CN115309702A - File retrieval management method, device, system and equipment based on USN log - Google Patents

File retrieval management method, device, system and equipment based on USN log Download PDF

Info

Publication number
CN115309702A
CN115309702A CN202211223869.3A CN202211223869A CN115309702A CN 115309702 A CN115309702 A CN 115309702A CN 202211223869 A CN202211223869 A CN 202211223869A CN 115309702 A CN115309702 A CN 115309702A
Authority
CN
China
Prior art keywords
file
attribute information
module
updating
retrieval
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211223869.3A
Other languages
Chinese (zh)
Other versions
CN115309702B (en
Inventor
张雷
李本学
董进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongfu Information Co Ltd
Original Assignee
Zhongfu Information Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongfu Information Co Ltd filed Critical Zhongfu Information Co Ltd
Priority to CN202211223869.3A priority Critical patent/CN115309702B/en
Publication of CN115309702A publication Critical patent/CN115309702A/en
Application granted granted Critical
Publication of CN115309702B publication Critical patent/CN115309702B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/14Details of searching files based on file metadata
    • G06F16/148File search processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Library & Information Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention belongs to the technical field of disk file retrieval, and particularly provides a file retrieval management method, a device, a system and equipment based on a USN log, wherein the method comprises the following steps: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database; processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal; acquiring confidential file ledger information of a management end; comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information; and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed. And reporting the file ledger to a management terminal at regular time, and updating the file through a BM updating mechanism when the version of the tagged file is changed.

Description

File retrieval management method, device, system and equipment based on USN log
Technical Field
The invention relates to the technical field of disk file retrieval, in particular to a file retrieval management method, device, system and equipment based on a USN log.
Background
The file system is queried by using the USN journal (Update Sequence Number journal, USN journal), the desktop search engine eventing is a successful case, and compared with the search function of Windows, the eventing can search hundreds of thousands of files in seconds. On the first open, eventing scans the entire disk and builds an index base that, instead of traversing folders one by one, passes through the properties of the NTFS file system: master File Table (MTF) and USN journal. And acquiring paths of all files by traversing the MTF table and acquiring monitoring of file modification in the USN log.
The prior art is perfect in retrieval performance, but occupies a little higher memory, cannot distinguish common files from classified files, and cannot support related services of MB. In addition, the user-defined and appointed multiple directories for retrieval cannot be supported, and the scanning requirement of the user-defined is not facilitated.
Disclosure of Invention
The prior art is relatively perfect in retrieval performance, but occupies a little higher memory, cannot distinguish common files from classified files, and cannot support related services of the MB. In addition, the method, the device, the system and the equipment for file retrieval management based on the USN log can not support the user-defined designation of a plurality of directories for retrieval, and are not beneficial to the user-defined scanning requirement.
In a first aspect, a technical solution of the present invention provides a file retrieval management method based on USN logs, including the following steps:
reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time;
acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
processing the file attribute information to obtain various attribute information of the classified files, and uploading the attribute information of the classified files to a management end;
acquiring confidential file ledger information of a management end;
comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
Further, reading the USN log of the disk, initializing local directory data, and monitoring the change of the disk file in real time comprises the following steps:
reading the USN log of the disk;
filtering out files and paths without permission and filtering out directory files except for user-defined settings, and constructing a disk file tree;
and starting a thread to monitor the change of the disk file in real time.
Further, the files written into the disk comprise a common file and a security file, and the security file is marked when being written into the disk; the steps of obtaining the file attribute information and writing the obtained file attribute information into the file retrieval database include:
acquiring file attribute information;
judging whether the file is marked;
if yes, analyzing and acquiring various attribute information of the classified file, and writing the attribute information of the classified file into a file retrieval database;
if not, writing the file attribute information into the file retrieval database.
Further, the steps of processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to the management terminal include:
and carrying out classified statistics on the file attribute information according to the security classification and the state, and uploading the attribute information of the security classification file to a management terminal at regular time.
Further, the step of comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information includes:
matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file;
if the matching is successful, judging whether the version number of the successfully matched file is the latest;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
and if the version number is not up-to-date, generating a file queue to be updated.
Further, the method further comprises:
and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state.
In a second aspect, the technical solution of the present invention provides a file retrieval management device based on USN logs, which includes a file retrieval module, a file retrieval database, an upload module, a ledger information acquisition module, a file matching module, and a file update module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local classified file when updating is needed.
The file retrieval module ensures that a file tree is retrieved at a high speed under the condition of low performance occupation, directory files outside user-defined settings are filtered according to the filtering of unauthorized files and paths by a user, and various MB attributes (security level, management state, DM basis, knowledge range and the like) of the security level files are obtained. And the file retrieval database stores the information in the file retrieval database and provides an inquiry and update interface. The management terminal also provides the attribute information of the full tagged files for matching use. And the uploading module is used for periodically uploading the attribute information of the tagged file to the management terminal and carrying out statistical analysis. The file matching module compares the local file with the confidential file ledger information, processes according to the comparison result, and updates the file updating module when updating is needed.
Furthermore, the file retrieval module comprises a reading unit, a construction processing unit, a monitoring starting unit, an acquisition unit, a first judgment unit, an analysis processing unit and a writing unit;
the reading unit is used for reading the USN log of the disk;
the system comprises a construction processing unit, a file tree management unit and a file management unit, wherein the construction processing unit is used for filtering out files and paths without permission, filtering out directory files except user-defined settings and constructing a disk file tree;
the monitoring starting unit is used for starting a thread to monitor the change of the disk file in real time;
an acquisition unit configured to acquire file attribute information;
the first judging unit is used for judging whether the file is tagged or not;
the analysis processing unit is used for analyzing and acquiring various attribute information of the confidential file if the confidential file is the tagged file;
and the writing unit is used for writing the attribute information of the classified files into the file retrieval database and writing the file attribute information into the file retrieval database.
Furthermore, the confidential file ledger information comprises a marked file hash list, and the file matching module comprises a matching unit, a second judgment unit and a generation unit;
the matching unit is used for matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by adding a mark file;
the second judging unit is used for judging whether the version number of the successfully matched file is the latest or not if the matching is successful;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
the generating unit is used for generating a file queue to be updated if the version number is not latest;
and the file updating module is used for updating the attribute information of the classified files of the file queue to be updated.
Further, the device further comprises a result reporting and updating module, which is used for reporting the updating result to the management terminal after the updating is finished and synchronously updating the statistical result of the local file management state.
In a third aspect, the technical solution of the present invention further provides a file retrieval management system based on the USN log, including a local terminal and a management end communicating with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to acquire various attribute information of the classified files and uploading the attribute information of the classified files to the management end;
the machine account information acquisition module is used for acquiring confidential file machine account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local classified file when updating is needed.
In a fourth aspect, an embodiment of the present invention further provides an electronic device, where the electronic device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores computer program instructions executable by the at least one processor to enable the at least one processor to perform the USN log-based file retrieval management method of the first aspect.
According to the technical scheme, the invention has the following advantages: according to the method, the file tree of the current terminal is built through the USN log, the query entry is added, the tagged files are displayed to the home page according to the security level and the management state, when the security level files are changed (increase, deletion and modification), the home page can monitor the change of the security level files in real time, and the management and control on the position and the quantity of the security level files of the terminal are increased. The terminal regularly reports the file ledger to the management terminal, and when the version of the tagged file changes, the file is updated through a BM updating mechanism: for example, when a certain file in the terminal is issued, the file is retrieved and scanned to be in a formal DM state, and a prompt box is popped up to request the user to update the file attribute, thereby increasing the management and control on the version state of the terminal file.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Therefore, compared with the prior art, the invention has prominent substantive features and remarkable progress, and the beneficial effects of the implementation are also obvious.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
Fig. 2 is a schematic flow diagram of a method of another embodiment of the invention.
Fig. 3 is a schematic block diagram of an apparatus of one embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1 and 2, an embodiment of the present invention provides a file retrieval management method based on USN logs, including the following steps:
step 1: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
step 2: processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal;
and step 3: acquiring confidential file ledger information of a management end;
and 4, step 4: comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and 5: and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
In some embodiments, the files written to the disk include normal files and classified files, and the classified files are marked when written to the disk; reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; the steps of obtaining file attribute information and writing the obtained file attribute information into a file retrieval database include:
step 11: reading the USN log of the disk;
step 12: filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree;
step 13: starting a thread to monitor the change of a disk file in real time;
step 14: acquiring file attribute information;
step 15: judging whether the file is marked;
if yes, executing step 16, otherwise, executing step 17;
step 16: analyzing and acquiring various attribute information of the classified files, and writing the attribute information of the classified files into a file retrieval database;
and step 17: and writing the file attribute information into a file retrieval database.
In some embodiments, the step of obtaining the file attribute information and writing the obtained file attribute information into the file retrieval database further comprises:
step 1-2: and carrying out classification statistics on the file attribute information according to the security level and the state, and uploading the attribute information of the security level file to a management terminal at regular time. And calculating the scaling rate in the process of carrying out classification statistics on the file attribute information according to the security level and the state, and displaying the calculated scaling rate for the convenience of a user to check, wherein (the total number of the security level files/files) × 100% = the scaling rate.
The confidential document ledger information comprises a tagged file hash list, and the step of comparing the file attribute information in the file retrieval database with the acquired confidential document ledger information comprises the following steps:
step 31: matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file; if the matching is successful, executing step 32, and if the matching is unsuccessful, executing step 35;
step 32: judging whether the version number of the successfully matched file is the latest or not;
if yes, go to step 35; if not, go to step 33;
step 33: generating a file queue to be updated;
step 34: updating the attribute information of the classified files of the file queue to be updated; step 36 is executed;
step 35: not updating the local file;
step 36: and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state. It should be noted that the attribute information of the classified files is updated in the present application.
As shown in fig. 3, an embodiment of the present invention provides a file retrieval management apparatus based on USN logs, including a file retrieval module, a file retrieval database, an upload module, a standing book information acquisition module, a file matching module, and a file update module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to obtain various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the machine account information acquisition module is used for acquiring confidential file machine account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
In some embodiments, the file retrieval module includes a reading unit, a construction processing unit, a monitoring starting unit, an obtaining unit, a first judging unit, an analysis processing unit, and a writing unit;
the reading unit is used for reading the USN log of the disk;
the system comprises a construction processing unit, a file tree management unit and a file management unit, wherein the construction processing unit is used for filtering out files and paths without permission, filtering out directory files except user-defined settings and constructing a disk file tree;
the monitoring starting unit is used for starting a thread to monitor the change of the disk file in real time;
an acquisition unit configured to acquire file attribute information;
the first judging unit is used for judging whether the file is marked or not;
the analysis processing unit is used for analyzing and acquiring various attribute information of the classified file if the tagged file is the tagged file;
and the writing unit is used for writing the attribute information of the classified files into the file retrieval database and writing the file attribute information into the file retrieval database.
In some embodiments, the confidential file ledger information comprises a hash list of tagged files, and the file matching module comprises a matching unit, a second judgment unit and a generation unit;
the matching unit is used for matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by adding a mark file;
the second judging unit is used for judging whether the version number of the successfully matched file is the latest or not if the matching is successful;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
the generating unit is used for generating a file queue to be updated if the version number is not latest;
and the file updating module is used for updating the attribute information of the classified files of the file queue to be updated.
The device also comprises a result reporting and updating module which is used for reporting the updating result to the management terminal after the updating is finished and synchronously updating the statistical result of the management state of the local file.
The embodiment of the invention also provides a file retrieval management system based on the USN log, which comprises a local terminal and a management end communicated with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to obtain various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
The working process of the system is as follows: and the initialization file retrieval module is used for constructing a disk file tree by reading the USN log of the disk and starting a thread to monitor the change of the disk file in real time. And distinguishing the directory, the common file, the hidden file, the non-authority file and the confidential file, and storing the file information into a file retrieval database. The file retrieval database provides an inquiry and update interface for inquiring the full data of the file retrieval page and supporting fuzzy inquiry, carries out classified statistics on files according to security level and state, calculates the adding standard rate and uploads the inquired local security level file information to a management end at regular time; acquiring DM secret file ledger information from a management end; creating an information comparison task, matching DM secret level file ledger information with a local file retrieval table, and creating a queue of files to be updated; the task is sent to a terminal file updating module, and a popup prompts a user of a file needing to be updated, or the user updates or refuses to update in the page initiative; and after the process is finished, reporting the updating result to the management terminal, and synchronously updating the statistical result of the terminal file management state.
The terminal reports the file ledger to the management terminal at regular time, and when the version of the tagged file changes, the file is updated through a BM updating mechanism: for example, when a file in the terminal is issued, the file is still in a formal DM state after being retrieved and scanned, a prompt box pops up to request the user to update the file attribute, thereby increasing the control of the version state of the file in the terminal.
An embodiment of the present invention further provides an electronic device, where the electronic device includes: the system comprises a processor, a communication interface, a memory and a bus, wherein the processor, the communication interface and the memory are communicated with each other through the bus. The bus may be used for information transfer between the electronic device and the sensor. The processor may call logic instructions in memory to perform the following method: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database; processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal; acquiring confidential file ledger information of a management end; comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information; and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
In some embodiments, the processor may call logic instructions in the memory to perform the following method: step 11: reading the USN log of the disk; step 12: filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree; step 13: starting a thread to monitor the change of a disk file in real time; step 14: acquiring file attribute information; step 15: judging whether the file is marked; if yes, executing step 16, otherwise, executing step 17; step 16: analyzing and acquiring various attribute information of the classified files, and writing the attribute information of the classified files into a file retrieval database; and step 17: and writing the file attribute information into a file retrieval database.
In some embodiments, the processor may call logic instructions in the memory to perform the following method: step 31: matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file; if the matching is successful, executing step 32, and if the matching is unsuccessful, executing step 35; step 32: judging whether the version number of the successfully matched file is the latest or not; if yes, go to step 35; if not, go to step 33; step 33: generating a file queue to be updated; step 34: updating attribute information of the classified files of the file queue to be updated; step 36 is executed; step 35: not updating the local file; step 36: and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state.
In addition, the logic instructions in the memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention or a part thereof which substantially contributes to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk, and various media capable of storing program codes.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions should be within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure and the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (10)

1. A file retrieval management method based on a USN log is characterized by comprising the following steps:
reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time;
acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal;
acquiring confidential file ledger information of a management end;
comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
2. The USN log-based file retrieval management method according to claim 1, wherein the steps of reading the USN log of the disk, initializing local directory data, and monitoring a change of the disk file in real time include:
reading the USN log of the disk;
filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree;
and starting a thread to monitor the change of the disk file in real time.
3. The USN log-based file retrieval management method according to claim 2, wherein the file written to the disk includes a security file, and a tagging setting is performed when the security file is written to the disk; the steps of obtaining the file attribute information and writing the obtained file attribute information into the file retrieval database include:
acquiring file attribute information;
judging whether the file is marked;
if yes, analyzing and acquiring various attribute information of the classified file, and writing the attribute information of the classified file into a file retrieval database;
if not, writing the file attribute information into the file retrieval database.
4. The USN log-based file retrieval management method according to claim 3, wherein the step of processing the file attribute information to obtain each item of attribute information of the classified files and uploading the attribute information of the classified files to the management end comprises:
and carrying out classified statistics on the file attribute information according to the security classification and the state, and uploading the attribute information of the security classification file to a management terminal at regular time.
5. The USN-log-based file retrieval management method according to claim 4, wherein the confidential document ledger information includes a tagged file hash list, and the step of comparing the file attribute information in the file retrieval database with the acquired confidential document ledger information includes:
matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file;
if the matching is successful, judging whether the version number of the successfully matched file is the latest or not;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
and if the version number is not up-to-date, generating a file queue to be updated.
6. The USN log-based file retrieval management method of claim 5, wherein the method further comprises:
and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state.
7. A file retrieval management device based on USN logs is characterized by comprising a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the machine account information acquisition module is used for acquiring confidential file machine account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local classified file when updating is needed.
8. The USN log-based file retrieval management device according to claim 7, wherein the device further includes a result reporting and updating module, configured to report an update result to the management terminal after the update is completed, and update the statistical result of the local file management state synchronously.
9. A file retrieval management system based on USN logs is characterized by comprising a local terminal and a management end communicated with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
10. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores computer program instructions executable by at least one processor to enable the at least one processor to perform the USN log-based file retrieval management method of any of claims 1-6.
CN202211223869.3A 2022-10-09 2022-10-09 File retrieval management method, device, system and equipment based on USN log Active CN115309702B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211223869.3A CN115309702B (en) 2022-10-09 2022-10-09 File retrieval management method, device, system and equipment based on USN log

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211223869.3A CN115309702B (en) 2022-10-09 2022-10-09 File retrieval management method, device, system and equipment based on USN log

Publications (2)

Publication Number Publication Date
CN115309702A true CN115309702A (en) 2022-11-08
CN115309702B CN115309702B (en) 2023-03-24

Family

ID=83867578

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211223869.3A Active CN115309702B (en) 2022-10-09 2022-10-09 File retrieval management method, device, system and equipment based on USN log

Country Status (1)

Country Link
CN (1) CN115309702B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117056288A (en) * 2023-08-17 2023-11-14 齐鲁空天信息研究院 Method and system for searching and downloading server file

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080229041A1 (en) * 2004-11-25 2008-09-18 Softcamp Co., Ltd. Electrical Transmission System in Secret Environment Between Virtual Disks and Electrical Transmission Method Thereof
CN103186535A (en) * 2011-12-27 2013-07-03 腾讯科技(深圳)有限公司 Mobile terminal picture management method and equipment
CN105912540A (en) * 2015-12-11 2016-08-31 乐视移动智能信息技术(北京)有限公司 Method and device for synchronizing file system
CN108763582A (en) * 2018-06-11 2018-11-06 腾讯科技(深圳)有限公司 File search method, device, terminal and storage medium
CN108874930A (en) * 2018-05-31 2018-11-23 郑州云海信息技术有限公司 File attribute information statistical method, device, system, equipment and storage medium
CN109388952A (en) * 2017-08-09 2019-02-26 普天信息技术有限公司 A kind of method and apparatus of confidential document and security level identification binding
CN111159109A (en) * 2019-11-26 2020-05-15 陶壮壮 Method and system for detecting file occupied by disk space
CN111209256A (en) * 2020-01-07 2020-05-29 深信服科技股份有限公司 File monitoring method and device, electronic equipment and storage medium
CN111274207A (en) * 2020-01-16 2020-06-12 青岛科技大学 Novel file retrieval method and system based on data visualization analysis
CN112380554A (en) * 2020-11-26 2021-02-19 北京京航计算通讯研究所 Electronic document encryption calibration system and method based on operating system
CN112486531A (en) * 2020-11-24 2021-03-12 航天信息股份有限公司 Method and system for updating equipment application software
CN114969787A (en) * 2022-05-31 2022-08-30 北京信果科技有限公司 Computer terminal secrecy checking system

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080229041A1 (en) * 2004-11-25 2008-09-18 Softcamp Co., Ltd. Electrical Transmission System in Secret Environment Between Virtual Disks and Electrical Transmission Method Thereof
CN103186535A (en) * 2011-12-27 2013-07-03 腾讯科技(深圳)有限公司 Mobile terminal picture management method and equipment
CN105912540A (en) * 2015-12-11 2016-08-31 乐视移动智能信息技术(北京)有限公司 Method and device for synchronizing file system
CN109388952A (en) * 2017-08-09 2019-02-26 普天信息技术有限公司 A kind of method and apparatus of confidential document and security level identification binding
CN108874930A (en) * 2018-05-31 2018-11-23 郑州云海信息技术有限公司 File attribute information statistical method, device, system, equipment and storage medium
CN108763582A (en) * 2018-06-11 2018-11-06 腾讯科技(深圳)有限公司 File search method, device, terminal and storage medium
CN111159109A (en) * 2019-11-26 2020-05-15 陶壮壮 Method and system for detecting file occupied by disk space
CN111209256A (en) * 2020-01-07 2020-05-29 深信服科技股份有限公司 File monitoring method and device, electronic equipment and storage medium
CN111274207A (en) * 2020-01-16 2020-06-12 青岛科技大学 Novel file retrieval method and system based on data visualization analysis
CN112486531A (en) * 2020-11-24 2021-03-12 航天信息股份有限公司 Method and system for updating equipment application software
CN112380554A (en) * 2020-11-26 2021-02-19 北京京航计算通讯研究所 Electronic document encryption calibration system and method based on operating system
CN114969787A (en) * 2022-05-31 2022-08-30 北京信果科技有限公司 Computer terminal secrecy checking system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
朱晓黎: "电子文件定密管理的信息化实践", 《信息与电脑(理论版)》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117056288A (en) * 2023-08-17 2023-11-14 齐鲁空天信息研究院 Method and system for searching and downloading server file

Also Published As

Publication number Publication date
CN115309702B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
US10102253B2 (en) Minimizing index maintenance costs for database storage regions using hybrid zone maps and indices
CN109213756B (en) Data storage method, data retrieval method, data storage device, data retrieval device, server and storage medium
CN107491487B (en) Full-text database architecture and bitmap index creation and data query method, server and medium
AU2013329525C1 (en) System and method for recursively traversing the internet and other sources to identify, gather, curate, adjudicate, and qualify business identity and related data
CN111078657A (en) Service log query method, system, medium and equipment of distributed system
CN101105795A (en) Network behavior based personalized recommendation method and system
CN102597966B (en) Operation management device and operation management method
CN103853802B (en) Device and method for indexing digital content
CN109062936B (en) Data query method, computer readable storage medium and terminal equipment
CN107832333B (en) Method and system for constructing user network data fingerprint based on distributed processing and DPI data
CN115309702B (en) File retrieval management method, device, system and equipment based on USN log
CN110888837B (en) Object storage small file merging method and device
CN101739412A (en) Web page safety evaluating device and web page safety evaluating method for intelligent card
CN114329455A (en) User abnormal behavior detection method and device based on heterogeneous graph embedding
CN114356898A (en) Data storage method and device, electronic equipment and storage medium
CN112307297A (en) User identification unification method and system based on priority rule
CN115510289B (en) Data cube configuration method and device, electronic equipment and storage medium
CN110555021B (en) Data storage method, query method and related device
CN116186116A (en) Asset problem analysis method based on equal protection assessment
CN111597235B (en) Data processing method and device and electronic equipment
CN112269807A (en) Configurable credit file retrieval method and system based on Elasticissearch technology
CN108241640B (en) Distributed file storage method
CN110489378B (en) Method and system for file migration in Internet
CN115604040B (en) Abnormal access behavior identification method based on IP access sequence
CN115510144B (en) Method and system for capturing real-time change data of database

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant