CN115309702B - File retrieval management method, device, system and equipment based on USN log - Google Patents
File retrieval management method, device, system and equipment based on USN log Download PDFInfo
- Publication number
- CN115309702B CN115309702B CN202211223869.3A CN202211223869A CN115309702B CN 115309702 B CN115309702 B CN 115309702B CN 202211223869 A CN202211223869 A CN 202211223869A CN 115309702 B CN115309702 B CN 115309702B
- Authority
- CN
- China
- Prior art keywords
- file
- attribute information
- updating
- module
- disk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 83
- 238000012545 processing Methods 0.000 claims abstract description 31
- 230000008859 change Effects 0.000 claims abstract description 22
- 238000012544 monitoring process Methods 0.000 claims abstract description 19
- 238000000034 method Methods 0.000 claims abstract description 15
- 238000001914 filtration Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 3
- 238000010276 construction Methods 0.000 description 6
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/13—File access structures, e.g. distributed indices
- G06F16/137—Hash-based
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
- G06F16/148—File search processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/172—Caching, prefetching or hoarding of files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Library & Information Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention belongs to the technical field of disk file retrieval, and particularly provides a file retrieval management method, a device, a system and equipment based on a USN log, wherein the method comprises the following steps: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database; processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal; acquiring confidential file ledger information of a management end; comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information; and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed. And reporting the file ledger to a management terminal at regular time, and updating the file through a BM updating mechanism when the version of the tagged file is changed.
Description
Technical Field
The invention relates to the technical field of disk file retrieval, in particular to a file retrieval management method, device, system and equipment based on a USN log.
Background
The file system is queried by using the USN journal (Update Sequence Number journal, USN journal), the desktop search engine eventing is a successful case, and compared with the search function of Windows, the eventing can search hundreds of thousands of files in seconds. At the first open, eventing scans the entire disk and builds an index library that does not traverse folders one by one, but rather through the properties of the NTFS file system: master File Table (MTF) and USN journal. And acquiring paths of all files by traversing the MTF table and acquiring monitoring of file modification in the USN log.
The prior art is relatively perfect in retrieval performance, but occupies a little higher memory, cannot distinguish common files from classified files, and cannot support related services of the MB. In addition, the user-defined and designated multiple directories for retrieval cannot be supported, and the scanning requirement of the user-defined is not facilitated.
Disclosure of Invention
The prior art is relatively perfect in retrieval performance, but occupies a little higher memory, cannot distinguish common files from classified files, and cannot support related services of the MB. In addition, the method, the device, the system and the equipment for file retrieval management based on the USN log can not support the user-defined designation of a plurality of directories for retrieval, and are not beneficial to the user-defined scanning requirement.
In a first aspect, a technical solution of the present invention provides a file retrieval management method based on USN logs, including the following steps:
reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time;
acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
processing the file attribute information to obtain various attribute information of the classified files, and uploading the attribute information of the classified files to a management end;
acquiring confidential file ledger information of a management end;
comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
Further, reading the USN log of the disk, initializing local directory data, and monitoring the change of the disk file in real time includes:
reading the USN log of the disk;
filtering out files and paths without permission and filtering out directory files except for user-defined settings, and constructing a disk file tree;
and starting a thread to monitor the change of the disk file in real time.
Furthermore, the files written into the disk comprise a common file and a security file, and the security file is marked when being written into the disk; the steps of obtaining the file attribute information and writing the obtained file attribute information into the file retrieval database include:
acquiring file attribute information;
judging whether the file is marked;
if yes, analyzing and acquiring various attribute information of the classified file, and writing the attribute information of the classified file into a file retrieval database;
if not, writing the file attribute information into a file retrieval database.
Further, the steps of processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to the management terminal include:
and carrying out classification statistics on the file attribute information according to the security level and the state, and uploading the attribute information of the security level file to a management terminal at regular time.
Further, the step of comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information includes:
matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file;
if the matching is successful, judging whether the version number of the successfully matched file is the latest or not;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
and if the version number is not the latest version number, generating a file queue to be updated.
Further, the method further comprises:
and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state.
In a second aspect, the technical solution of the present invention provides a file retrieval management device based on USN logs, which includes a file retrieval module, a file retrieval database, an upload module, a ledger information acquisition module, a file matching module, and a file update module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
The file retrieval module ensures that a file tree is retrieved at a high speed under the condition of low performance occupation, directory files outside user-defined settings are filtered according to the filtering of unauthorized files and paths by a user, and various MB attributes (security level, management state, DM basis, knowledge range and the like) of the security level files are obtained. And the file retrieval database stores the information in the file retrieval database and provides an inquiry and update interface. And the management terminal also provides the attribute information of the full-scale tagged file for matching use. And the uploading module is used for periodically uploading the attribute information of the tagged file to the management terminal and carrying out statistical analysis. The file matching module compares the local file with the confidential file ledger information, processes according to the comparison result, and updates the file updating module when updating is needed.
Furthermore, the file retrieval module comprises a reading unit, a construction processing unit, a monitoring starting unit, an acquisition unit, a first judgment unit, an analysis processing unit and a writing unit;
the reading unit is used for reading the USN log of the disk;
the system comprises a construction processing unit, a file tree management unit and a file management unit, wherein the construction processing unit is used for filtering out files and paths without permission, filtering out directory files except user-defined settings and constructing a disk file tree;
the monitoring starting unit is used for starting a thread to monitor the change of the disk file in real time;
an acquisition unit configured to acquire file attribute information;
the first judging unit is used for judging whether the file is marked or not;
the analysis processing unit is used for analyzing and acquiring various attribute information of the classified file if the tagged file is the tagged file;
and the writing unit is used for writing the attribute information of the classified files into the file retrieval database and writing the file attribute information into the file retrieval database.
Furthermore, the confidential file ledger information comprises a marked file hash list, and the file matching module comprises a matching unit, a second judgment unit and a generation unit;
the matching unit is used for matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by adding a mark file;
the second judging unit is used for judging whether the version number of the successfully matched file is the latest or not if the matching is successful;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
the generating unit is used for generating a file queue to be updated if the version number is not latest;
and the file updating module is used for updating the attribute information of the classified files of the file queue to be updated.
Further, the device also comprises a result reporting and updating module, which is used for reporting the updating result to the management terminal after the updating is finished and synchronously updating the statistical result of the local file management state.
In a third aspect, the technical solution of the present invention further provides a file retrieval management system based on the USN log, including a local terminal and a management end communicating with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to acquire various attribute information of the classified files and uploading the attribute information of the classified files to the management end;
the machine account information acquisition module is used for acquiring confidential file machine account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
In a fourth aspect, an embodiment of the present invention further provides an electronic device, where the electronic device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores computer program instructions executable by the at least one processor to enable the at least one processor to perform the USN log-based file retrieval management method of the first aspect.
According to the technical scheme, the invention has the following advantages: according to the method, the file tree of the current terminal is built through the USN log, the query entry is added, the tagged files are displayed to the home page according to the security level and the management state, when the security level files are changed (increase, deletion and modification), the home page can monitor the change of the security level files in real time, and the management and control on the position and the quantity of the security level files of the terminal are increased. The terminal regularly reports the file ledger to the management terminal, and when the version of the tagged file changes, the file is updated through a BM updating mechanism: for example, when a certain file in the terminal is issued, the file is retrieved and scanned to be in a formal DM state, and a prompt box is popped up to request the user to update the file attribute, thereby increasing the management and control on the version state of the terminal file.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Therefore, compared with the prior art, the invention has prominent substantive features and remarkable progress, and the beneficial effects of the implementation are also obvious.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
Fig. 2 is a schematic flow diagram of a method of another embodiment of the invention.
Fig. 3 is a schematic block diagram of an apparatus of one embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1 and 2, an embodiment of the present invention provides a file retrieval management method based on USN logs, including the following steps:
step 1: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
step 2: processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal;
and step 3: acquiring confidential file ledger information of a management end;
and 4, step 4: comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and 5: and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
In some embodiments, the files written to the disk include a normal file and a classified file, and the classified file is marked when written to the disk; reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; the steps of obtaining file attribute information and writing the obtained file attribute information into a file retrieval database include:
step 11: reading the USN log of the disk;
step 12: filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree;
step 13: starting a thread to monitor the change of a disk file in real time;
step 14: acquiring file attribute information;
step 15: judging whether the file is marked;
if yes, executing step 16, otherwise, executing step 17;
step 16: analyzing and acquiring various attribute information of the classified files, and writing the attribute information of the classified files into a file retrieval database;
and step 17: and writing the file attribute information into a file retrieval database.
In some embodiments, the step of obtaining the file attribute information and writing the obtained file attribute information into the file retrieval database further comprises:
step 1-2: and carrying out classification statistics on the file attribute information according to the security level and the state, and uploading the attribute information of the security level file to a management terminal at regular time. And calculating the marking rate in the process of classifying and counting the file attribute information according to the security level and the state, and displaying the calculated marking rate for the convenience of a user to check, wherein (the total number of the security level files/files) = 100% = the marking rate.
The confidential document ledger information comprises a tagged file hash list, and the step of comparing the file attribute information in the file retrieval database with the acquired confidential document ledger information comprises the following steps:
step 31: matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file; if the matching is successful, executing step 32, and if the matching is unsuccessful, executing step 35;
step 32: judging whether the version number of the successfully matched file is the latest or not;
if yes, go to step 35; if not, go to step 33;
step 33: generating a file queue to be updated;
step 34: updating attribute information of the classified files of the file queue to be updated; step 36 is executed;
step 35: not updating the local file;
and step 36: and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state. It should be noted that the attribute information of the classified files is updated in the present application.
As shown in fig. 3, an embodiment of the present invention provides a file retrieval management apparatus based on USN logs, including a file retrieval module, a file retrieval database, an upload module, a standing book information acquisition module, a file matching module, and a file update module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to acquire various attribute information of the classified files and uploading the attribute information of the classified files to the management end;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
In some embodiments, the file retrieval module includes a reading unit, a construction processing unit, a monitoring starting unit, an obtaining unit, a first judging unit, an analysis processing unit, and a writing unit;
the reading unit is used for reading the USN log of the disk;
the system comprises a construction processing unit, a file tree management unit and a file management unit, wherein the construction processing unit is used for filtering out files and paths without permission, filtering out directory files except user-defined settings and constructing a disk file tree;
the monitoring starting unit is used for starting a thread to monitor the change of the disk file in real time;
an acquisition unit configured to acquire file attribute information;
the first judging unit is used for judging whether the file is marked or not;
the analysis processing unit is used for analyzing and acquiring various attribute information of the confidential file if the confidential file is the tagged file;
and the writing unit is used for writing the attribute information of the classified files into the file retrieval database and writing the file attribute information into the file retrieval database.
In some embodiments, the confidential document ledger information includes a tagged document hash list, and the document matching module includes a matching unit, a second judgment unit, and a generation unit;
the matching unit is used for matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by adding a mark file;
the second judging unit is used for judging whether the version number of the successfully matched file is the latest or not if the matching is successful;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
the generating unit is used for generating a file queue to be updated if the version number is not latest;
and the file updating module is used for updating the attribute information of the classified files of the file queue to be updated.
The device also comprises a result reporting and updating module which is used for reporting the updating result to the management terminal after the updating is finished and synchronously updating the statistical result of the management state of the local file.
The embodiment of the invention also provides a file retrieval management system based on the USN log, which comprises a local terminal and a management end communicated with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for processing the file attribute information to acquire various attribute information of the classified files and uploading the attribute information of the classified files to the management end;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
The working process of the system is as follows: and the initialization file retrieval module is used for constructing a disk file tree by reading the USN log of the disk and starting a thread to monitor the change of the disk file in real time. And distinguishing directories, common files, hidden files, non-authority files and classified files, and storing the file information into a file retrieval database. The file retrieval database provides an inquiry and update interface for the file retrieval page to inquire the full data and support fuzzy inquiry, carries out classified statistics on files according to security level and state, calculates the scaling rate and uploads the inquired local security level file information to a management end at regular time; acquiring DM secret file ledger information from a management end; creating an information comparison task, matching the DM secret file ledger information with a local file retrieval table, and creating a queue of files to be updated; the task is sent to a terminal file updating module, and a popup prompts a user about a file needing to be updated, or the user updates or refuses to update in the page initiative; and after the process is finished, reporting the updating result to the management terminal, and synchronously updating the statistical result of the terminal file management state.
The terminal regularly reports the file ledger to the management terminal, and when the version of the tagged file changes, the file is updated through a BM updating mechanism: for example, when a file in the terminal is issued, the file is still in a formal DM state after being retrieved and scanned, a prompt box pops up to request the user to update the file attribute, thereby increasing the control of the version state of the file in the terminal.
An embodiment of the present invention further provides an electronic device, where the electronic device includes: the system comprises a processor, a communication interface, a memory and a bus, wherein the processor, the communication interface and the memory are communicated with each other through the bus. The bus may be used for information transfer between the electronic device and the sensor. The processor may call logic instructions in memory to perform the following method: reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database; processing the file attribute information to obtain various attribute information of the classified file, and uploading the attribute information of the classified file to a management terminal; acquiring confidential file ledger information of a management end; comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information; and processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed.
In some embodiments, the processor may call logic instructions in the memory to perform the following method: step 11: reading the USN log of the disk; step 12: filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree; step 13: starting a thread to monitor the change of a disk file in real time; step 14: acquiring file attribute information; step 15: judging whether the file is marked; if yes, executing step 16, otherwise, executing step 17; step 16: analyzing and acquiring various attribute information of the classified files, and writing the attribute information of the classified files into a file retrieval database; and step 17: and writing the file attribute information into a file retrieval database.
In some embodiments, the processor may call logic instructions in the memory to perform the following method: step 31: matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file; if the matching is successful, executing step 32, and if the matching is unsuccessful, executing step 35; step 32: judging whether the version number of the successfully matched file is the latest or not; if yes, go to step 35; if not, go to step 33; step 33: generating a file queue to be updated; step 34: updating the attribute information of the classified files of the file queue to be updated; step 36 is executed; step 35: not updating the local file; step 36: and after the updating is finished, reporting the updating result to the management terminal and synchronously updating the statistical result of the local file management state.
In addition, the logic instructions in the memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (7)
1. A file retrieval management method based on USN logs is characterized by comprising the following steps:
reading the USN log of the disk, initializing local directory data, and monitoring the change of disk files in real time;
acquiring file attribute information and writing the acquired file attribute information into a file retrieval database;
processing the file attribute information to obtain various attribute information of the classified files, and uploading the attribute information of the classified files to a management end;
acquiring confidential file ledger information of a management end;
comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
processing according to the comparison result, and updating the attribute information of the local classified file when updating is needed;
after the updating is finished, reporting the updating result to a management end and synchronously updating the statistical result of the management state of the local file;
the method comprises the following steps that secret-level file ledger information comprises a marked file hash list, and the step of comparing file attribute information in a file retrieval database with the obtained secret-level file ledger information comprises the following steps:
matching the file attribute information in the file retrieval database with the acquired confidential file ledger information by using a tagged file;
if the matching is successful, judging whether the version number of the successfully matched file is the latest;
if the matching is unsuccessful or the version number is latest, the local file is not updated;
and if the version number is not the latest version number, generating a file queue to be updated.
2. The USN log-based file retrieval management method according to claim 1, wherein the steps of reading the USN log of the disk, initializing local directory data, and monitoring a change of the disk file in real time include:
reading the USN log of the disk;
filtering out files and paths without permission and filtering out directory files except user-defined settings, and constructing a disk file tree;
and starting a thread to monitor the change of the disk file in real time.
3. The USN log-based file retrieval management method according to claim 2, wherein the file written to the disk includes a security file, and the security file is set by tagging when written to the disk; the steps of obtaining file attribute information and writing the obtained file attribute information into a file retrieval database include:
acquiring file attribute information;
judging whether the file is marked;
if yes, analyzing and acquiring various attribute information of the classified file, and writing the attribute information of the classified file into a file retrieval database;
if not, writing the file attribute information into a file retrieval database.
4. The USN log-based file retrieval management method according to claim 3, wherein the step of processing the file attribute information to obtain each item of attribute information of the classified file, and uploading the attribute information of the classified file to the management side includes:
and carrying out classification statistics on the file attribute information according to the security level and the state, and uploading the attribute information of the security level file to a management terminal at regular time.
5. A file retrieval management device based on USN logs is characterized by comprising a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the updating is needed;
the device also comprises a result reporting and updating module which is used for reporting the updating result to the management terminal after the updating is finished and synchronously updating the statistical result of the local file management state.
6. A file retrieval management system based on USN logs is characterized by comprising a local terminal and a management end communicated with the local terminal; the management end comprises a standing book information module;
the machine account information module is used for recording and storing confidential file machine account information;
the local terminal comprises a file retrieval module, a file retrieval database, an uploading module, a standing book information acquisition module, a file matching module and a file updating module;
the file retrieval module is used for reading the USN log of the disk, initializing local directory data and monitoring the change of the disk file in real time; acquiring file attribute information and writing the acquired file attribute information into a file retrieval database, wherein the file retrieval database provides a file retrieval query interface;
the uploading module is used for acquiring various attribute information of the classified files and uploading the attribute information of the classified files to the management terminal;
the platform account information acquisition module is used for acquiring confidential file platform account information of the management end;
the file matching module is used for comparing the file attribute information in the file retrieval database with the acquired confidential file ledger information;
and the file updating module is used for processing according to the comparison result and updating the attribute information of the local security file when the update is needed.
7. An electronic device, characterized in that the electronic device comprises:
at least one processor; and (c) a second step of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores computer program instructions executable by the at least one processor to enable the at least one processor to perform the USN log-based file retrieval management method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211223869.3A CN115309702B (en) | 2022-10-09 | 2022-10-09 | File retrieval management method, device, system and equipment based on USN log |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211223869.3A CN115309702B (en) | 2022-10-09 | 2022-10-09 | File retrieval management method, device, system and equipment based on USN log |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115309702A CN115309702A (en) | 2022-11-08 |
| CN115309702B true CN115309702B (en) | 2023-03-24 |
Family
ID=83867578
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211223869.3A Active CN115309702B (en) | 2022-10-09 | 2022-10-09 | File retrieval management method, device, system and equipment based on USN log |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115309702B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117056288A (en) * | 2023-08-17 | 2023-11-14 | 齐鲁空天信息研究院 | Method and system for searching and downloading server file |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111159109A (en) * | 2019-11-26 | 2020-05-15 | 陶壮壮 | Method and system for detecting file occupied by disk space |
| CN114969787A (en) * | 2022-05-31 | 2022-08-30 | 北京信果科技有限公司 | Computer terminal secrecy checking system |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100589541B1 (en) * | 2004-11-25 | 2006-06-14 | 소프트캠프(주) | Electrical transmission system in secret environment between virtual disks and Electrical transmission method thereof |
| CN103186535B (en) * | 2011-12-27 | 2016-10-19 | 腾讯科技(深圳)有限公司 | A kind of mobile terminal picture management method and equipment |
| CN105912540A (en) * | 2015-12-11 | 2016-08-31 | 乐视移动智能信息技术(北京)有限公司 | Method and device for synchronizing file system |
| CN109388952A (en) * | 2017-08-09 | 2019-02-26 | 普天信息技术有限公司 | A kind of method and apparatus of confidential document and security level identification binding |
| CN108874930A (en) * | 2018-05-31 | 2018-11-23 | 郑州云海信息技术有限公司 | File attribute information statistical method, device, system, equipment and storage medium |
| CN108763582B (en) * | 2018-06-11 | 2023-04-21 | 腾讯科技(深圳)有限公司 | File searching method, device, terminal and storage medium |
| CN111209256A (en) * | 2020-01-07 | 2020-05-29 | 深信服科技股份有限公司 | File monitoring method and device, electronic equipment and storage medium |
| CN111274207A (en) * | 2020-01-16 | 2020-06-12 | 青岛科技大学 | Novel file retrieval method and system based on data visualization analysis |
| CN112486531A (en) * | 2020-11-24 | 2021-03-12 | 航天信息股份有限公司 | Method and system for updating equipment application software |
| CN112380554A (en) * | 2020-11-26 | 2021-02-19 | 北京京航计算通讯研究所 | Electronic document encryption calibration system and method based on operating system |
-
2022
- 2022-10-09 CN CN202211223869.3A patent/CN115309702B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111159109A (en) * | 2019-11-26 | 2020-05-15 | 陶壮壮 | Method and system for detecting file occupied by disk space |
| CN114969787A (en) * | 2022-05-31 | 2022-08-30 | 北京信果科技有限公司 | Computer terminal secrecy checking system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115309702A (en) | 2022-11-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109213756B (en) | Data storage method, data retrieval method, data storage device, data retrieval device, server and storage medium | |
| CN111046034B (en) | Method and system for managing memory data and maintaining data in memory | |
| CN111612041B (en) | Abnormal user identification method and device, storage medium and electronic equipment | |
| US6947933B2 (en) | Identifying similarities within large collections of unstructured data | |
| CN104199816B (en) | The management storage of independent accessible data unit | |
| CN104769585A (en) | System and method for recursively traversing the internet and other sources to identify, gather, curate, adjudicate, and qualify business identity and related data | |
| CN112116436B (en) | Intelligent recommendation method and device, computer equipment and readable storage medium | |
| CN109062936B (en) | Data query method, computer readable storage medium and terminal equipment | |
| CN111078657A (en) | Service log query method, system, medium and equipment of distributed system | |
| CN111914294B (en) | Database sensitive data identification method and system | |
| CN115309702B (en) | File retrieval management method, device, system and equipment based on USN log | |
| CN102597966A (en) | Operation management device and operation management method | |
| JP4667362B2 (en) | Identifying similarity and revision history in large unstructured data sets | |
| CN111026961A (en) | Method and system for indexing data of interest within multiple data elements | |
| CN110888837A (en) | Object storage small file merging method and device | |
| CN111552684B (en) | Abnormal data positioning method, device, computer equipment and storage medium | |
| CN114329455B (en) | User abnormal behavior detection method and device based on heterogeneous graph embedding | |
| CN114356898A (en) | Data storage method and device, electronic equipment and storage medium | |
| CN113901037A (en) | Data management method, device and storage medium | |
| WO2015187155A1 (en) | Systems and methods for management of data platforms | |
| CN115510289A (en) | Data cube configuration method and device, electronic equipment and storage medium | |
| CN110910975B (en) | Data processing method and device for medical information | |
| CN108241640B (en) | Distributed file storage method | |
| CN110489378B (en) | Method and system for file migration in Internet | |
| CN115510144B (en) | Method and system for capturing real-time change data of database |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |