CN113485895A - Method and device for determining IO device type - Google Patents
Method and device for determining IO device type Download PDFInfo
- Publication number
- CN113485895A CN113485895A CN202110832168.9A CN202110832168A CN113485895A CN 113485895 A CN113485895 A CN 113485895A CN 202110832168 A CN202110832168 A CN 202110832168A CN 113485895 A CN113485895 A CN 113485895A
- Authority
- CN
- China
- Prior art keywords
- attribute
- operating system
- equipment
- determining
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000012544 monitoring process Methods 0.000 claims abstract description 34
- 230000001960 triggered effect Effects 0.000 claims abstract description 30
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000004590 computer program Methods 0.000 claims description 9
- 230000006870 function Effects 0.000 description 19
- 238000010586 diagram Methods 0.000 description 15
- 230000003287 optical effect Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 239000000835 fiber Substances 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/3041—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is an input/output interface
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4411—Configuring for operating with peripheral devices; Loading of device drivers
Abstract
The invention discloses a method and a device for determining the type of IO (input/output) equipment, and relates to the technical field of computers. One embodiment of the method comprises: monitoring a first event triggered by the communication between the IO equipment and an operating system, and identifying a first attribute of the IO equipment; monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device, wherein the second attribute of the IO device comprises a mounting path of the IO device relative to the operating system; determining the device attribute of the IO device according to the distribution of the first attribute and the second attribute on each plane of an IO device registry of the operating system; and determining the device type of the IO device according to the device attribute. According to the embodiment, the IO equipment can be managed in a refined mode.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and an apparatus for determining an IO device type.
Background
In various application scenarios for preventing data leakage, security policy configuration is generally required according to a certain parameter of an IO device, such as a USB disk, a WiFi device of a USB interface, and the like. For example, a U disk with a product ID of xxx is disabled, but is allowed to be used in a read-only mode on a computer with an IP section of 192.168.1.1-100; for another example: disabling all mobile storage devices, but allowing the network storage devices to be used in a readable and writable manner; for another example: allowing USB Bluetooth and USB WiFi equipment, but not allowing USB to mount a disk; as another example, all USB devices may be disabled, and so on.
In order to meet the requirement of the above-mentioned fine management device, it is necessary to extract a corresponding device attribute for each type of IO device, and then set a disabling rule according to the attribute value. The inventors found that there was a problem in practical operation: for a specific operating system, usually one IO device will be registered on a different plane (plane) of the operating system — for example, a USB disk will be registered on both a USB interface management plane and a disk plane, so that key information of the IO device must be acquired from multiple planes to accurately identify the type of the IO device, so as to further formulate a corresponding disabling policy.
Therefore, in view of the fact that the attribute information of the IO device is distributed in multiple planes of the operating system, a method capable of comprehensively counting the attribute of the IO device and further accurately judging the type of the IO device is needed.
Disclosure of Invention
In view of this, the present invention provides a method and an apparatus for determining a type of an IO device, which can gradually and comprehensively determine attributes of the IO device on each plane of an operating system according to attributes of the IO device obtained by monitoring, so as to accurately determine the type of the IO device, and further set a forbidden range for the IO device according to the type of the IO device, thereby implementing fine management.
To achieve the above object, according to an aspect of the present invention, there is provided a method for determining an IO device type, including: monitoring a first event triggered by the communication between the IO equipment and an operating system, and identifying a first attribute of the IO equipment; monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device, wherein the second attribute of the IO device comprises a mounting path of the IO device with respect to the operating system; determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system; and determining the device type of the IO device according to the device attribute.
Optionally, the monitoring a first event triggered by the IO device communicating with an operating system in the method includes: monitoring a notification message triggered after the IO device is inserted into the physical device where the operating system is located by using a first callback function; the monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device includes: and monitoring a notification message triggered after the IO device is mounted to a disk defined by the operating system by using a second callback function.
Optionally, in the method, the determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and/or the second attribute of the IO device in each plane of an IO device registry of the operating system includes: and determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and/or the second attribute of the IO device in the device tree plane of the IO device registry and the hierarchical structure.
Optionally, the device attributes include one or more of: the mobile storage attribute, the network storage attribute and whether the disk mounted by the equipment is the disk where the operating system is located.
Optionally, further comprising: if the IO equipment attribute has the mobile storage attribute, the IO equipment is mobile storage equipment; if the IO equipment attribute has the network storage attribute, the IO equipment is network storage equipment; and if the device attribute indicates that the disk mounted by the device is the disk where the operating system is located, the IO device is a system disk.
Optionally, further comprising: and setting the forbidden range of the IO equipment according to the equipment type.
Optionally, further comprising, the forbidden range includes one or more of: forbidden IP address range, forbidden time range, forbidden device type.
To achieve the above object, according to another aspect of the present invention, there is provided an apparatus for determining an IO device type, including: the first monitoring module is used for monitoring a first event triggered by the communication between the IO equipment and an operating system and identifying a first attribute of the IO equipment; a second monitoring module, configured to monitor a second event triggered when the IO device is mounted to the operating system, and identify a second attribute of the IO device, where the second attribute of the IO device includes a mounting path of the IO device with respect to the operating system; the device attribute determining module is used for determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system; and the device type determining module is used for determining the device type of the IO device according to the device attribute.
To achieve the above object, according to another aspect of the present invention, there is provided a method for determining an IO device type, including: one or more processors; storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement any of the methods of determining an IO device type as described above.
To achieve the above object, according to still another aspect of the present invention, there is provided a computer readable medium having stored thereon a computer program, which when executed by a processor, implements any one of the methods of determining an IO device type as described above.
The invention has the following advantages or beneficial effects: firstly, according to the monitored device-related attributes of the IO devices and the related attributes of the mounted disks, gradually and comprehensively determining the attributes of the IO devices on each plane of an operating system, thereby accurately determining the types of the IO devices, further setting forbidden ranges for the IO devices according to the types of the IO devices, and realizing fine management.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic diagram of a main flow of a method of determining an IO device type according to a first embodiment of the present invention;
fig. 2 is a schematic diagram of a main flow of a method of determining an IO device type according to a second embodiment of the present invention;
fig. 3 is a schematic diagram of a main flow of a method for setting a disable range according to an IO device type according to an embodiment of the present invention;
FIG. 4 illustrates an associative hierarchy of two exemplary planes of an operating system IO device registry;
fig. 5 is a schematic diagram of a main structure of an apparatus for determining an IO device type according to an embodiment of the present invention;
FIG. 6 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 7 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Typically, the relevant properties of the hardware can be viewed using a command line tool provided by the operating system. For example, in a macOS environment, the command line tools for viewing hardware devices are: system _ profiler, distutil, df, reg, etc. The focus of these command line tools varies: the system _ profiler command line tool outputs a whole system report comprising three parts of hardware, software and a network; the disk device and the mounted path information are output by a disk and df command line tool; the reg command line tool outputs registration information for all hardware devices.
However, the method for acquiring hardware-related information by using the above command line tool has the following disadvantages: each command line tool can only inquire out partial attributes of the equipment; on the other hand, in order to accurately identify and classify IO devices, complete device attributes must be acquired. It is therefore common practice to: and integrating the output results of the command line tools. The formats of the output results of the commands are not uniform, and the output results need to be analyzed one by one according to the formats of different output results; sometimes, key attributes of the device cannot be obtained, which brings great difficulty to the identification of the device.
The invention aims to collect all the attributes of the equipment distributed on all planes (planes) of an operating system as much as possible, and then describe the collected equipment attributes by adopting a uniform format (namely, an equipment description standard), thereby solving the problems that the equipment attributes are too dispersed and the output result needs to be analyzed according to different formats. Further, after the device type is accurately identified, a device security policy for preventing data leakage can be flexibly and efficiently formulated.
Fig. 1 is a schematic diagram of a main flow of a method for determining an IO device type according to a first embodiment of the present invention.
In step S101, a first event triggered by the communication between the IO device and the operating system is monitored, and a first attribute of the IO device is identified. For example, for macOS (an operating system), the first event (also referred to herein as a device snoop event) may be an iousb device event for defining an interface of the device with respect to a USB bus, or an ioblockastockagedevice event for outputting a generic block storage protocol. The first event is registered so that a device first attribute is recognized when the IO device communicates with the operating system, and for example, the first attribute may be device hardware information such as a USB device serial number, a vendor name, a VID (vendor ID), and a PID (Product ID).
In one example, the monitoring a first event triggered by the IO device communicating with an operating system includes: and monitoring a notification message triggered after the IO device is inserted into the physical device where the operating system is located by using the first callback function. For example, first, a first event (e.g., the aforementioned iousbevice event, ioblockacktoragedevice event) monitored is added to a notification function (e.g., iosnotifiationportCreate) by using a notification mechanism of an operating system, so that after a usb disk is inserted into a computer device, the relevant notification function triggers a callback of an API function ioserviceaddmatringNotification of the operating system to obtain hardware information of the usb disk; among them, the IOServiceAddMatchingNotification function can be considered as an example of the first callback function.
It is understood that in other operating systems, the first event may be other events, and the invention is not limited in this regard.
In step S102, a second event triggered by the mounting of the IO device to the operating system is monitored, and a second attribute of the IO device is identified, where the second attribute of the IO device includes a mounting path of the IO device with respect to the operating system. Also exemplified by macOS, the second event (also referred to herein as a disk snoop event) may be a mount event for mounting the device to a certain disk path of the operating system, an unmount event for unmounting the device from a certain disk path, an appear event for reflecting that the operating system detects a newly accessed device, a dispear event for reflecting that the operating system detects that the operating system has lost connection with a certain device, an reject event for ejecting the device, and the like. And registering the second event so as to identify a second attribute of the device when the IO device is mounted to a certain disk path of the operating system, wherein the second attribute of the IO device comprises the mounting path of the IO device relative to the operating system.
In one example, the monitoring a second event triggered by the mounting of the IO device to the operating system, and identifying an IO device second attribute includes: and monitoring a notification message triggered after the IO device is mounted to a disk defined by the operating system by using a second callback function. Similarly, after the usb disk is mounted to a certain disk path of the operating system of the computer, a callback of an API function daregasterdiscappreadecalcallback of the operating system is triggered to obtain the mounting path of the usb disk.
In step S103, device attributes of the IO device are determined according to distribution of the IO device first attribute and/or the IO device second attribute in each plane of an IO device Registry (I/O Registry) of the operating system. Typically, each plane of the operating system IO device registry constitutes a hierarchy in which associations exist. FIG. 4 illustrates an associative hierarchy of two exemplary planes of an operating system IO device registry; more specifically, FIG. 4 shows an associative hierarchy of Service (Service) planes and Device Tree (Device Tree) planes of the I/O Registry of macOS. For a device connected to a computer, the operating system of the computer needs to obtain a driver for the device so that the operating system can communicate with the device. The I/O Registry of macOS records the drive object instance of a device connected to a computer, and when the state of the device changes (e.g., a usb disk is inserted into the computer or a usb disk is pulled out of the computer), the device updates the information about the drive object instance in the I/O Registry. The I/O Registry of macOS defines 6 planes in total: service, Audio, Power, Device Tree, FireWire.
Because the callback functions for obtaining the first attribute of the IO device and the second attribute of the IO device are different, although the callback functions correspond to different drivers in the operating system, as long as the two callbacks triggered by the same IO device are partially overlapped on the device tree, the two callbacks are associated according to the overlapped attributes. That is, the device tree plane in the I/O Registry of the macOS may associate the IO device first attribute and the IO device second attribute; taking fig. 4 as an example, regarding attribute 1-1 and attribute 1-2 in the Device Tree plane as a first attribute of the IO Device (e.g., Device hardware information), regarding attribute 1-2 and attribute 1-3 as a second attribute of the IO Device (e.g., a mount path of the Device in an operating system), since the first attribute of the IO Device and the second attribute of the IO Device both include attribute 1-2, a first callback function for obtaining attribute 1-1 and attribute 1-2 can be associated with a second callback function for obtaining attribute 1-2 and attribute 1-3.
For a particular Device, Device attributes will exist on multiple planes depending on the driver it uses — for example, in addition to the Device Tree plane, the USB disk will be registered with Device attributes on both the Service and USB planes at least. Still taking fig. 4 as an example, starting from the Device attributes such as attribute 1-1, attribute 1-2, attribute 1-3, etc. of the IO Device in the Device Tree plane, the Device attributes existing in other planes, such as attribute 2-1, attribute 2-2, attribute 2-3, etc. existing in the Service plane, are found according to the association relationship between the planes. Further, it is understood that although fig. 4 only shows the Service plane and the Device Tree plane, the IO Device registry of the operating system may obviously include more planes, and in different operating systems, different plane names may be used. To sum up, each plane of the IO device registry of the operating system forms a hierarchical structure having an association relationship, and the device attribute of the IO device is determined according to the distribution of the first attribute of the IO device and the second attribute of the IO device in the device tree plane of the IO device registry and the hierarchical structure.
In step S104, a device type of the IO device is determined according to the device attribute. The device attributes acquired from the IO device registry are subjected to unified normalization processing, such as attributes about storage devices (e.g., blockastockevice, blockastockservics), attributes about mobile devices (e.g., removable, external), attributes about network storage, and the like, are acquired, and then the device type of the IO device is determined.
In particular, the obtained device attributes may be classified into one or more of the following: the mobile storage attribute, the network storage attribute and whether the disk mounted by the equipment is the disk where the operating system is located. Further, fig. 2 is a schematic diagram of a main flow of a method for determining an IO device type according to a second embodiment of the present invention. In step S201, device attributes of the IO device are determined (e.g., according to step S103 of fig. 1).
In step S202, it is first determined whether the IO device has a mount path, and if the mount path does not exist, in step S203, it is determined that the IO device is another device, that is, a non-IO device.
If the mount path exists, in step S204, it is determined whether the IO device has a network storage attribute, for example, it is determined whether the file system corresponding to the IO device is one of smbfs, nfs, afpfs, and webdav, and if the file system corresponding to the IO device is one of the foregoing, in step S205, it is determined that the IO device is a network storage device.
If it is determined that the IO device does not have the network storage attribute, in step S206, it is determined whether the IO device has the mobile storage attribute, for example, whether the IO device is removable (removable), if it is determined that the IO device has the mobile storage attribute, in steps S207 and S209, it is determined whether the IO device has the CDROM attribute and the DVD attribute, respectively, and in steps S208 and S210, it is determined whether the IO device is a CD device and a DVD device, respectively. If the IO device is determined to have neither CDROM attribute nor DVD attribute, the IO device is judged to be other mobile storage device (for example, U disk)
If it is determined that the IO device does not have the mobile storage attribute, in step S212, it is determined whether the disk mounted by the IO device is a disk where the operating system is located, if yes, in S213, it is determined that the IO device is a system disk, otherwise, in S214, it is determined that the IO device is a non-system disk.
At this point, according to the device attribute of the IO device, it may be determined that the device type of the IO device is one of a network storage device, a CD device, a DVD device, other mobile storage devices, and the like. It is understood that the step sequence shown in fig. 2 is not the only execution sequence, for example, steps S204 and S206 may be exchanged, and steps S207 and S209 may also be exchanged, that is, the step sequence shown in fig. 2 does not limit the specific execution sequence of the present invention.
Further, after obtaining device attributes of the IO device, the IO device may be described using a predefined format. In one example, an IO device is described as
BUS_TYPE=USB/BUS_USB_VID=0781/BUS_USB_PID=557d/BUS_USB_REV=0100/BUS_USB_SERIAL=4C530009650607102204/BUS_USB_PRODUCT_NAME=Cruzer
Force/BUS_USB_VENDOR=SanDisk/OS_TYPE=OSX/VOLUME_PATH=\Volumes\NeoKylin-De
That is, the IO device has a bus type of USB, a vendor id (vid) of 0781, a product identification number (PID) of 557d, a revision of 0100, a serial number of "4C 530009657102204", a product name of "Cruzer Force", a vendor name of "SanDisk", an operating system type of "OSX", and a volume path of "\\ Volumes \ NeoKylin-De".
Fig. 3 is a schematic diagram of a main flow of a method for setting a disable range according to an IO device type according to an embodiment of the present invention.
In step S301, a device type of the IO device is determined according to the collected device attributes (e.g., according to S103 and S104 in fig. 1). In step S302, a disable range of the IO device is set according to the device type. The forbidden ranges include one or more of the following: forbidden IP address range, forbidden time range, forbidden device type. For example, a mobile storage device (e.g., a U disk) is prohibited from being used on a computer with an IP section between 192.168.1.1-100, or the mobile storage device is used in a read-only manner on the address section. As another example, between 0:00 and 9:00, the computer may be prohibited from using the network storage device, but may use the removable storage device. As another example, in either case, the use of the network storage device is prohibited.
Fig. 5 is a schematic diagram of a main structure of an apparatus for determining an IO device type according to an embodiment of the present invention. As shown in fig. 5, the apparatus for determining an IO device type includes a first monitoring module, a second monitoring module, a device attribute determining module, and a device type determining module.
The first monitoring module is used for monitoring a first event triggered by the communication between the IO equipment and an operating system and identifying a first attribute of the IO equipment; a second monitoring module, configured to monitor a second event triggered when the IO device is mounted to the operating system, and identify a second attribute of the IO device, where the second attribute of the IO device includes a mounting path of the IO device with respect to the operating system; the device attribute determining module is used for determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system; and the device type determining module is used for determining the device type of the IO device according to the device attribute.
The apparatus for determining the IO device type shown in fig. 5 may perform the embodiments described in fig. 1, fig. 2, and fig. 3.
Fig. 6 illustrates an exemplary system architecture 600 to which the method of determining IO device types of embodiments of the present invention may be applied.
As shown in fig. 6, the system architecture 600 may include terminal devices 601, 602, 603, a network 604, and a server 605. The network 604 serves to provide a medium for communication links between the terminal devices 601, 602, 603 and the server 605. Network 604 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
The terminal devices 601, 602, 603 may be used to interact with a server 605 over a network 604 to receive or send messages or the like. Specifically, the terminal devices 601, 602, 603 may be devices configured with a disabling policy, and the like. The method of the present invention may be implemented on the terminal devices 601, 602, and 603, for example, software for determining the device type of the IO device is installed on the terminal devices, and a user interface for setting the disabling policy is provided, so that an administrator sets the disabling policy related to the IO device according to the actual situation.
The server 605 may be a server providing various services, for example, a server determining a device attribute of an IO device by monitoring an IO device first attribute and an IO device second attribute of the IO device on the terminal devices 601, 602, and 603, and further determining a device type of the IO device. The server 605 may also provide a user interface for setting the disabling policy, so that an administrator may set the disabling policy related to the IO device according to the actual situation, and then send the set disabling policy to the terminal devices 601, 602, 603.
It should be understood that the number of terminal devices, networks, and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 7, a block diagram of a computer system 700 suitable for use in implementing embodiments of the present invention is shown. The computer system illustrated in FIG. 7 is only an example and should not impose any limitations on the scope of use or functionality of embodiments of the invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the system 700 are also stored. The CPU 701, the ROM 702, and the RAM 703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 701.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: monitoring a first event triggered by the communication between the IO equipment and an operating system, and identifying a first attribute of the IO equipment; monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device, wherein the second attribute of the IO device comprises a mounting path of the IO device with respect to the operating system; determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system; and determining the device type of the IO device according to the device attribute.
According to the technical scheme of the embodiment of the invention, firstly, the attributes of the IO equipment on each plane of an operating system are gradually and comprehensively determined according to the equipment related attributes of the IO equipment and the related attributes of the mounted disk obtained through monitoring, so that the type of the IO equipment is accurately determined, the forbidden range is set for the IO equipment according to the type of the IO equipment, and the fine management is realized.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A method for determining an IO device type, comprising:
monitoring a first event triggered by the communication between the IO equipment and an operating system, and identifying a first attribute of the IO equipment;
monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device, wherein the second attribute of the IO device comprises a mounting path of the IO device with respect to the operating system;
determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system;
and determining the device type of the IO device according to the device attribute.
2. The method of claim 1, wherein,
the monitoring a first event triggered by the communication between the IO device and an operating system includes: monitoring a notification message triggered after the IO device is inserted into the physical device where the operating system is located by using a first callback function;
the monitoring a second event triggered by the IO device being mounted to the operating system, and identifying a second attribute of the IO device includes: and monitoring a notification message triggered after the IO device is mounted to a disk defined by the operating system by using a second callback function.
3. The method according to claim 1, wherein the determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and/or the second attribute of the IO device in each plane of an IO device registry of the operating system includes:
and determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and/or the second attribute of the IO device in the device tree plane of the IO device registry and the hierarchical structure.
4. The method of claim 1, the device attributes comprising one or more of: the mobile storage attribute, the network storage attribute and whether the disk mounted by the equipment is the disk where the operating system is located.
5. The method of claim 4, wherein,
if the IO equipment attribute has the mobile storage attribute, the IO equipment is mobile storage equipment;
if the IO equipment attribute has the network storage attribute, the IO equipment is network storage equipment;
and if the device attribute indicates that the disk mounted by the device is the disk where the operating system is located, the IO device is a system disk.
6. The method of any of claims 1-5, further comprising: and setting the forbidden range of the IO equipment according to the equipment type.
7. The method of claim 6, wherein the forbidden range comprises one or more of: forbidden IP address range, forbidden time range, forbidden device type.
8. An apparatus for determining an IO device type, comprising:
the first monitoring module is used for monitoring a first event triggered by the communication between the IO equipment and an operating system and identifying a first attribute of the IO equipment;
a second monitoring module, configured to monitor a second event triggered when the IO device is mounted to the operating system, and identify a second attribute of the IO device, where the second attribute of the IO device includes a mounting path of the IO device with respect to the operating system;
the device attribute determining module is used for determining the device attribute of the IO device according to the distribution of the first attribute of the IO device and the second attribute of the IO device on each plane of an IO device registry of the operating system;
and the device type determining module is used for determining the device type of the IO device according to the device attribute.
9. A server for determining an IO device type, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110832168.9A CN113485895A (en) | 2021-07-22 | 2021-07-22 | Method and device for determining IO device type |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110832168.9A CN113485895A (en) | 2021-07-22 | 2021-07-22 | Method and device for determining IO device type |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113485895A true CN113485895A (en) | 2021-10-08 |
Family
ID=77943372
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110832168.9A Pending CN113485895A (en) | 2021-07-22 | 2021-07-22 | Method and device for determining IO device type |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113485895A (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6026402A (en) * | 1998-01-07 | 2000-02-15 | Hewlett-Packard Company | Process restriction within file system hierarchies |
| US20110153697A1 (en) * | 2005-09-15 | 2011-06-23 | Computer Assoicates Think, Inc. | Automated Filer Technique for Use in Virtualized Appliances and Applications |
| CN106203187A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | The USB storage device method for limiting of a kind of filter Driver on FSD and system |
| US20170060431A1 (en) * | 2015-09-02 | 2017-03-02 | Commvault Systems, Inc. | Migrating data to disk without interrupting running backup operations |
| CN107423157A (en) * | 2017-07-31 | 2017-12-01 | 北京雷石天地电子技术有限公司 | A kind of hard disk hanging method, module and operating system |
| CN107483434A (en) * | 2017-08-10 | 2017-12-15 | 郑州云海信息技术有限公司 | The management system and method for a kind of movable storage device |
| CN109254796A (en) * | 2018-08-13 | 2019-01-22 | 深圳市德名利电子有限公司 | A kind of upper disk configuration method and host of USB device |
| CN111027046A (en) * | 2019-10-30 | 2020-04-17 | 厦门天锐科技股份有限公司 | Access control method and device for USB network equipment |
| US20210048987A1 (en) * | 2019-08-14 | 2021-02-18 | Palantir Technologies Inc. | Function access system |
| CN112579202A (en) * | 2020-12-17 | 2021-03-30 | 深圳软牛科技有限公司 | Method, device, equipment and storage medium for editing service program of Windows system |
| CN112818341A (en) * | 2021-01-26 | 2021-05-18 | 山东方寸微电子科技有限公司 | External device control method and device based on operating system filter layer drive |
| CN113065131A (en) * | 2019-12-31 | 2021-07-02 | 中兴通讯股份有限公司 | Plug-in safety control method, device and storage medium |
-
2021
- 2021-07-22 CN CN202110832168.9A patent/CN113485895A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6026402A (en) * | 1998-01-07 | 2000-02-15 | Hewlett-Packard Company | Process restriction within file system hierarchies |
| US20110153697A1 (en) * | 2005-09-15 | 2011-06-23 | Computer Assoicates Think, Inc. | Automated Filer Technique for Use in Virtualized Appliances and Applications |
| US20170060431A1 (en) * | 2015-09-02 | 2017-03-02 | Commvault Systems, Inc. | Migrating data to disk without interrupting running backup operations |
| CN106203187A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | The USB storage device method for limiting of a kind of filter Driver on FSD and system |
| CN107423157A (en) * | 2017-07-31 | 2017-12-01 | 北京雷石天地电子技术有限公司 | A kind of hard disk hanging method, module and operating system |
| CN107483434A (en) * | 2017-08-10 | 2017-12-15 | 郑州云海信息技术有限公司 | The management system and method for a kind of movable storage device |
| CN109254796A (en) * | 2018-08-13 | 2019-01-22 | 深圳市德名利电子有限公司 | A kind of upper disk configuration method and host of USB device |
| US20210048987A1 (en) * | 2019-08-14 | 2021-02-18 | Palantir Technologies Inc. | Function access system |
| CN111027046A (en) * | 2019-10-30 | 2020-04-17 | 厦门天锐科技股份有限公司 | Access control method and device for USB network equipment |
| CN113065131A (en) * | 2019-12-31 | 2021-07-02 | 中兴通讯股份有限公司 | Plug-in safety control method, device and storage medium |
| CN112579202A (en) * | 2020-12-17 | 2021-03-30 | 深圳软牛科技有限公司 | Method, device, equipment and storage medium for editing service program of Windows system |
| CN112818341A (en) * | 2021-01-26 | 2021-05-18 | 山东方寸微电子科技有限公司 | External device control method and device based on operating system filter layer drive |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110765422A (en) | Parameter checking method and device | |
| CN107644075B (en) | Method and device for collecting page information | |
| US11824899B2 (en) | Securely managing network connections | |
| US20180034780A1 (en) | Generation of asset data used in creating testing events | |
| CN112965879A (en) | Data processing method and device, electronic equipment and readable storage medium | |
| CN110609656A (en) | Storage management method, electronic device and computer program product | |
| US8875278B2 (en) | Dynamic allocation of network security credentials for alert notification recipients | |
| CN117131516A (en) | Operation and maintenance method and device | |
| CN113485895A (en) | Method and device for determining IO device type | |
| KR101419275B1 (en) | Data synchronizing and servicing apparatus and method based on cloud storage | |
| US10831883B1 (en) | Preventing application installation using system-level messages | |
| CN115480877A (en) | External exposure method and device of application service in multi-cluster environment | |
| CN115442129A (en) | Method, device and system for managing cluster access authority | |
| CN113761433A (en) | Service processing method and device | |
| CN111800286A (en) | Detection method and device of intranet assets and electronic equipment | |
| CN115174224B (en) | Information security monitoring method and device suitable for industrial control network | |
| US11689574B2 (en) | Optimizing security and event information | |
| US9086860B2 (en) | Bi-directional linking of product build information | |
| CN116881079A (en) | Data processing method, device, electronic equipment and storage medium | |
| CN113377629A (en) | Method and device for monitoring user abnormal codes | |
| CN113778323A (en) | File processing method and device | |
| CN115640448A (en) | Information pushing method and equipment | |
| CN113157462A (en) | Data management method, device, equipment, computer readable storage medium and system | |
| CN117201451A (en) | Device identification determining method and device, electronic device and readable medium | |
| CN113347217A (en) | Network request auditing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Yang Shengchao Inventor after: Liu Lin Inventor after: Shi Zhiqiang Inventor after: Li Shiyi Inventor before: Yang Shengchao Inventor before: Shi Zhiqiang Inventor before: Li Shiyi |