CN1558600A - File protection method based on user protection rule - Google Patents
File protection method based on user protection rule Download PDFInfo
- Publication number
- CN1558600A CN1558600A CNA2004100139608A CN200410013960A CN1558600A CN 1558600 A CN1558600 A CN 1558600A CN A2004100139608 A CNA2004100139608 A CN A2004100139608A CN 200410013960 A CN200410013960 A CN 200410013960A CN 1558600 A CN1558600 A CN 1558600A
- Authority
- CN
- China
- Prior art keywords
- file
- user
- safeguard rule
- protected
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012544 monitoring process Methods 0.000 claims abstract description 7
- 230000007246 mechanism Effects 0.000 claims description 7
- MKZGVLPHKXXSSG-UHFFFAOYSA-N ethyl n-[4-[benzyl(2-phenylethyl)amino]-2-[4-(trifluoromethyl)phenyl]-1h-imidazo[4,5-c]pyridin-6-yl]carbamate Chemical compound N=1C(NC(=O)OCC)=CC=2NC(C=3C=CC(=CC=3)C(F)(F)F)=NC=2C=1N(CC=1C=CC=CC=1)CCC1=CC=CC=C1 MKZGVLPHKXXSSG-UHFFFAOYSA-N 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 2
- 230000000737 periodic effect Effects 0.000 claims description 2
- 238000011084 recovery Methods 0.000 claims 1
- 238000000205 computational method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
A file protection method based on user protection rule which is conducted on the basis of network server filing system, wherein the user file protection method comprises file name of protected document, monitoring time interval, file monitoring attribute and whether recording alarm log, the invention realizes increases safety control capability for the filing system of the network server, and automatic file protection can be provided automatically.
Description
Technical field
The present invention relates to the webserver, particularly a kind of file integrality guard method based on user's safeguard rule.
Background technology
The webserver is widely used in various network information systems such as portal website, E-Government, ecommerce.The safety problem of information system more and more comes into one's own.In information system, the file system of the webserver has comprised a large amount of important executable programs, system configuration and user profile, is the main object of system attack always.On the other hand, file system still is the carrier of security mechanisms such as operating system itself, authenticating user identification and access control.The file security protective capability of the webserver must be strengthened.Present document protection method lacks flexibly that the user protects the policy selection ability, needs manual process frequently, does not have special consideration for the protection of file protect use characteristic information.Therefore, the file protect ability of the webserver is not enough at present, needs further to improve aspect security of system, use flexibility and convenience.
Summary of the invention
Main purpose of the present invention is more weak to the safety assurance ability of file system at the present webserver and problem that can not provide autofile to protect; provide a kind of and can avoid a large amount of loaded down with trivial details manual operationss; can formulate the document protection method that safeguard rule carries out safeguard protection according to the user; realization is for the protection of file protect self use characteristic information, to improve the security service performance of the webserver.
For realizing described purpose of the present invention, the invention provides a kind of document protection method based on user's safeguard rule, this method may further comprise the steps: (1) if there is new safeguard rule to need initialization, then execution in step 2, otherwise forward step 6 to; (2) read new safeguard rule; (3) spanned file feature database and file backup; (4) generate regularly protected file set; (5) if also have other new safeguard rule, then forward step 2 to; (6) start timing and protect trigger mechanism; (7) read regularly protected file set; (8) file is protected processing in the fetch protection file set; (9) if also have other file in the protected file set, then forward step 8 to; (10) finish.
Characteristics of the present invention are: adopt the webserver of the present invention that the safety assurance ability of file system is improved; the problem of autofile protection can be provided; avoid a large amount of loaded down with trivial details manual operationss; realization is formulated the document protection method that safeguard rule carries out safeguard protection according to the user; especially realize protection, improve the security service performance of the webserver greatly for file protect self use characteristic information.
Below in conjunction with accompanying drawing most preferred embodiment is elaborated.
Description of drawings
Fig. 1 is the structural representation of file protection mechanism in the expression webserver for the present invention
Fig. 2 is the flow chart of the inventive method
Fig. 3 is the flow chart of file observation process of the present invention
Embodiment
As shown in Figure 1; the network server file protection mechanism is on the basis of legacy network server file system 10; increase functional modules such as rule processor 12, file protect device 11 and file back-up device 16, and add data structures such as user file safeguard rule 13, internal file backup library 15, timing safeguard rule set 14, alarm log 17.For realizing the file protect function based on the user file safeguard rule, the protection that the user formulates requires by 13 definition of user file safeguard rule.For the user file safeguard rule,, form regularly safeguard rule set 14, internal file backup library 15 and be placed on file characteristic storehouse and file backup library in the file back-up device 16 by the initialization process of rule processor 12.File protect device 11 is according to timing safeguard rule set 14, and the file 10 of regular appointment is carried out periodic monitor and protection, and registration alarm log 17.
Method of the present invention as shown in Figure 2.Step 20 is initial actuatings.Step 21 judges whether the file protect rule of user's redetermination, if execution in step 22 then; Otherwise execution in step 26.User file guard method by protected file name, Looking Out Time at interval, the surveillance attribute of file and whether write down alarm log etc. and constitute.Minimum supervision at interval of system definition was as 0.1 second.Looking Out Time is spaced apart the minimum multiple that monitors the interval, but value is 1,3,5,7 equimultiple values.The surveillance attribute of file comprises file content, file attribute.File content is the surveillance attribute of acquiescence, and other file attribute can be surveillance attribute by the file protect rule definition.Step 22 reads new user's safeguard rule.Step 23 generates the used file characteristic value of protected file according to safeguard rule, carries out the file backup.To the protected file calculation document characteristic value of regular appointment, file content F is calculated hash function, as MD5 (F), resultant value is the file characteristic value.File characteristic value and file monitoring attribute, the file backup of protected file are stored in file characteristic storehouse and file backup library in the file back-up device of strange land respectively.Deposit the file backup in the internal file backup library simultaneously.Step 24 generates regularly protected file set according to safeguard rule.Regularly safeguard rule set 14 is to have the identical set of file at interval that monitors, each element is made up of filename and surveillance attribute.The protected file sign is put into the corresponding set that monitors timing safeguard rule at interval.Step 25 differentiates whether also have new user policy, continues to handle if then forward step 22 to; Otherwise forward step 26 to.
Fig. 3 describes Fig. 2 step 28 in detail, and its effect is monitoring and maintenance documentation integrality, makes vital document avoid unauthorised broken.The step 280 of Fig. 3 is an initial state.Step 281 reads the file monitoring attribute, as file access authority, size and access time etc.Step 282 is calculated the file characteristic value of protected file, and computational methods are identical with step 23.Step 283 is stored in the file attribute that obtains and characteristic value during with initialization in the file characteristic storehouse character pair value and compares.Step 284 judges whether to equate, if more all equate then do not need special processing, forwards step 287 to; Otherwise execution in step 285.Step 285 is carried out file protect and is recovered to handle.Utilize file characteristic storehouse and backup library data that reformed file attribute or file content are recovered.When file content is recovered, earlier judge whether file available in the inner backup library, the characteristic value that promptly compares file in the backup library whether with the file characteristic storehouse in the characteristic value of storing whether identical.If identical then internally backup library obtain restore data; Otherwise from the file back-up device of strange land, obtain.Step 286 is reported to the police and recording processing.Write protection action record in the system alarm daily record.Step 287 is the done state of Fig. 3.
Claims (6)
1, a kind of document protection method based on user's safeguard rule, on the basis of network server file system 10, carry out, it is characterized in that the user file guard method by protected file name, Looking Out Time at interval, the surveillance attribute of file and whether write down alarm log etc. and constitute, and may further comprise the steps: (1) is if there is new safeguard rule to need initialization, then execution in step 2, otherwise forward step 6 to; (2) read new safeguard rule; (3) spanned file feature database and file backup; (4) generate regularly protected file set; (5) if also have other new safeguard rule, then forward step 2 to; (6) start timing and protect trigger mechanism; (7) read regularly protected file set; (8) file is protected processing in the fetch protection file set; (9) if also have other file in the protected file set, then forward step 8 to; (10) finish.
2, by the described document protection method of claim 1 based on user's safeguard rule; the method that it is characterized in that the network server file protection is on the basis of legacy network server file system 10; increase rule processor 12, file protect device 11 and file back-up device 16 and carry out above-mentioned user file guard method, and add user file safeguard rule 13, internal file backup library 15, timing safeguard rule set 14, alarm log 17 data structures.
3, by the described document protection method of claim 1 based on user's safeguard rule, it is characterized in that for the user file guard method, by the initialization process of rule processor 12, form regularly safeguard rule set 14, internal file backup library 15 and be placed on file characteristic storehouse and file backup library in the file back-up device 16; Define minimum a supervision at interval, Looking Out Time is spaced apart the minimum multiple at interval that monitors, value is 1,3,5,7 equimultiple values; Regularly safeguard rule set 14 is to have the identical set of file at interval that monitors, each element is made up of filename and surveillance attribute; To the protected file calculation document characteristic value of regular appointment, file content F is calculated hash function, resultant value is the file characteristic value; File characteristic value and file monitoring attribute, the file backup of protected file are stored in file characteristic storehouse and file backup library in the file back-up device of strange land respectively; Deposit the file backup in the internal file backup library simultaneously; File protect device 11 is according to timing safeguard rule set 14, and the file 10 of regular appointment is carried out periodic monitor and protection, and registration alarm log 17.
4, by the described document protection method of claim 1 based on user's safeguard rule, it is characterized in that after trigger mechanism is regularly protected in described startup the file protect device being started working according to the set of timing safeguard rule: step 27 obtains a regularly safeguard rule set, and it is to carry out the set of protected file by having identical fixed time interval in the system; Identical with the safeguard rule definition, be the timing safeguard rule set at interval of 1,3,5,7 equimultiples; Step 28 is chosen in the protection set file and is protected processing.
5, by the described document protection method of claim 4 based on user's safeguard rule, it is characterized in that described step 28 chooses in the protection set file and protect the step of processing to be: from step 280 initial state, read the file monitoring attribute through step 281, step 282 is calculated the file characteristic value of protected file, step 283 is stored in the file attribute that obtains and characteristic value during with initialization in the file characteristic storehouse character pair value and compares, step 284 judges whether to equate, if more all equate then do not need special processing, forward step 287 to; Otherwise execution in step 285; Step 285 is carried out file protect and is recovered to handle; Step 286 is reported to the police and recording processing; Write protection action record in the system alarm daily record; Step 287 finishes.
6, by the described document protection method of claim 5 based on user's safeguard rule, it is characterized in that the step of carrying out file protect recovery processing is: utilize file characteristic storehouse and backup library data that reformed file attribute or file content are recovered, when file content is recovered, earlier judge whether file available in the inner backup library, the characteristic value that promptly compares file in the backup library whether with the file characteristic storehouse in the characteristic value of storing whether identical; If identical then internally backup library obtain restore data; Otherwise from the file back-up device of strange land, obtain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100139608A CN100499476C (en) | 2004-01-19 | 2004-01-19 | File protection method based on user protection rule |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100139608A CN100499476C (en) | 2004-01-19 | 2004-01-19 | File protection method based on user protection rule |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1558600A true CN1558600A (en) | 2004-12-29 |
| CN100499476C CN100499476C (en) | 2009-06-10 |
Family
ID=34351212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100139608A Expired - Fee Related CN100499476C (en) | 2004-01-19 | 2004-01-19 | File protection method based on user protection rule |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100499476C (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087237B (en) * | 2007-07-03 | 2010-07-14 | 中兴通讯股份有限公司 | A magnetic array share file system and its implementation method |
| CN101231682B (en) * | 2007-01-26 | 2011-01-26 | 李贵林 | Computer information safe method |
| WO2011111055A1 (en) * | 2010-03-10 | 2011-09-15 | Hewlett-Packard Development Company, L.P. | Data protection |
| WO2013135137A1 (en) * | 2012-03-16 | 2013-09-19 | 腾讯科技(深圳)有限公司 | System file repair method and apparatus |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1175351C (en) * | 2001-12-04 | 2004-11-10 | 上海复旦光华信息科技股份有限公司 | Automatic SOLARIS process protecting system |
-
2004
- 2004-01-19 CN CNB2004100139608A patent/CN100499476C/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101231682B (en) * | 2007-01-26 | 2011-01-26 | 李贵林 | Computer information safe method |
| CN101087237B (en) * | 2007-07-03 | 2010-07-14 | 中兴通讯股份有限公司 | A magnetic array share file system and its implementation method |
| WO2011111055A1 (en) * | 2010-03-10 | 2011-09-15 | Hewlett-Packard Development Company, L.P. | Data protection |
| WO2013135137A1 (en) * | 2012-03-16 | 2013-09-19 | 腾讯科技(深圳)有限公司 | System file repair method and apparatus |
| US9535781B2 (en) | 2012-03-16 | 2017-01-03 | Tencent Technology (Shenzhen) Company Limited | System file repair method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100499476C (en) | 2009-06-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10169586B2 (en) | Ransomware detection and damage mitigation | |
| CN102081722B (en) | Method and device for protecting appointed application program | |
| CN102902928B (en) | Method and device for webpage integrity assurance | |
| US9069955B2 (en) | File system level data protection during potential security breach | |
| US9317686B1 (en) | File backup to combat ransomware | |
| King et al. | Backtracking intrusions | |
| US8423510B2 (en) | Real time backup system for computer users | |
| US20110082838A1 (en) | Computer security method and apparatus | |
| CN103020524A (en) | Computer virus monitoring system | |
| US7512979B1 (en) | Log file protection system | |
| US8721738B1 (en) | System and method for ensuring security of data stored on data storage devices | |
| JP2010146457A (en) | Information processing system and program | |
| US10896085B2 (en) | Mitigating actions | |
| May et al. | Combating ransomware using content analysis and complex file events | |
| US8528105B1 (en) | System and method for ensuring security of data stored on electronic computing devices | |
| CN108287779A (en) | A kind of Windows startup items monitoring method and system | |
| CN100499476C (en) | File protection method based on user protection rule | |
| US7620983B1 (en) | Behavior profiling | |
| CN103984622A (en) | Method and device for managing logs for Linux-based GPON ONU (Gigabit Passive Optical Network Optical Unit) equipment | |
| CN106354773A (en) | Method and device for data storage of application programs | |
| CN102902925B (en) | The processing method of a kind of file of contaminating and system | |
| CN1297908C (en) | Method for back-up protection of CMOS data | |
| CN113114676B (en) | Web safety protection and monitoring system | |
| CN105912929B (en) | A kind of dynamic measurement method based on domestic TCM | |
| CN102902913A (en) | Preservation method for preventing software in computer from being damaged maliciously |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090610 Termination date: 20100219 |