drive layer, shields the host hard disk when processing the subfunction IRP _ MN _ START _ DEVICE in the IRP _ MJ _ PNP dispatch function, realizes the physical isolation of the portable operating system disk and the host, avoids the worker from randomly copying the data of the portable operating system disk into the host hard disk, and effectively prevents the possibility of leakage of the confidential data of the portable operating system disk.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A portable operating system disk based isolation method, comprising the steps of:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
2. The portable operating system disk-based isolation method as claimed in claim 1, wherein the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except for the interface class GUID at the end of the character string.
3. The portable operating system disk-based isolation method according to claim 1, wherein the interface symbol link of the filter driver device object is a variant of a filter driver device object instance ID, the symbol "\\" of the filter driver device object instance ID is replaced with a symbol "#", and an interface class GUID is added to the end of the filter driver device object to obtain the interface symbol link of the filter driver device object.
4. A portable os disk based isolation method as claimed in claim 1, wherein said method uses a diskperf disk filter framework to mask the host hard disk when processing the sub-function IRP _ MN _ START _ DEVICE in its IRP _ MJ _ PNP dispatch function.
5. The portable operating system disk-based isolation method according to claim 1, further comprising in the step 2): firstly, enumerating equipment connected below by a bus driver, and creating a physical disk equipment object PDO; next, the system loads corresponding function drivers for the physical disk device object PDO; after the function driver is loaded, creating a function driver equipment object FDO by the function driver; if the filter driver exists, the system loads the filter driver, and the filter driver object FiDO is created by the filter driver.
6. The portable operating system disk-based isolation method according to claim 5, wherein the filter driver object FiDO, the function driver object FDO, and the physical disk device object PDO together form a device stack of an embedded operating system, the filter driver object FiDO is located at an upper layer of the device stack, the function driver object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
7. A portable operating system disk based isolation system, the system comprising: the system comprises a host and a portable operating system disk, wherein the portable operating system disk is detachably plugged into the host, the portable operating system disk comprises an isolation method program based on the portable operating system disk, and the isolation method program based on the portable operating system disk realizes the following steps when being executed by a processor of the host:
step 1), inserting the portable operating system disk into a host, and starting an operating system in the portable operating system disk by means of host hardware;
step 2), in the AddDevice dispatching function, creating a filter driving device object, and binding the filter driving device object with a physical disk device object;
step 3), registering an interface of the filter driving equipment object, namely obtaining a symbolic link of the interface;
step 4), storing the symbolic link of the interface in the context of the filtering equipment;
step 5), receiving an access request to the physical disk DEVICE, and acquiring the symbolic link from the context of the filter DEVICE when the sub-function IRP _ MN _ START _ DEVICE is processed in the IRP _ MJ _ PNP dispatching function;
step 6), judging whether the beginning part of the symbolic link has a USBSTOR character, if so, judging that the physical disk device is a portable operating system disk, and continuing the access process; if not, judging that the physical disk device is a host hard disk, intercepting access and simultaneously feeding back access failure information.
8. The portable os disk-based isolation system according to claim 7, wherein when starting the embedded os, the bus driver enumerates the devices connected below to create a physical disk device object PDO; next, the system loads corresponding function drivers for the physical disk device object PDO; after the function driver is loaded, creating a function driver equipment object FDO by the function driver; if the filter driver exists, the system loads the filter driver, and the filter driver creates a filter driver device object FiDO; the filtering driver device object FiDO, the functional driver device object FDO, and the physical disk device object PDO together form a device stack of an embedded operating system, and the filtering driver device object FiDO is located at an upper layer of the device stack, the functional driver device object FDO is located at a middle layer of the device stack, and the physical disk device object PDO is located at a lower layer of the device stack.
9. The portable operating system disk-based isolation system as claimed in claim 7, wherein the interface symbolic link of the filter driver device object is the same as the interface symbolic link of the physical disk device object except for the interface class GUID at the end of the character string.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium includes a program of a portable os disk-based quarantine method, and the program of the portable os disk-based quarantine method is executed by a processor to implement the steps of a portable os disk-based quarantine method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010898628.3A CN112052477B (en) | 2020-08-31 | 2020-08-31 | Isolation method and system based on portable operating system disk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010898628.3A CN112052477B (en) | 2020-08-31 | 2020-08-31 | Isolation method and system based on portable operating system disk |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112052477A true CN112052477A (en) | 2020-12-08 |
| CN112052477B CN112052477B (en) | 2022-03-25 |
Family
ID=73608208
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010898628.3A Active CN112052477B (en) | 2020-08-31 | 2020-08-31 | Isolation method and system based on portable operating system disk |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112052477B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100257284A1 (en) * | 2007-07-25 | 2010-10-07 | Ahnlab, Inc. | Method of protecting input/output packet of usb device and apparatus thereof |
| CN103605930A (en) * | 2013-11-27 | 2014-02-26 | 湖北民族学院 | Double file anti-divulging method and system based on HOOK and filtering driving |
| CN107622204A (en) * | 2017-09-26 | 2018-01-23 | 北京计算机技术及应用研究所 | A kind of domestic flat board dual system storage based on domestic operating system is with starting method |
-
2020
- 2020-08-31 CN CN202010898628.3A patent/CN112052477B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100257284A1 (en) * | 2007-07-25 | 2010-10-07 | Ahnlab, Inc. | Method of protecting input/output packet of usb device and apparatus thereof |
| CN103605930A (en) * | 2013-11-27 | 2014-02-26 | 湖北民族学院 | Double file anti-divulging method and system based on HOOK and filtering driving |
| CN107622204A (en) * | 2017-09-26 | 2018-01-23 | 北京计算机技术及应用研究所 | A kind of domestic flat board dual system storage based on domestic operating system is with starting method |
Non-Patent Citations (3)
| Title |
|---|
| 吴方园等: "USB2.0内存卡读写器设备驱动程序设计与实现", 《微计算机应用》 * |
| 段翼真等: "USB存储设备安全监控系统的设计与实现", 《计算机应用》 * |
| 王永国: "基于U盘物理序列号的软件保护与注册方法研究", 《计算机应用与软件》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112052477B (en) | 2022-03-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3123311B1 (en) | Malicious code protection for computer systems based on process modification | |
| EP2541453B1 (en) | System and method for malware protection using virtualization | |
| CN1795439B (en) | Security system and method for computer operating systems | |
| US8788763B2 (en) | Protecting memory of a virtual guest | |
| AU2005237120B2 (en) | Computer security management, such as in a virtual machine or hardened operating system | |
| CN103620612B (en) | Comprise the computing equipment of port and guest domain | |
| US20110239306A1 (en) | Data leak protection application | |
| US10783041B2 (en) | Backup and recovery of data files using hard links | |
| CN102063583B (en) | Data exchange method for mobile storage medium and device thereof | |
| CN104484625B (en) | A kind of computer and its implementation with dual operating systems | |
| KR20040111222A (en) | Device and System for preventing virus | |
| CN1545657A (en) | Method for backing up and recovering data in hard disk of computer | |
| US6907524B1 (en) | Extensible firmware interface virus scan | |
| US8694797B2 (en) | Method for preventing malicious software from execution within a computer system | |
| US11971986B2 (en) | Self-protection of anti-malware tool and critical system resources protection | |
| CN101414329B (en) | Delete just in the method for operating virus | |
| JP2018124893A (en) | Computer system and file access controlling method | |
| US9967263B2 (en) | File security management apparatus and management method for system protection | |
| CN103605934B (en) | Protection method and device for executable files | |
| US8250263B2 (en) | Apparatus and method for securing data of USB devices | |
| CN102467632B (en) | A kind of method that browser isolation uses | |
| CN112052477B (en) | Isolation method and system based on portable operating system disk | |
| CN111222122A (en) | Application authority management method and device and embedded equipment | |
| US20090055683A1 (en) | Method of restoring previous computer configuration | |
| US20240126882A1 (en) | Instructions to process files in virtual machines |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |