CN1838137A - Read-write access control method for plug-in memory device - Google Patents
Read-write access control method for plug-in memory device Download PDFInfo
- Publication number
- CN1838137A CN1838137A CNA2006100399021A CN200610039902A CN1838137A CN 1838137 A CN1838137 A CN 1838137A CN A2006100399021 A CNA2006100399021 A CN A2006100399021A CN 200610039902 A CN200610039902 A CN 200610039902A CN 1838137 A CN1838137 A CN 1838137A
- Authority
- CN
- China
- Prior art keywords
- memory device
- plug
- file
- filter driver
- file system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000001514 detection method Methods 0.000 claims abstract description 10
- 238000012544 monitoring process Methods 0.000 claims description 29
- 238000001914 filtration Methods 0.000 claims description 15
- 238000012550 audit Methods 0.000 claims description 8
- 238000007726 management method Methods 0.000 claims description 8
- 238000004458 analytical method Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 5
- 238000003780 insertion Methods 0.000 claims description 4
- 230000037431 insertion Effects 0.000 claims description 4
- 230000008520 organization Effects 0.000 claims description 3
- 239000002245 particle Substances 0.000 claims description 3
- 239000008358 core component Substances 0.000 claims description 2
- 230000002093 peripheral effect Effects 0.000 description 17
- 238000004891 communication Methods 0.000 description 10
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 239000000872 buffer Substances 0.000 description 1
- 239000000306 component Substances 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
This invention relates to a read-write access control method for plug and play memory device. Wherein, configuring application security policy for the device by a control desk module; using a detection module to real-time detect the device and notify the kernel to start filter device for monitor; realizing the exact operation to access to monitor for the plug-play device according to strategy by a file system filter drive part module; detecting the device removal by the former detection module to notify kernel unload filter device and stop monitor. Besides, the system comprises an application layer for detecting device state and a kernel layer for monitor.
Description
Technical field
The present invention relates to a kind of method to plug-in memory device read and write access control, especially the safe handling to various movable memory equipments manages under host platform, ensures the information security of main frame, belongs to field of computer information security.
Background technology
The high capacity movable storage device is (as the USB hard disk, fc tape storage device FCs etc.) be extensive use of, it is more convenient that information is transmitted, if can not effectively control its use, can make the Intranet information security have serious problems, how the effective control of the use of peripheral storage device be seemed more and more urgent.Safe handling at peripheral storage device, existing windows system can provide simply to particular types of devices read-write control, as allow the keeper that the USB flash memory of subscriber's main station system in the network is set, tape, floppy drives etc. do not allow to use, read-only etc., pass through these equipment and reveal to prevent information.Also have some safety products,, allow or forbid the use of peripheral storage device simply by the access of the various peripheral storage devices of programmed control.
Must control the read and write access of plug-in memory device, this is the important measures that guarantee the Intranet information security, but because the driver complicacy of the lower floor of peripheral storage device is then too complicated as each peripherals being write filter drive program.
Summary of the invention
The objective of the invention is to: for various plug-in memory device under the main frame provides unified method for supervising.Use drives based on file system filter; can well monitor various peripheral storage devices; on the one hand file system layer has shielded the driver complicacy of various peripheral storage device lower floor; be not required to be each peripherals and write filter drive program; the driving that common on the other hand I/O manager will ask directly to give file system layer is handled; file system layer then is in higher level; can well implement protection mechanism to the file resource visit; association attributes according to file; whether the decision read and write access allows; and can write down necessary information, for subsequent analysis.
Content of the present invention is achieved in that a kind of method that plug-in memory device is carried out read and write access control is:
Total system comprises following four modules: control desk, plug-in memory device detection, file system filter driver part, four modules of log collection.
The control desk program also is the primary control program of whole monitoring system, works in the operating system application layer, and its work is: the dynamic-configuration monitoring strategies, and managing file system filtration drive parts are finished monitor task; Control desk is to the management of filter Driver on FSD, and its job step is:
Step 1: control desk load document system filtration driver part;
Step 2: control desk reads the initial policy file, and to the file system filter driver part monitoring strategies is set;
Step 3: start the plug-in memory device detection module, make it to detect in real time the insertion of PnP device, notification filter driving is in time carried out filter plant and is articulated;
Step 4: control desk receives the New Policy that the user is provided with, and to the file system filter driver part monitoring strategies is set;
Step 5: control desk receives the user and stops monitor command, stops and unloading all core component.
The plug-in memory device detection part with the mode of poll, is in time found the insertion of PnP device or is removed, and dynamic carry or the unloading filter plant that is used to monitor.
Be used to realize the file system filter driver part of file access control, work in operating system nucleus, used the control that conducts interviews of file system layer filtration drive technology in the Windows Drive Layer aggregated(particle) structure, because it is in the filter Driver on FSD layer, this logical organization can shield the complicacy of underlying device type, the conduct interviews principle of Control work of file system filter driver part is characterized in that comprising following basic step:
Step 1: user's file access operation converts the operating system file access interface to and calls;
Step 2: operating system is called and is delivered to the I/O manager, converts the I/O request package that filtration drive is handled to;
Step 3:I/O manager is given filter Driver on FSD earlier before the file access request package being passed to the file system driving;
Step 4: filter Driver on FSD is handled the I/O request package according to monitoring strategies, and the recording processing daily record.
For can better tracing and monitoring to the visit of plug-in memory device, the log collection module is provided, work in the operating system application layer, from kernel, take out the monitoring daily record that generates according to monitoring record, for follow-up safety analysis.
Characteristics of the present invention are: according to existing weakness to plug-in memory device use control method, propose to use the file system layer filtration drive technology in the Windows Drive Layer aggregated(particle) structure to control.The filter Driver on FSD layer can obtain the file access operation requests that lower floor of all operations system sends, and judges also that by analysis whether decision this request in back is by real execution; Simultaneously, its residing logical organization has shielded underlying device type complicacy, can monitor memory device dissimilar and that distinct device drives.
Description of drawings
Fig. 1 is the system module structural drawing of a realization of the present invention.
Fig. 2 is the work synoptic diagram of Configuration Manager of the present invention.
Fig. 3 is the actuating logic synoptic diagram of monitoring management module of the present invention.
Fig. 4 is a Windows kernel file filtration drive technical architecture plan of the present invention.
Fig. 5 is a system chart
Embodiment
The present invention will be further described below in conjunction with the drawings and specific embodiments:
Referring to Fig. 1, the concrete execution supervisory system that we realize is made up of six modules, wherein disposes five modules such as audit, monitoring management, log collection, kernel communication, equipment plug monitoring and is in application layer, and the filtration drive module then is operated in inner nuclear layer.
Because present embodiment is a functional component in the bigger supervisory system, configuration audit and these two modules of kernel communication are not essential module of the present invention, but for the unitized realization in the convenience under using and when coding design, that is carried out is abstract.
Referring to Fig. 2, configuration audit module is to get in touch for system and the external world, carry out communication as user interface or remote management terminal, the unified external interface that is provided, in the present embodiment, it is used for carrying out communication according to communications protocol that pre-defines and long-range information collecting center, the receive information management and the configuration at collection center, and information collecting center is mail in local daily record preserve, in total system, an information collecting center can be managed a plurality of monitor terminals that are subjected to;
The kernel communication module then uses the mode of DeviceIoControl, sending IOCTL in application layer asks to Kernel Driver, driver is done respective handling, simultaneously can be, obtain data by buffers, a kind of general application layer and the interactive means of inner nuclear layer are provided.
The groundwork flow process of this supervisory system is as follows:
1. referring to Fig. 3, the monitoring management module is responsible for the startup and the administration module of total system, module is opened two threads thus, is responsible for detecting the equipment plug monitoring module thread of plug-in memory device plug, and the log collection module thread that is used to collect the peripheral storage device operating position;
2. monitoring management module obtains the peripheral storage device usage policy into the setting of this main frame, for example: whether the read-write of these equipment is monitored by the external communication interface of configuration audit module; As need monitoring, so to read operation and write operation take respectively to allow, forbid, which kind of action in the log; Whether need to carry out more fine-grained control according to file type, or the like, and after acquisition, call policy data in the kernel communication module configuration driver;
3. equipment plug monitoring modular is monitored the access of PnP device in real time, in time carries out filter plant by the kernel communication module and articulates and unload;
4. the filtration drive module that is loaded, according to the monitoring that conducts interviews of information such as strategy, the principle and the step of this monitor procedure are as follows:
Referring to Fig. 4, when operating system when not adding any access control, file request bag IRP can pass through file system layer (fa, example shown in the figure is cdfs and two kinds of file system of fat), the memory device driver layer, and arrival hardware device level of abstraction (hal:hardware abstraction level), last reality executable operations under hardware of memory device.
At file system layer, according to different file system, as cdfs, fat etc., they are that each logical partition of memory device is created a volume device object (vdo:volume device object), represent volume under the hardware dish with vdo, and operating system is to the operation of file, all pass through the corresponding vdo of its place volume of control, to reach the purpose of control underlying device.Under file system layer, the IRP request arrives concrete memory device and carries out by various memory device drivers, bus driver etc.
According to the structure of windows file system, we can insert a filter Driver on FSD layer under file system layer, introduce a checkpoint.At the filter Driver on FSD layer, can create the filter plant object (fdo:filter device object) of a correspondence for each vdo, after being articulated to it under vdo, IRP will transmit downwards more earlier through the filter Driver on FSD program at fdo place.Thereby, be PnP device as long as which equipment we tell, and be the fdo of its carry correspondence, just can conduct interviews and control plug-in memory device.
The filter Driver on FSD module operates in kernel as the part of I/O subsystem.Its main task is equipment read and write access monitoring, and equipment uses and reserve the information flow daily record.As follows for handling routine in driver DriverEntry routine by the I/O request package IRP formulation of driver:
DriverObject→MajorFunction[IRP_MJ_CRETE]=
MyFilterCreate;
DriverObject→MajorFunction[IRP_MJ_READ]=
MyFilterRead;
DriverObject→MajorFunction[IRP_MJ_WRITE]=
MyFilterWrite;
......
So just, can in the routine that is provided with, handle corresponding IRP bag.According to the driven strategy works that is provided with, during I/O request package IRP process filter drive program, check that request package is to realize the access monitoring to specific resources.To type is the request package (in the MyFilterCreate routine) of IRP_MJ_CREATE, operation types (reading and writing etc.) is wanted in inspection, whether meet strategy with the association attributes of the imformosome of visiting, determine processing: allow, forbid, still write down detailed access log IRP.Wherein, to the protection of resource information body deployment information resource database specially, relevant access attribute is set, the setting of searching continuous item in the database according to IRP object pointed is with the control of decision to it.In addition, filter Driver on FSD can be easily extended to the total system memory device,, the sign of access attribute can be set in file attribute, with foundation as processing I/O request package to important system resource by the filter Driver on FSD program.
5. write down the peripheral access information log, note the required associative operation information of audit according to strategy at peripheral storage device, temporarily be kept at daily record in the kernel, obtain and give the log collection module by kernel communication module poll, by the log collection module this locality retention is carried out in daily record and outflow file, or send to remote server and deposit database in, check this main frame peripherals behaviour in service for the keeper.
In native system, more fine-grained device access control is provided, just simply under the I/O path, user I/O is not handled accordingly, and will be according to the use information that obtains, useful Operation Log is selected in arrangement, access file information is to provide the information foundation of peripheral storage device behaviour in service view and ex-post analysis audit.Operation audit module filters out the useful service data of the peripheral storage device that obtains from filtration drive, analyze and put in order the information after filtering, with reference to the peripheral storage device usage policy, the security alarm daily record that generates various violation policing actions sends to the network manager.Retain the fileinfo that some user captures are flowed out in addition as required, with as ex-post analysis with whether check the foundation of information leakage.
Fig. 5 is in system works figure, and visit is controlled to the file read-write in the plug-in memory device under host platform, under main flow desktop system windows platform, uses the filter Driver on FSD technology to realize plug-in memory device read and write access control.System divides application layer and inner nuclear layer, detect the plug of movable memory equipment in real time in application layer, in time notify kernel module to articulate filter plant and monitor, filter Driver on FSD is monitored processing according to strategy to the file access operation, and provides the monitoring daily record for subsequent analysis.
Claims (7)
1, a kind of method that plug-in memory device is carried out read and write access control is characterized in that operator's console, plug-in memory device detection, file system filter driver part, four modules of log collection, and its work comprises following basic step:
Step 1: control desk module configuration plug-in memory device strategy safe in utilization;
Step 2: insert the insertion that promptly detects plug-in memory device in real time with the memory device detection module, and notice kernel hook filter plant, open monitoring;
Step 3: file system filter driver part module realizes the concrete operations of plug-in memory device access monitoring according to strategy;
Step 4: insert and promptly detect removing of plug-in memory device in real time with the memory device detection module, and notice kernel unloading filter plant, stop monitoring.
2, method of plug-in memory device being carried out read and write access control according to claim 1, it is characterized in that three modules such as its control desk, plug-in memory device detection, log collection are in the operating system application layer, file system filter driver part (being the filtration drive processing module) then is in the operating system nucleus layer.
3, according to claim 1,2 described methods of plug-in memory device being carried out read and write access control, it is characterized in that control desk module works in the operating system application layer, its work is: the dynamic-configuration monitoring strategies, and managing file system filtration drive parts are finished monitor task;
4, according to claim 1,2, the 4 described methods that plug-in memory device is carried out read and write access control, it is characterized in that the management of control desk to filter Driver on FSD, its job step is:
Step 1: control desk load document system filtration driver part;
Step 2: control desk reads the initial policy file, and to the file system filter driver part monitoring strategies is set;
Step 3: start the plug-in memory device detection module, make it to detect in real time the insertion of PnP device, notification filter driving is in time carried out filter plant and is articulated;
Step 4: control desk receives the New Policy that the user is provided with, and to the file system filter driver part monitoring strategies is set;
Step 5: control desk receives the user and stops monitor command, stops and unloading all core component.
5, method of plug-in memory device being carried out read and write access control according to claim 1 and 2, it is characterized in that the file system filter driver part works in operating system nucleus, used the control that conducts interviews of file system layer filtration drive technology in the Windows Drive Layer aggregated(particle) structure, because it is in the filter Driver on FSD layer, this logical organization can shield the complicacy of underlying device type.
6,, it is characterized in that the file system filter driver part to the file access operation control that conducts interviews, comprises following basic step according to claim 1, the 2 or 5 described methods that plug-in memory device is carried out read and write access control:
Step 1: user's file access operation converts the operating system file access interface to and calls;
Step 2: operating system is called and is delivered to the I/O manager, converts the I/O request package that filtration drive is handled to;
Step 3:I/O manager is given filter Driver on FSD earlier before the file access request package being passed to the file system driving;
Step 4: filter Driver on FSD is handled the I/O request package according to monitoring strategies, points to file according to the I/O request package, handles as follows:
1. if strategy is a disable access, make the failure of I/O request package;
2. if strategy is write for forbidding, only allow read request packet to pass through, fail with the request package that WriteMode opens file;
3. visit for allowing as if tactful, but need audit the record access request;
Step 5: the I/O request package that will as above allow to pass through passes to lower floor's driver, and carries out daily record.
7, method of plug-in memory device being carried out read and write access control according to claim 1 and 2, it is characterized in that providing the log collection module to work in the operating system application layer, from kernel, take out the monitoring daily record that generates according to monitoring record, for follow-up safety analysis.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100399021A CN100458808C (en) | 2006-04-26 | 2006-04-26 | Read-write access control method for plug-in memory device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100399021A CN100458808C (en) | 2006-04-26 | 2006-04-26 | Read-write access control method for plug-in memory device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1838137A true CN1838137A (en) | 2006-09-27 |
| CN100458808C CN100458808C (en) | 2009-02-04 |
Family
ID=37015531
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100399021A Expired - Fee Related CN100458808C (en) | 2006-04-26 | 2006-04-26 | Read-write access control method for plug-in memory device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100458808C (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100367248C (en) * | 2006-10-13 | 2008-02-06 | 冯浩然 | A encryption U disk system with journal and audits |
| CN102467392A (en) * | 2010-11-12 | 2012-05-23 | 鸿富锦精密工业(深圳)有限公司 | Preinstallation environment for operating system |
| CN102708317A (en) * | 2012-05-03 | 2012-10-03 | 沈阳通用软件有限公司 | Recording auditing method under Windows platform on basis of filter driver |
| CN102867148A (en) * | 2011-07-08 | 2013-01-09 | 北京金山安全软件有限公司 | Safety protection method and device for electronic equipment |
| CN103227808A (en) * | 2011-12-27 | 2013-07-31 | 富士通株式会社 | Connection apparatus, storage apparatus, processing method for connection apparatus and processing program |
| CN103324442A (en) * | 2012-03-23 | 2013-09-25 | 联想(北京)有限公司 | I/O request processing method and electronic equipment |
| CN103456059A (en) * | 2013-08-30 | 2013-12-18 | 国家电网公司 | Method for monitoring data safety of client of remote data recovery system |
| CN104077250A (en) * | 2014-06-27 | 2014-10-01 | Tcl集团股份有限公司 | Connection processing method and device for intelligent terminal and storage equipment |
| CN104657676A (en) * | 2015-03-05 | 2015-05-27 | 北京安普诺信息技术有限公司 | File mandatory access control method and system thereof based on minifilter drive |
| CN105373727A (en) * | 2015-12-15 | 2016-03-02 | 福建实达电脑设备有限公司 | Virtual device redirection based device isolation method |
| CN106203187A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | The USB storage device method for limiting of a kind of filter Driver on FSD and system |
| CN106951789A (en) * | 2016-12-09 | 2017-07-14 | 中国电子科技集团公司第三十研究所 | A kind of USB Anti-ferry methods based on safety label |
| CN109254735A (en) * | 2018-10-11 | 2019-01-22 | 北京明朝万达科技股份有限公司 | The access control method and device of movable storage device |
| CN110727528A (en) * | 2019-08-22 | 2020-01-24 | 深圳市元征科技股份有限公司 | Memory failure recovery method and device, electronic equipment and storage medium |
| CN112068890A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Method, system and storage medium for controlling computer external equipment |
| WO2021159649A1 (en) * | 2020-02-13 | 2021-08-19 | 苏州浪潮智能科技有限公司 | Multipath device shielding system and method, device, and readable storage medium |
| CN113849138A (en) * | 2021-12-01 | 2021-12-28 | 浙江齐安信息科技有限公司 | Safety control device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5677953A (en) * | 1993-09-14 | 1997-10-14 | Spyrus, Inc. | System and method for access control for portable data storage media |
| AU6631600A (en) * | 1999-08-11 | 2001-03-05 | Spinware, Inc. | System and method for controlling access to data stored in portable storage medium |
| CN100547546C (en) * | 2003-08-25 | 2009-10-07 | 联想(北京)有限公司 | A kind of software and hardware Intelligent Recognition and guard method |
-
2006
- 2006-04-26 CN CNB2006100399021A patent/CN100458808C/en not_active Expired - Fee Related
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100367248C (en) * | 2006-10-13 | 2008-02-06 | 冯浩然 | A encryption U disk system with journal and audits |
| CN102467392A (en) * | 2010-11-12 | 2012-05-23 | 鸿富锦精密工业(深圳)有限公司 | Preinstallation environment for operating system |
| CN102867148A (en) * | 2011-07-08 | 2013-01-09 | 北京金山安全软件有限公司 | Safety protection method and device for electronic equipment |
| CN103227808A (en) * | 2011-12-27 | 2013-07-31 | 富士通株式会社 | Connection apparatus, storage apparatus, processing method for connection apparatus and processing program |
| CN103324442A (en) * | 2012-03-23 | 2013-09-25 | 联想(北京)有限公司 | I/O request processing method and electronic equipment |
| CN102708317A (en) * | 2012-05-03 | 2012-10-03 | 沈阳通用软件有限公司 | Recording auditing method under Windows platform on basis of filter driver |
| CN103456059A (en) * | 2013-08-30 | 2013-12-18 | 国家电网公司 | Method for monitoring data safety of client of remote data recovery system |
| CN104077250A (en) * | 2014-06-27 | 2014-10-01 | Tcl集团股份有限公司 | Connection processing method and device for intelligent terminal and storage equipment |
| CN104657676B (en) * | 2015-03-05 | 2017-11-07 | 北京安普诺信息技术有限公司 | A kind of file forced access control method driven based on microfiltration and its system |
| CN104657676A (en) * | 2015-03-05 | 2015-05-27 | 北京安普诺信息技术有限公司 | File mandatory access control method and system thereof based on minifilter drive |
| CN105373727A (en) * | 2015-12-15 | 2016-03-02 | 福建实达电脑设备有限公司 | Virtual device redirection based device isolation method |
| CN105373727B (en) * | 2015-12-15 | 2018-04-20 | 福建实达电脑设备有限公司 | The equipment blocking method redirected based on virtual unit |
| CN106203187A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | The USB storage device method for limiting of a kind of filter Driver on FSD and system |
| CN106951789A (en) * | 2016-12-09 | 2017-07-14 | 中国电子科技集团公司第三十研究所 | A kind of USB Anti-ferry methods based on safety label |
| CN106951789B (en) * | 2016-12-09 | 2019-07-16 | 中国电子科技集团公司第三十研究所 | A kind of USB Anti-ferry method based on safety label |
| CN109254735A (en) * | 2018-10-11 | 2019-01-22 | 北京明朝万达科技股份有限公司 | The access control method and device of movable storage device |
| CN110727528A (en) * | 2019-08-22 | 2020-01-24 | 深圳市元征科技股份有限公司 | Memory failure recovery method and device, electronic equipment and storage medium |
| WO2021159649A1 (en) * | 2020-02-13 | 2021-08-19 | 苏州浪潮智能科技有限公司 | Multipath device shielding system and method, device, and readable storage medium |
| CN112068890A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Method, system and storage medium for controlling computer external equipment |
| CN113849138A (en) * | 2021-12-01 | 2021-12-28 | 浙江齐安信息科技有限公司 | Safety control device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100458808C (en) | 2009-02-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100458808C (en) | Read-write access control method for plug-in memory device | |
| CN101819525B (en) | Method and equipment for searching configuration file of application in system | |
| US5887167A (en) | Synchronization mechanism for providing multiple readers and writers access to performance information of an extensible computer system | |
| CN101408855B (en) | Method for protecting remote backup equipment of temporary abnormity by continuous data protective system | |
| US6622226B1 (en) | Method and system for using a mark-list for garbage collection | |
| CN1815451A (en) | Log information management method and system | |
| CN1845120A (en) | Automatic analysis system and method for malicious code | |
| CN103034799A (en) | Kernel level desktop access control method | |
| CN111597089B (en) | Linux system call event acquisition and caching device and method | |
| CN106227621A (en) | The data back up method of logic-based volume management simplification volume and system | |
| EP1155368A1 (en) | Pageable filter driver for prospective implementation of disk space quotas | |
| CN105868056A (en) | Method, device and safety virtual machine for acquiring deleted files in Windows virtual machines | |
| CN1677302A (en) | Method and system for acquiring resource usage log and computer product | |
| US20060080364A1 (en) | Method, system, and computer program product for detecting memory management anti-patterns | |
| CN103580899B (en) | Event log management method, system, cloud service client and virtual platform | |
| CN102693232B (en) | Method and device for cancelling files | |
| US20060069821A1 (en) | Capture of data in a computer network | |
| WO2000023867A2 (en) | Windows frame, dialog box, keyboard, device access and user environment real time asc file signal tracking and control system based upon user activity | |
| CN101452619B (en) | Method for isolating virus of disk for background system of tax control collecting apparatus | |
| CN101464790B (en) | Apparatus and method for scheduling commands from host systems | |
| CN115599575B (en) | Novel method for solving concurrent activation and deactivation of cluster logical volumes | |
| CN104331945B (en) | A kind of data collection task station and its control method with pre- input function | |
| CN110865869A (en) | Method and system for extracting memory access characteristics of virtual machine on Shenwei architecture | |
| Nakamura et al. | A new data acquisition system for the RIKEN-RAL μCF experiment | |
| CN1591329A (en) | Intelligent identifying and protecting method for software and hardware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090204 |