CN1920786A - System and method for implementing safety control of operation system - Google Patents

System and method for implementing safety control of operation system Download PDF

Info

Publication number
CN1920786A
CN1920786A CNA2005100933885A CN200510093388A CN1920786A CN 1920786 A CN1920786 A CN 1920786A CN A2005100933885 A CNA2005100933885 A CN A2005100933885A CN 200510093388 A CN200510093388 A CN 200510093388A CN 1920786 A CN1920786 A CN 1920786A
Authority
CN
China
Prior art keywords
operating system
module
higher level
system module
subordinate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2005100933885A
Other languages
Chinese (zh)
Other versions
CN100514305C (en
Inventor
张兴明
梁金千
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nantong Yingke Information Technology Co ltd
Original Assignee
BEIJING STARSOFT COMMUNICATION Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING STARSOFT COMMUNICATION Co Ltd filed Critical BEIJING STARSOFT COMMUNICATION Co Ltd
Priority to CNB2005100933885A priority Critical patent/CN100514305C/en
Priority to PCT/CN2006/001929 priority patent/WO2007022687A1/en
Publication of CN1920786A publication Critical patent/CN1920786A/en
Application granted granted Critical
Publication of CN100514305C publication Critical patent/CN100514305C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention relates to a system for realizing safe control on operation system and relative method, wherein said system is formed by superior operation system module, system separate module, a data separate module, and a safe control module, while it can delete, build and lead lower operation system module to copy dynamic data into disc protective region. The invention reads the start information of superior operation system module, to be compared with lower operation system module; when they are same, it builds lower operation system module and loads said superior operation system module and lower operation system module; or else, using standard information to repair the start information of superior operation system module. The invention can avoid malicious destruction on computer core, to confirm the safety of present operation system; and it uses data separation to confirm data integral, while the unsafe element will not affect whole system.

Description

Realize the system and method for operating system security control
Technical field
The present invention relates to a kind of system and method for realizing operating system security control, relate in particular to the system and method that a kind of application data partition method and system's partition method realize operating system security control, belong to computer operating system and computer safety field.
Background technology
Computer operating system is used for the control computer hardware device, and for various application software provide running environment, its reliability and security is very important.
Along with increasing application is deployed in the single operation system environments, it is very complicated that user computing environment becomes, be difficult to management and safeguard, and complicated computing environment makes various computer security technology to protect immediately and to discern, and is difficult to avoid the attack of virus and spyware.
For addressing the above problem, one of at present more common method is that installing operating system recovers the problem that software solves operating system failure and virus damage in operating system.The shortcoming of this kind method is: though system recovery software can be with operating system reduction to certain former health status, user's data also can be reduced old state, thereby makes the availability of operating system reduction software reduce greatly.
Two of at present more common method is that the user installs antivirus software and fire wall one class in operating system security protection software is dealt with the day by day virus of wildness and the destruction of rogue program.The shortcoming of this kind method is: the development of security protection software product generally all lags behind the propagation of virus and rogue program.Whether reliably and can these securing softwares normally use, often depend on operating system operation itself; Therefore, the safety that security protection software guarantees operating system, application software, user data is installed in operating system, though effectively stop the destruction and the propagation of virus to a certain extent, but the user need constantly upgrade and safeguard virus signature, in case carelessness causes opportunity promptly for virus and rogue program.
In sum, in IT application, the security of computing machine is the present common greatest problem that runs into, and these problems have caused huge time cost and financial cost for computing machine consumer and enterprise, and still do not have to carry out completely the method for operating system security control at present comprehensively.Therefore, the user needs a kind of step that can simplify security protection, significantly reduces the cost of security protection, and can guarantee enterprise information assets and personal user's data security reliable technique scheme.
Summary of the invention
The purpose of this invention is to provide a kind of system that realizes operating system security control, this system can be to the data isolation and the protection of operating system; And can isolate subordinate's operating system module that generation is can be when the user does not re-use deleted to operating system.
Another object of the present invention provides a kind of method that realizes operating system security control, and this method can realize that data isolation and system isolate, and realizes that the system and the data of isolating can not interact; And can carry out verification to operating system,, then recover in case find unwarranted distorting.
For achieving the above object, the invention provides a kind of system that realizes operating system security control, comprising:
Higher level's operating system module;
One system's isolation module, described system isolation module and described higher level's operating system module are mutual, are used for guiding and/or set up subordinate's operating system module according to user instruction; Described system isolation module is also mutual with described higher level's operating system module and subordinate's operating system module respectively, is used to monitor described higher level's operating system module and the subordinate's operating system module read to disk;
One data isolation module, described data isolation module copies to the disk protect subregion with the dynamic data of described higher level's operating system module and/or subordinate's operating system module; Monitor described higher level's operating system module and/or subordinate's operating system module read, and will be redirected and/or copy in real time described disk protect subregion the read of described dynamic data to dynamic data;
One safety control module, mutual with described higher level's operating system module and/or subordinate's operating system module, be used to store the standard information of described higher level's operating system module, gather the log-on message of described higher level's operating system module, the standard information of more described higher level's operating system module and described log-on message, and described higher level's operating system module is loaded and/or repairs control according to comparative result; And be used to delete described subordinate operating system module, and notify described system isolation module to create or create voluntarily new subordinate's operating system module.
For realizing above-mentioned another purpose, the invention provides a kind of method that realizes operating system security control, may further comprise the steps:
Step 1, read the log-on message of higher level's operating system module, and with described higher level's operating system standard information of storage in advance relatively, if the log-on message of described higher level's operating system module is consistent with described higher level's operating system standard information, then execution in step 2, otherwise use described higher level's operating system standard information to repair the log-on message of described higher level's operating system module;
Step 2, establishment subordinate operating system module, and load described higher level's operating system module and described subordinate operating system module.
Also comprise step 3 after the described step 2: monitor the read-write operation of dynamic data in described higher level's operating system module and/or the described subordinate operating system module, and will be redirected or copy in real time the disk protect subregion to the read/write operation of described dynamic data.
Before the described step 1, be described higher level's operating system standard information with the backup data store under the safe condition of described higher level's operating system module.
Therefore, the present invention has the following advantages:
When 1, computing machine starts, all create new current operation system environment at every turn, guaranteed the current operation system environmentAL safety;
2, adopt the method for data isolation, make the operating system environment of each establishment all can map out the data of operation in the past, guaranteed the integrality of data;
3, operating system nucleus is carried out verification, prevent malicious sabotage computer inner core;
4, operating system module is isolated from each other, and has guaranteed that a certain operating system unsafe factor can not involve total system.
Below in conjunction with drawings and Examples, technical scheme of the present invention is described in further detail.
Description of drawings
Fig. 1 realizes the system chart of operating system security control for the present invention;
Fig. 2 realizes the system schematic that operating system is isolated down based on the traditional computer framework;
Fig. 3 realizes the block diagram of the system embodiment 2 of operating system security control for the present invention;
Fig. 4 realizes the process flow diagram of the method for operating system security control for the present invention.
Embodiment
Referring to Fig. 1, be the embodiment 1 that the present invention realizes the system of operating system security control, by higher level's operating system module 1, system's isolation module 2, data isolation module 3, safety control module 4 and subordinate's operating system module 5 and disk protect subregion 6 constitute.Higher level's operating system module 1 is the parent-operation system module of operating system nucleus or operating system nucleus and the application program formation that sets in advance, and described higher level's operating system module 1 no longer has higher level's operating system module as the parent-operation system module on it.
Higher level's operating system module 1 can only comprise an operating system nucleus that is used to finish the most basic function, and so-called operating system nucleus refers to be used to provide the software program of the essential basic function of operating system; This operating system nucleus of finishing the most basic function can be the kernel of Linux or Unix or Windows; Be example with Windows in the present embodiment.
Higher level's operating system module 1 also can comprise the software program outside kernel and the kernel, promptly comprises the application program outside kernel and the operating system nucleus, and the function that provides the essential basic function of operating system and other users to select is provided.Such as, if the keeper sets Office software being arranged all in all operating environments, just Office software can be installed in higher level's operating system module 1.
Under the safe condition of user or keeper's affirmation, can be with the Backup Data of higher level's operating system module 1, just the operating system program under the safe condition stores as standard information.
Higher level's operating system module 1 is one or more.Under the traditional computer framework, only can move simultaneously higher level's operating system module 1, such as operation Windows or Linux, but one of them can be used as the secondary operating system of another one, for instance, when the Windows operating system of acquiescence breaks down, move loading automatically as the linux system of secondary operating system.Under virtual machine architecture, can move a plurality of higher level's operating system modules 1 simultaneously.
System's isolation module 2 and described higher level's operating system module 1 are mutual, are used for guiding and/or set up subordinate's operating system module 5 according to user instruction.
This subordinate's operating system module 5 can be one or more, comprises any modification information that described higher level's operating system module 1 is made.Be example with one in the present embodiment, subordinate's operating system module 5 shields IE simultaneously for Office software, translation software and software for calculation program to be installed on higher level's operating system module 1 basis; Subordinate's operating system module 2 can carry out word processing and data computation, but cannot surf the Net with complete office operation system environments of higher level's operating system module 1 common formation.Subordinate's operating system module 5 can be for a plurality of, such as, also comprise subordinate's operating system module 5 (not shown), Games Software and the multimedia software on higher level's operating system module 1 basis, installed, with complete amusement operating system environment of higher level's operating system module 1 common formation, can play, see video file and online etc.
Subordinate's operating system module 5 is mutual with higher level's operating system module 1, can carry out read access to the data that exclusively enjoy in the disk space of higher level's operating system module 1.Subordinate's operating system module 5 has the disk space of exclusively enjoying; If a plurality of subordinates operating system module 5 is arranged, then each module has the disk space that exclusively enjoys separately, and subordinate's operating system module 5 can exclusively enjoy disk space and disc free space carries out read to it.
System's isolation module 2 is also mutual with described higher level's operating system module 1 and subordinate's operating system module 2 respectively, is used to monitor the read of described higher level's operating system module 1 and 2 pairs of disks of subordinate's operating system module; Be specially the read of monitoring higher level's operating system module 1 and 2 pairs of disks of subordinate's operating system module, tackle all write accesss that exclusively enjoy disk space higher level's operating system module 1.
System's isolation module 2 also comprises external memory access control module (not shown), and this module is stored in the disk space of harddisk memory, and it is made up of a plurality of file.Comprise: the disk bitmap file of higher level's operating system module 1, the disk bitmap file of subordinate's operating system module 5 and the index file of subordinate's operating system module 5.
System's isolation module 2 has been realized the data isolation between higher level's operating system module 1 and subordinate's operating system module 2 and the subordinate's operating system module 5, and it realizes that principle is as follows:
As shown in Figure 2, under the traditional computer framework, computer system can only be moved an operating system at every turn, and its structure is: the bottom is a computer hardware, comprises CPU, hard disk, internal memory, video card, I/O interface etc.System's isolation module 2 can be arranged on basic input/output module in the computing machine under this framework be among the BIOS or computing machine expansion firmware interface is among the EFI; Also can be arranged among the kernel of higher level's operating system module 1 or outside the kernel.
Shown in Figure 2, be set at for system's isolation module 2 in the middle of the kernel of higher level's operating system module 1.Before specifying higher level's operating system module 1, the user at first need install an operating system in computing machine, then, the user can carry out necessary configuration to this operating system as required, as installing and the configure hardware driver, windows desktop resolution etc. is adjusted in the configuration network address.Simultaneously some application software can be installed as required, as some antivirus protection software and personal fire wall.Because in each child-operation system module, all need to use these software.In addition, the user need be arranged on system's isolation module 2 among the aforesaid operations system kernel, and system's isolation module 2 is set among the aforesaid operations system kernel as the driver of operating system among Fig. 2.After finishing above-mentioned preliminary work, it is higher level's operating system module 1 that the user can specify above-mentioned operating system by system's isolation module 2.After having specified higher level's operating system module 1, system's isolation module 2 is simultaneously that parent-operation system module 1 is created the disk bitmap file in external memory access control module 21.After this, all read to disk will be monitored and tackle to system's isolation module 2, not allow program and data in the rewriting higher level of any program and the system operating system module 1.
The disk storage bulk state of the disk bitmap file of higher level's operating system module 1 record higher level operating system module 1 is used to identify described higher level's operating system module 1 and exclusively enjoys disk space on disk; For instance, if there are the valid data of higher level's operating system module 1 on certain block unit on the disk (as being unit with the sector, then being certain sector), then the tick lables in the disk bitmap file correspondence of higher level's operating system module 1 is 1, otherwise is labeled as 0.
After the user has specified higher level's operating system module 1 by system's isolation module 2, then can create subordinate's operating system module 5 alternately by system's isolation module 2 and higher level's operating system module 1 as required.System's isolation module 2 is that subordinate's operating system module 5 is created the bitmap file of subordinate's operating system module 5 and the index file of subordinate's operating system module 5 in external memory access control module 21.
The disk bitmap file of subordinate's operating system module 5 record subordinate operating system module 5 the disk storage bulk state, what be used to identify subordinate's operating system module 5 exclusively enjoys disk space on disk; For instance, if certain block unit on the disk is (as being unit with the sector, then for certain sector) on have subordinate's operating system module 5 valid data, then the tick lables in the disk bitmap file correspondence of subordinate's operating system module 5 is 1, otherwise is labeled as 0.
Index file identifies all by the call address of the data of system's isolation module 2 dumps and memory address after the dump and the corresponding relation of the two.Such as, when the operator drives Cheng Jinhang and rewrites the video card of higher level's operating system module 1 in working environment, obviously, system's isolation module 2 will be tackled this operation, and the data of driving the address A0 of journey with video card in higher level's operating system module 1 can not be changed; What the operator in the working environment saw but is that video card drives the reformed effect of journey but simultaneously; This is because driving among the address A1 that exclusively enjoys disk space or blank disc space that journey is stored in this subordinate's operating system module 5 of will rewriting of system's isolation module 2, and record this actual storage address A1 and call the address A0 that journey is driven in this rewriting in the indexed file; Work as computer starting, when loading subordinate's operating system module 5, system's isolation module 2 is checked these index files, and the data read that is about to address A1 is come out, and does not read the data among the A0; Therefore, in the working environment that this subordinate's operating system module 5 constitutes, be that video card in higher level's operating system module 1 drives the effect that journey has been changed.
After the establishment of having finished one or more subordinates operating system module 5, the user can select to start any one subordinate's operating system module 5 according to the needs of oneself when computer starting.According to the position difference that system's isolation module 2 is provided with, it also has different with the boot sequence of higher level's operating system module 1:
When system's isolation module 2 is arranged on BIOS or EFI, start prior to higher level's operating system module 1, boot sequence is: system's isolation module 2 follows computer hardware closely and starts, and which operating system environment system's isolation module 2 indication users select to enter, such as, the operator selects entertainment environment.System's isolation module 2 guiding higher level operating system modules 1 start then, and finish the back in 1 guiding of higher level's operating system module and load subordinate's operating system module 5, thereby form the complete amusement operating system environment that gets for the user.
In the time of among system's isolation module 2 is arranged on the kernel of parent-operation system module 1 or outside the kernel, start simultaneously with higher level's operating system module 1, boot sequence is: computer hardware starts, higher level's operating system module 1 starts simultaneously with system's isolation module 2, and point out the user to select to enter which operating system environment, such as, the operator selects working environment, then system's isolation module 2 Bootstrap Loading are subordinate's operating system module 5 of office procedure, constitute complete office operation system environments.
After computer starting, higher level's operating system module 1 and system's isolation module 2 are loaded operation respectively according to above-mentioned different situations.Simultaneously, system's isolation module 2 also can load subordinate's operating system module 5 of appointment according to user's selection.After this, the user can carry out install software in higher level's operating system module 1 of current loading and subordinate's operating system module 5, revise configuration, operations such as editing files.But which kind of situation no matter, system's isolation module 2 is being monitored the read and write access to disk always, as long as the visit that the read-write disk takes place all can be by 2 interceptions of system's isolation module, and handles respectively according to different situations, to realize the isolation of operating system.
If find it is to read disk access, system's isolation module 2 at first obtains the destination address A0 that reads disk there from reading the disk access caller, then, system's isolation module 2 uses destination address A0 to inquire about the index file of subordinate's operating system module 5 of current operation, if there is corresponding index address A1 in the A0 position in the index file, then system's isolation module 2 is from disk address A1 position reading of data, and returns to caller.Otherwise 2 of system's isolation modules are from disk address A0 position reading of data, and return to caller.
If system's isolation module 2 finds it is to write disk access, system's isolation module 2 at first obtains the destination address B0 that writes disk there from writing the disk access caller, then, system's isolation module 2 uses destination address B0 to inquire about the index file of subordinate's operating system module 5 of current operation, if there is corresponding index address B1 in the B0 position in the index file, then system's isolation module 2 writes the B1 position with data, and finishes write access.Otherwise system's isolation module writes disc free space with data, and this writes the address is memory address B2; Simultaneously, this memory address of location records B2 that system's isolation module B0 in the index file of subordinate's operating system module 5 is indicated, and be 1 with the indicated position mark of B2 in the disk bitmap file of subordinate's operating system module 5 of current operation, the data of representing this position are that subordinate's operating system module 5 owns, after this, system's isolation module 2 finishes write access.
Method according to above-mentioned realization operating system isolation, when the user selects to start to arbitrary subordinate operating system module 5, by system's isolation module 2 reciprocation, can guarantee that the user can not see the data in the disk space of exclusively enjoying of other subordinate's operating system modules 5 on the disk with external memory access control module 21.Select startup to enter entertainment environment such as the user, 2 of system's isolation modules call from the external memory access control module the disk bitmap file of subordinate's operating system module 5 that should environment and the disk bitmap file of index file and higher level's operating system module 1, therefore, for higher level's operating system module 1, it can only see and read the content in the disk space of exclusively enjoying of oneself, for subordinate's operating system module 5, what the disk that it can only see higher level's operating system module 1 exclusively enjoyed space and self exclusively enjoys disk space and blank disc space, but can't see other subordinate's operating system modules 5 shared exclusively enjoy disk space, and, by the interception function of system's isolation module 2, what subordinate's operating system module 5 also can not write data higher level's operating system module 1 exclusively enjoys the exclusively enjoying in the disk space of disk space and other subordinate's operating system modules 5.Therefore, adopt above-mentioned principle, can guarantee that higher level's operating system module 1 can not be modified, and, realize between each subordinate's operating system module 5 isolating mutually, finally realized the isolation of operating system.
In addition, the exclusively enjoying disk space and can change of subordinate's operating system module 5, such as, when subordinate's operating system module 5 of corresponding entertainment environment is carried out write access, when data are write disc free space address A 3, system's isolation module 2 just identifies the correspondence position of its disk bitmap file, this blank disc space promptly become corresponding entertainment environment subordinate's operating system module 5 exclusively enjoy disk space.When subordinate's operating system module 5 of corresponding working environment is carried out write access, when data are write disc free space A4, system's isolation module 2 just identifies the correspondence position of its disk bitmap file, this blank disc space promptly become corresponding working environment subordinate's operating system module 5 exclusively enjoy disk space; When subordinate's operating system module 5 of corresponding entertainment environment started, the data of A4 can not be read, and therefore, were invisible for the data of subordinate's operating system module 5 A4 of corresponding entertainment environment.
Under virtual machine architecture, also can realize the operating system isolation.Under the computer architecture of virtual support machine technology, virtual memory management module (Virtual Memory Manager, be called for short VMM) be part most crucial in the virtual machine technique, run under the every other operating system, for operation operating system is thereon distributed and the coherent system resource.The VMWare software of VMWare company for example, the Virtual PC software of Microsoft, and the Xen software of XenSource company all is the software of virtual support machine technology.Under the effect of VMM, can move two or more operating systems simultaneously in the same computer system, with higher level's operating system module 1 is example, and wherein, higher level's operating system module 1 has been set up a plurality of subordinates operating system module 5 by 2 guiding of system's isolation module again.
System's isolation module 2 is arranged in VMM, starts simultaneously with VMM, and boot sequence is: computer hardware starts; VMM and system's isolation module 2 start; Higher level's operating system module 1 starts; Subordinate's operating system module 5 is according to selecting to start wherein one or more according to the user.
System's isolation module 2 is arranged in VMM, and it can monitor and tackle the read of all mothers/child-operation system module to disk, and with external memory access control module reciprocation, realize the isolation of operating system.
Virtual machine architecture realizes that down the another method that operating system is isolated is to be provided with MOS module or service operations system module (being called secondary operating system module) in dummy machine system, move simultaneously or 1 operation of first higher level's operating system module with higher level's operating system module 1 (being also referred to as the master operating system module), the state of monitoring higher level operating system module 1, and provide the disk access interface for higher level's operating system module 1 and subordinate's operating system module 5.
System's isolation module 2 is arranged among the kernel of secondary operating system module or outside the kernel, boot sequence is: computer hardware starts; VMM starts; Secondary operating system module and system's isolation module start; Higher level's operating system module 1; Subordinate's operating system module 5 selects to start wherein one or more according to the user.
Data isolation module 3 copies to disk protect subregion 6 with the dynamic data of higher level's operating system module 1 and/or subordinate's operating system module 5; So-called disk protect subregion 6 can be a disk partition that is hidden, for example the disk partition that makes up based on hard disk HPA (Host Protection Area) standard.Disk protect subregion 6 exclusively enjoys disk space not in a place with higher level's operating system module 1 and subordinate's operating system module 5; can be not overlapping yet; its character is as shared partition; only it is safer; added safeguard measure by software or hardware; be characterized in that operating system and application program can't directly visit this space, have only by special program just can have access to, thereby realize purpose of safety.Higher level's operating system module 1 and subordinate's operating system module 5 can be divided into following components and form: operating system program and data; Application Software Program and data; User data.Wherein operating system data, Application Software Program and data and user data are very important for user's application, and be often to change, we are referred to as dynamic data, be the operating system data data in addition that dynamic data is meant described higher level's operating system module 1, promptly dynamic data is meant the standard information data in addition of described higher level's operating system module 1.
Data isolation module 3 can be real-time monitoring and interception to the operation of dynamic data; the read of monitoring higher level's operating system module 1 and 5 pairs of dynamic datas of subordinate's operating system module, and will be redirected and/or copy in real time disk protect subregion 6 to the read of dynamic data.Use after the method for data isolation, the dynamic data in higher level's operating system module 1 and the subordinate's operating system module 5 can be isolated to disk protect subregion 6, and any operation of dynamic data all is redirected to disk protect subregion 6 simultaneously.
During certain state before the user returns to certain subordinate's operating system module 5,, can't have influence on dynamic data so recover subordinate's operating system module 5 because dynamic data has been isolated to disk protect subregion 6.After recovery was finished, dynamic data still can be redirected to disk protect subregion 6 by the data isolation Agent.
Data isolation module 3 can be installed in higher level's operating system module 1, and higher level's operating system module 1 is activated the back and loads and service data isolation module 3.In the computer architecture of virtual support technology, data isolation module 3 can be installed in the secondary operating system or be installed in the dummy machine system management software, data isolation module 3 can start prior to higher level's operating system module 1, also can start simultaneously with higher level's operating system module 1.
Safety control module 4, mutual with higher level's operating system module 1 and/or subordinate's operating system module 5, be used to store the standard information of higher level's operating system module 1 as higher level's operating system standard information, gather the log-on message of higher level's operating system module 1, the relatively standard information and the described log-on message of higher level's operating system module 1, and higher level's operating system module 1 is loaded and/or repairs control according to comparative result; And be used to delete subordinate's operating system module 5, and new subordinate's operating system module 5 is created or created voluntarily to reporting system isolation module 2.
Higher level's operating system standard information can store in the safety control module 4.
Safety control module 4 is arranged in the virtual memory management module of the secondary operating system module of BIOS, EFI, magnetic disc main boot record MBR, secondary operating system, virtual machine or virtual machine, and starts prior to higher level's operating system module 1.
Also be provided with module creation module (not shown) in the safety control module 4, this module creation module is used to create subordinate's operating system module 5.By the module creation module, safety control module 4 need not reporting system isolation module 2 can create subordinate's operating system module 5 voluntarily.
Also be provided with a standard information storage control module (not shown) in the safety control module 4, the standard information storage control module is used to store the standard information of described higher level's operating system module 1.
This standard information storage control module is arranged on described disk protect subregion 6, computer chip or the webserver.
Higher level's operating system standard information can store the standard information storage control module into.
Safety control module 4 utilizes a kind of fingerprint algorithm (as hash algorithm) to identify the integrality of higher level's operating system module 1 and/or subordinate's operating system module 5.Because adopted data isolation module 3, the dynamic data in higher level's operating system module 1 and the subordinate's operating system module 5 can be isolated disk protect subregion 6, therefore, operating system program should remain unchanged in normal operational process.According to this prerequisite, can extract its unique eigenwert to the standard information of higher level's operating system module 1, for example can the sector data of higher level's operating system module 1 be carried out computing, calculate a unique eigenwert, can be used as the fingerprint of this higher level's operating system module 1 by hash algorithm.After this, safety control module 4 is in each eigenwert that recomputates the machine log-on message before starting subordinate's operating system module 5, and the eigenwert of eigenwert and standard is compared, and has and do not distorted thereby can identify higher level's operating system module 1.If higher level's operating system module 1 is distorted, then can use a standard information to repair higher level's operating system module 1 again, this restorative procedure can adopt the method for covering, promptly use standard information to cover higher level's operating system module 1 fully, thereby can remove virus completely, wooden horse, spyware is resident higher level's operating system module 1.Simultaneously, because adopted data isolation module 3, can guarantee in the process of recovering higher level's operating system module 1, can not cause losing of dynamic data.If higher level's operating system module 1 is not distorted, and then directly loads.
The also eigenwert of basis of calculation information and log-on message not, and directly standard information and log-on message are compared.
Simultaneously; safety control module 4 is when starting each time; the subordinate of deletion earlier operating system module 5 is (because the user changes; also may there be virus or wooden horse; generally speaking; this subordinate's operating system module 5 may be dangerous; thereby to delete it); safety control module 4 is created subordinate's operating system module 5 again based on higher level's operating system module 1 again and is used to the user then; because dynamic data comprises that application program is stored in disk protect subregion 6; therefore, newly-built subordinate's operating system module 5 can not lost any data message.So repeatedly, final effect is all use newly-built subordinate's operating system module 5 to start (because newly-built, so totally, safety) at every turn, and user's data protects by data isolation module 3, can not involved.And the redirection function by data isolation module 3, with data map (perhaps duplicating) in subordinate's operating system module 5 of current operation.
The present invention realizes that the embodiment 2 of the system of operating system security control is, higher level's operating system module is the application program that sets in advance, this higher level's operating system module has its subordinate's operating system module, and described higher level's operating system module subordinate's operating system module that is its higher level's operating system module.
Referring to Fig. 3, made up subordinate's operating system module 8 based on a certain higher level's operating system module 7, the application program of subordinate's operating system module 8 for setting in advance then installed media play-back application such as being configured to entertainment environment; And further, can on this subordinate's operating system module 8, continue to make up subordinate's operating system module 91,92 and 93, wherein 91 for having installed games; 92 have installed the flash program; 93 have installed media conversion program.At this moment, subordinate's operating system module 8 just becomes higher level's operating system module of 91,92 and 93, and 91,92 and 93 is subordinate's operating system module of 8.
When 91,92 and 93 one are set up, the standard information of safety control module storage 8, when computer starting, safety control module 4 eigenwert of 7 log-on messages again before starting 7, and the eigenwert of eigenwert and standard is compared, have and do not distorted thereby can identify higher level's operating system module 7.If higher level's operating system module 7 is distorted; Then use standard information to repair higher level's operating system module 7 again, the method for this reparation can adopt the method for covering, if higher level's operating system module 7 is not distorted, then directly loads.Subsequently, safety control module 4 eigenwert of 8 log-on messages again before starting 8, and the eigenwert of eigenwert and standard compared has and is not distorted thereby can identify 8.If 8 are distorted; Then use standard information to recover 8 again,, then directly load if 8 do not distorted.At last, select according to the user, deletion 91,92 or 93 is also created it again.
In the present embodiment, this operating system module 8 can be one or more.
Only higher level's operating system module has standard information, any operating system module, as long as had its subordinate's operating system module, this operating system module just can not be rewritten.
Realize the embodiment of the method for operating system security control, may further comprise the steps as shown in Figure 4:
Backup data store under the safe condition of step 11, higher level's operating system module is higher level's operating system standard information;
Step 12, read the log-on message of higher level's operating system module;
Step 13, relatively with described higher level's operating system standard information of log-on message and storage in advance, if it is consistent, then execution in step 14, otherwise use the log-on message of the described higher level's operating system module of higher level's operating system standard information reparation (such as covering), and execution in step 14;
Step 14, judge whether this subordinate's operating system module exists,, delete this subordinate's operating system module and execution in step 15 if exist, otherwise direct execution in step 15;
Step 15, establishment subordinate operating system module, and load higher level's operating system module and this subordinate's operating system module;
The read-write operation of dynamic data in step 16, monitoring higher level's operating system module and/or the subordinate's operating system module, and will be redirected or copy in real time the disk protect subregion to the read/write operation of described dynamic data.
Wherein, in the step 13, be with the step of standard information comparison:
Eigenwert and higher level's operating system standard information eigenwert of the log-on message of step 1301, calculating higher level operating system module.
Step 1302, the eigenwert that compares log-on message and the eigenwert of higher level's operating system standard information;
If the two is consistent for step 1303, then enter step 14, otherwise the log-on message of using the standard information of described higher level's operating system module to repair described higher level's operating system module.
Perhaps, in the step 13, with standard information step relatively can also for:
The standard information of step 1311, the log-on message that reads higher level's operating system module and higher level's operating system module.
Step 1312, more described log-on message and standard information;
If the two is consistent for step 1313, then execution in step 13, otherwise the log-on message of using the standard information of described higher level's operating system module to repair described higher level's operating system module.
In the step 16, the step that the read/write operation of described dynamic data is redirected or copies in real time the disk protect subregion comprises:
Step 161, described dynamic data is copied to the disk protect subregion;
Step 162, monitoring are to the read/write operation of described dynamic data;
Step 163, will be mapped to the read/write operation of described dynamic data in subordinate's operating system module of current operation.
Should be noted that at last: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit; Although with reference to preferred embodiment the present invention is had been described in detail, those of ordinary skill in the field are to be understood that: still can make amendment or the part technical characterictic is equal to replacement the specific embodiment of the present invention; And not breaking away from the spirit of technical solution of the present invention, it all should be encompassed in the middle of the technical scheme scope that the present invention asks for protection.

Claims (18)

1, a kind of system that realizes operating system security control is characterized in that comprising:
Higher level's operating system module;
One system's isolation module, described system isolation module and described higher level's operating system module are mutual, are used for guiding and/or set up subordinate's operating system module according to user instruction; Described system isolation module is also mutual with described higher level's operating system module and subordinate's operating system module respectively, is used to monitor described higher level's operating system module and the subordinate's operating system module read to disk;
One data isolation module, described data isolation module copies to the disk protect subregion with the dynamic data of described higher level's operating system module and/or subordinate's operating system module; Monitor described higher level's operating system module and/or subordinate's operating system module read, and will be redirected and/or copy in real time described disk protect subregion the read of described dynamic data to dynamic data;
One safety control module, mutual with described higher level's operating system module and/or subordinate's operating system module, be used to store the standard information of described higher level's operating system module, gather the log-on message of described higher level's operating system module, the standard information of more described higher level's operating system module and described log-on message, and described higher level's operating system module is loaded and/or repairs control according to comparative result; And be used to delete described subordinate operating system module, and notify described system isolation module to create or create voluntarily new subordinate's operating system module.
2, the system of realization operating system security control according to claim 1, it is characterized in that described higher level's operating system module is one or more, the parent-operation system module that constitutes by operating system nucleus or operating system nucleus and the application program that sets in advance.
3, the system of realization operating system security control according to claim 1 is characterized in that described higher level's operating system module for one or more, is made of the application program that sets in advance.
4,, it is characterized in that described subordinate operating system module is one or more according to the system of claim 1,2 or 3 described realization operating system security controls.
5, the system of realization operating system security control according to claim 1, it is characterized in that described safety control module is arranged in the virtual memory management module of the secondary operating system module of BIOS, EFI, magnetic disc main boot record, secondary operating system, virtual machine or virtual machine, and start prior to described higher level's operating system module.
6, the system of realization operating system security control according to claim 1 is characterized in that also being provided with the module creation module in the described safety control module, is used to create subordinate's operating system module.
7, the system of realization operating system security control according to claim 1 is characterized in that also being provided with in the described safety control module standard information storage control module, the standard information that is used to store described higher level's operating system module.
8, the system of realization operating system security control according to claim 7 is characterized in that described standard information storage control module is arranged on described disk protect subregion, computer chip or the webserver.
9, the system of realization operating system security according to claim 1 control, the standard information that it is characterized in that described higher level's operating system module are the Backup Data that stores under higher level's operating system module safe condition of described safety control module.
10, according to the system of claim 1 or the control of 7 described realization operating system securities, the standard information that it is characterized in that described higher level's operating system module is the Backup Data that stores under the safe condition of higher level's operating system module of described standard information storage control module.
11, the system of realization operating system security control according to claim 1 is characterized in that described dynamic data is meant the standard information data in addition of described higher level's operating system module.
12, a kind of method that realizes operating system security control is characterized in that may further comprise the steps:
Step 1, read the log-on message of higher level's operating system module, and with described higher level's operating system standard information of storage in advance relatively, if the log-on message of described higher level's operating system module is consistent with described higher level's operating system standard information, then execution in step 2, otherwise use described higher level's operating system standard information to repair the log-on message of described higher level's operating system module;
Step 2, establishment subordinate operating system module, and load described higher level's operating system module and described subordinate operating system module.
13, the method for realization operating system security control according to claim 12 is characterized in that described step 2 also has following steps afterwards:
The read-write operation of dynamic data in step 3, the described higher level's operating system module of monitoring and/or the described subordinate operating system module, and will be redirected or copy in real time the disk protect subregion to the read/write operation of described dynamic data.
14, the method for realization operating system security control according to claim 12 is characterized in that also comprising before the described step 1, is described higher level's operating system standard information with the backup data store under the safe condition of described higher level's operating system module.
15, the method for realization operating system security according to claim 12 control is characterized in that in the described step 1, describedly with higher level's operating system standard information is more specific is:
Eigenwert and higher level's operating system standard information eigenwert of the log-on message of step 101, calculating higher level operating system module;
The eigenwert of the eigenwert of step 102, more described log-on message and higher level's operating system standard information;
If step 103 is consistent, then enters step 2, otherwise use described higher level's operating system standard information to repair the log-on message of described higher level's operating system module.
16, the method for realization operating system security according to claim 12 control is characterized in that in the described step 1, describedly with higher level's operating system standard information is more specific is:
Step 111, the log-on message that reads higher level's operating system module and higher level's operating system standard information;
Step 112, more described log-on message and standard information;
If step 113 is consistent, then execution in step 2, otherwise use described higher level's operating system standard information to repair the log-on message of described higher level's operating system module.
17, the method for realization operating system security control according to claim 12, it is characterized in that in the described step 2, before creating described subordinate operating system module,, then delete described subordinate operating system module earlier if subordinate's operating system module exists.
18, the method for realization operating system security according to claim 13 control is characterized in that in the described step 3, the read/write operation of described dynamic data is redirected or copies to the disk protect subregion in real time being specially:
Step 31, described dynamic data is copied to the disk protect subregion;
Step 32, monitoring are to the read/write operation of described dynamic data;
Step 33, will be mapped to the read/write operation of described dynamic data in subordinate's operating system module of current operation.
CNB2005100933885A 2005-08-23 2005-08-23 System and method for implementing safety control of operation system Expired - Fee Related CN100514305C (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CNB2005100933885A CN100514305C (en) 2005-08-23 2005-08-23 System and method for implementing safety control of operation system
PCT/CN2006/001929 WO2007022687A1 (en) 2005-08-23 2006-08-01 System and method for security control of operating system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005100933885A CN100514305C (en) 2005-08-23 2005-08-23 System and method for implementing safety control of operation system

Publications (2)

Publication Number Publication Date
CN1920786A true CN1920786A (en) 2007-02-28
CN100514305C CN100514305C (en) 2009-07-15

Family

ID=37771221

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005100933885A Expired - Fee Related CN100514305C (en) 2005-08-23 2005-08-23 System and method for implementing safety control of operation system

Country Status (2)

Country Link
CN (1) CN100514305C (en)
WO (1) WO2007022687A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100524286C (en) * 2007-10-29 2009-08-05 中国科学院计算技术研究所 Multiple core processing system and its management method
CN103617069A (en) * 2011-09-14 2014-03-05 北京奇虎科技有限公司 Malware detecting method and virtual machine
CN103914650A (en) * 2012-12-31 2014-07-09 腾讯科技(深圳)有限公司 Method and device for virus detection
CN104360917A (en) * 2014-11-29 2015-02-18 中国航空工业集团公司第六三一研究所 Avionics system N+1 module backup method
CN105335227A (en) * 2014-06-19 2016-02-17 华为技术有限公司 Method, apparatus and system for processing data in nodes
WO2020000741A1 (en) * 2018-06-30 2020-01-02 平安科技(深圳)有限公司 Rootkit measurement method, apparatus, and server

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1308846C (en) * 2002-12-16 2007-04-04 联想(北京)有限公司 Method and apparatus for realizing protection of computer operation system in hard disk
TWI223774B (en) * 2003-07-18 2004-11-11 Mitac Technology Corp Selectable booting operation method by the bios with the multi-partition in the disk
US7558911B2 (en) * 2003-12-18 2009-07-07 Intel Corporation Maintaining disk cache coherency in multiple operating system environment

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100524286C (en) * 2007-10-29 2009-08-05 中国科学院计算技术研究所 Multiple core processing system and its management method
CN103617069A (en) * 2011-09-14 2014-03-05 北京奇虎科技有限公司 Malware detecting method and virtual machine
CN103617069B (en) * 2011-09-14 2017-07-04 北京奇虎科技有限公司 Malware detection methods and virtual machine
CN103914650A (en) * 2012-12-31 2014-07-09 腾讯科技(深圳)有限公司 Method and device for virus detection
CN103914650B (en) * 2012-12-31 2017-12-01 腾讯科技(深圳)有限公司 Method for detecting virus and device
CN105335227A (en) * 2014-06-19 2016-02-17 华为技术有限公司 Method, apparatus and system for processing data in nodes
CN105335227B (en) * 2014-06-19 2019-01-08 华为技术有限公司 Data processing method, device and system in a kind of node
CN104360917A (en) * 2014-11-29 2015-02-18 中国航空工业集团公司第六三一研究所 Avionics system N+1 module backup method
CN104360917B (en) * 2014-11-29 2017-06-27 中国航空工业集团公司第六三一研究所 A kind of avionics system N+1 module backup methods
WO2020000741A1 (en) * 2018-06-30 2020-01-02 平安科技(深圳)有限公司 Rootkit measurement method, apparatus, and server

Also Published As

Publication number Publication date
WO2007022687A1 (en) 2007-03-01
CN100514305C (en) 2009-07-15

Similar Documents

Publication Publication Date Title
JP6050262B2 (en) Virtual disk storage technology
US8839228B2 (en) System and method for updating an offline virtual machine
US7519806B2 (en) Virtual partition for recording and restoring computer data files
US7665123B1 (en) Method and apparatus for detecting hidden rootkits
CN102272734B (en) Method and system for hibernation or suspend using a non-volatile-memory device
US20070011445A1 (en) System and method for loading programs from HDD independent of operating system
US7827376B2 (en) System and method for protecting hidden protected area of HDD during operation
JP7144642B2 (en) Behavior-based VM resource capture for forensics
CN1285038C (en) System and method for handling device accesses to a memory providing increased memory access security
US8353044B1 (en) Methods and systems for computing device remediation
CN1920786A (en) System and method for implementing safety control of operation system
US20040148478A1 (en) Method and apparatus for protecting data in computer system in the event of unauthorized data modification
CN100507850C (en) Method for embedding inner core drive program in Window operation system by USB apparatus start-up
US20090193215A1 (en) Erasing and restoring factory settings in computer systems
KR100494499B1 (en) Data retouching method for executing file on real time and virus elimination method using the data retouching method thereof
CN100403212C (en) System and method for implementing operation system separation
US20110055535A1 (en) Method of Converting Personal Computers Into Thin Client Computers
CN101236498B (en) Method for embedding inner core drive program in Window operation system by PCI card start-up
CN101373457B (en) Hard disk write-protection lock based on USB equipment under Windows environment
US8572742B1 (en) Detecting and repairing master boot record infections
US7882353B2 (en) Method for protecting data in a hard disk
US20090055683A1 (en) Method of restoring previous computer configuration
CN101833485B (en) System protection method based on snapshot
CN102375700A (en) Method for directly updating hard drive data
CN100424652C (en) Had disk self-recovery protecting method based on embedded operation system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200916

Address after: No.408, building 10a, Zilang science and Technology City, Nantong innovation District, No.60 Chongzhou Avenue, Nantong City, Jiangsu Province 226000

Patentee after: Nantong Yingke Information Technology Co.,Ltd.

Address before: 100085, Beijing, Haidian District on the road No. 1, No. 3, block A

Patentee before: Star Softcomm Pte. Ltd.

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090715

CF01 Termination of patent right due to non-payment of annual fee