JP2008021247A - Information processor, file access control method and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information processor, wherein a user can decide the acceptance/rejection of file access as necessary on the basis of the association of a file stored in the information processor used by the user with a program operating on the information processor, and to provide a file access control method and a program. <P>SOLUTION: The information processor having a plurality of programs and a plurality of files comprises a control information storage means for holding control information indicating whether to allow access to a predetermined file in each of the plurality of programs, an access right decision means for temporarily holding an access request and deciding whether the access request is permitted on the basis of the control information when a predetermined program executes the access request to the predetermined file, and an access acceptance/rejection confirmation means for confirming the user as to whether the access request is permitted when the access request is not permitted as a result of decision of the access right decision means. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an information processing apparatus, a file access control method, and a program that prevent information leakage by controlling file access to a predetermined file by a predetermined program.

The conventional file access control automatically determines whether file access is permitted / prohibited. Therefore, the user needs to perform “setting operation for permitting / prohibiting file access” in advance. In order to perform the setting work appropriately, it is necessary to have knowledge about the specifications and setting methods of the file access control, and the setting work itself is time-consuming. Therefore, in personally owned personal computers, file access control may not be used even in an environment where file access control is possible, and the range for permitting file access is set wider than necessary. May be used in the same state that file access control is not enabled. And because of this, it has become a problem because it has been invaded by computer viruses or information leakage has occurred due to file leakage.
Further, in the conventional file access control, the user needs to have knowledge about the setting method and the like, and when the user wants to permit the predetermined file access, the user does not know an appropriate setting changing method, and is related to the necessary setting change. There was also a problem that the work could not be performed.

As a prior art example related to access, in a distributed network, a dialog is displayed on a remote terminal, and a user can reliably instruct access restriction for a predetermined resource on the network. Network system, medium, and information aggregate ”(for example, see Patent Document 1).
JP 2001-337917 A

  However, the invention described in Patent Document 1 is assumed to be accessed from another external terminal on a distributed network, and a predetermined program is stored in the information processing apparatus in one information processing apparatus. It is not a configuration that can cope with access to existing files.

  The present invention has been made in view of the above circumstances, and based on the association between a file stored in an information processing apparatus used by a user and a program operating on the information processing apparatus, as necessary. An object of the present invention is to provide an information processing apparatus, a file access control method, and a program that allow a user to determine whether or not file access is possible.

  In order to achieve this object, the invention according to claim 1 is an information processing apparatus having a plurality of programs and a plurality of files, and permits access to a predetermined file for each of the plurality of programs. Control information storage means for holding control information indicating whether or not, and when an access request is executed from a predetermined program to a predetermined file, the access request is temporarily suspended and whether or not the access request is permitted. An access right determination unit for determining based on the control information; and, as a result of the determination by the access right determination unit, if an access request is not permitted, an access permission / non-permission confirmation unit for confirming whether to permit the access request to the user; It is characterized by having.

  In the invention described in claim 2, in the invention described in claim 1, when the access request is permitted as a result of the determination, the access right determination unit is a file management unit that manages a file to be accessed. On the other hand, it is characterized by passing an access request.

  The invention according to claim 3 is the file according to claim 1 or 2, wherein the access permission confirmation unit manages the file that is the target of the access request when receiving an instruction to permit the access request from the user. When an access request is delivered to the management means and an instruction not to permit the access request is received from the user, an error response is returned in response to the access request.

  The invention according to claim 4 is the invention according to any one of claims 1 to 3, wherein the control information can be changed, added, or deleted based on an operation by a user. Control information updating means is further included.

  The invention according to claim 5 is the invention according to any one of claims 1 to 4, wherein the access permission confirmation means requests the access request in order to confirm with the user whether or not to permit the access request. A confirmation screen that allows the user to confirm the name of the original program and the name of the file that is the target of the access request is displayed, and a user instruction is received from the confirmation screen.

  The invention according to claim 6 is a file access control method executed by an information processing apparatus having a plurality of programs and a plurality of files, wherein an access request is executed from a predetermined program to a predetermined file. If the access request is temporarily suspended, the access right determination for determining whether or not the access request is permitted based on the control information indicating whether or not the access to the predetermined file is permitted for each of the plurality of programs. When the access request is not permitted as a result of the determination of the step and the access right determination step, an access permission confirmation step for confirming whether or not to permit the access request is performed.

  According to a seventh aspect of the present invention, in the sixth aspect of the present invention, when the access request is permitted as a result of the determination of the access right determination step, the file management means managing the access request target file. The access request is delivered.

  The invention described in claim 8 is the file managing an access request target file when receiving an instruction to permit an access request from a user in the access permission confirmation step in the invention described in claim 6 or 7. When an access request is delivered to the management means and an instruction not to permit the access request is received from the user, an error response is returned in response to the access request.

  The invention according to claim 9 is the invention according to any one of claims 6 to 8, wherein the control information can be changed, added, or deleted based on an operation by the user. It further has a control information update step.

  According to a tenth aspect of the present invention, in the invention according to any one of the sixth to ninth aspects, the access permission confirmation step requests an access request to confirm to the user whether or not to permit the access request. A confirmation screen display step for displaying a confirmation screen that allows the user to confirm the name of the original program and the name of the file that is the target of the access request, and a user instruction reception step for receiving a user instruction from the confirmation screen. It is characterized by having.

  The invention according to claim 11 is a program for causing an information processing apparatus having a plurality of programs and a plurality of files to execute file access control, and requests access to a predetermined file from a predetermined program. Is executed, the access request is temporarily suspended, and whether or not the access request is permitted is determined for each of a plurality of programs based on control information indicating whether or not to permit access to a predetermined file. When the access request is not permitted as a result of the determination of the access right determination process and the access right determination process, the information processing apparatus executes an access permission determination process for confirming whether the access request is permitted or not. It is characterized by that.

  In the invention described in claim 12, in the invention described in claim 11, when the access request is permitted as a result of the determination of the access right determination process, the file management means managing the file of the access request target The information processing apparatus is caused to execute processing for delivering an access request.

  A thirteenth aspect of the invention is the file according to the eleventh or twelfth aspect of the present invention, wherein, in the access permission confirmation process, when an instruction to permit an access request is received from a user, the file that manages the access request target When an instruction not to permit an access request is received from a user for a process for delivering an access request to the management means, the information processing apparatus executes a process for returning an error response to the access request. To do.

  The invention according to claim 14 is the control information update according to any one of claims 11 to 13, wherein the control information is changed, added, or deleted based on an operation by the user. The information processing apparatus is further caused to execute processing.

  The invention according to claim 15 is the request of access request according to any one of claims 11 to 14, in order to confirm to the user whether or not to permit the access request as the access permission confirmation process. A confirmation screen display process for displaying a confirmation screen that allows the user to confirm the name of the original program and the name of the file that is the target of the access request, and a user instruction reception process that receives a user instruction from the confirmation screen. The information processing apparatus is executed.

  According to the present invention, based on the association between a file stored in an information processing device used by a user and a program operating on the information processing device, the user determines whether or not file access is possible as necessary. Therefore, when a malicious program such as a computer virus is running on the information processing device, the user is not normally aware of the detection of the unauthorized program and the prevention of information leakage by the unauthorized program. Can be done.

  The best mode for carrying out the present invention will be described below in detail with reference to the accompanying drawings.

[Outline of the Invention]
First, an outline of the present invention will be described.
The present invention displays a confirmation screen (warning screen) when an access request is executed in an unusual “combination of process (application process) and file”, and confirms the user with a file that is not intended by the user. It makes it possible to prevent the outflow easily.

  In the present invention, in FIG. 1, the access right determination unit 21 receives a file access request (file open request) for a predetermined file from the process 13 and accesses the basic access control information 31 and the extended access control information 32 with reference to the basic access control information 31. Confirm the rights. If access is permitted, the file access request is transferred to the file system 50. If it is necessary to confirm whether or not access to the user is necessary, the access permission confirmation means is provided with the file access request temporarily suspended. 22 displays a confirmation screen (see FIG. 4) on the output device 41 such as a display. The confirmation screen displays information such as the name of the process 13 that is the request source of the file access request and information such as the name of the file to be accessed, and determines whether or not the user can access based on the information, and the keyboard. The processing for the pending file access request is determined using the input device 42 such as a mouse or a mouse. If the user selects access refusal, the file access request from the process 13 is abnormally terminated.

Embodiment of the present invention
FIG. 3 is a hardware configuration diagram of a general or standard personal computer 1 as an embodiment of the present invention. A personal computer (hereinafter abbreviated as a computer) 1 includes a central processing unit (CPU) 2 that performs information processing, a read only memory (ROM) 3 that stores a basic input output system (BIOS), and the like, and is processing information. A primary storage device such as a RAM (Random Access Memory) 4 temporarily stored in the storage device, a secondary storage device such as a HDD (Hard Disk Drive) 5 that is a storage means for storing application programs and processing results, and the like A drive 7 of a removable medium 6 which is a recording medium for storing or distributing outside or obtaining information (application program etc.) from the outside, and a network interface 8 for connecting to a network for communicating with an external computer A display 9 which is a display unit for displaying a process progress, a process result, and the like to the user, and an operator Is composed of a input unit such as a keyboard 10 and a mouse 11 for inputting instructions and information to the computer 1, the data communication between the bus controller 12 is operating in the arbitration.

  The removable medium 6 includes a magnetic recording medium such as a flexible disk, a hard disk, and a magnetic tape, a magneto-optical recording medium such as an MO, a CD, a CD-ROM, a CD-R, a CD-RW, Various recording media such as optical recording media such as DVD-ROM, DVD-R, DVD-RAM, DVD-RW, DVD + RW, and semiconductor memory can be applied.

  In the data transmission, the network interface 8 outputs a signal to the network by sending data to the network interface 8 of the computer 1. Further, regarding the signal received by the network interface 8, it is determined whether or not it is necessary in the network interface 8, and processing such as fetching if necessary data and discarding if unnecessary is performed. That is, all data transmission / reception is performed via the network interface 8.

  In general, when the user turns on the power of the computer 1, the CPU 2 activates a program called a loader included in the BIOS in the ROM 3, and the hardware and software of the computer 1 called the operating system (OS) from the HDD 5. Is loaded into the RAM 4. When the OS is activated, it supports activation of application programs, reading of information, storage, and the like according to user operations. A program operating on the OS is called an application program (application software). The application program is not limited to one that runs on a predetermined OS, and may be one that causes the OS to execute some of the various processes described below, or constitutes predetermined application software, an OS, or the like. It may be included as part of a group of program files. The computer 1 stores a file access control program according to an embodiment of the present invention in the HDD 5.

  In general, an application program installed in the HDD 5 of the computer 1 is recorded in the removable medium 6, and the application program recorded in the removable medium 6 is installed in the HDD 5. Therefore, the removable medium 6 can also be a recording medium that stores the file access control program of the present embodiment. Furthermore, the file access control program of this embodiment may be taken in from the outside via the network interface 8, for example, and installed in the HDD 5.

  In the computer 1, when a file access control program operating on the OS is started, the CPU 2 executes various arithmetic processes according to the program and centrally controls each unit.

  FIG. 1 is a block diagram showing a functional configuration of the computer 1. The computer 1 and the CPU 2 operate on the OS according to the file access control program of the present embodiment, thereby realizing the access control means 20 and the access control information management means 30 shown in FIG.

  The process 13 is a predetermined program having a function of accessing a predetermined file. For example, an application program installed in the HDD 5.

  The access control means 20 includes an access right determination means 21 and an access permission confirmation means 22.

  The access right determination unit 21 refers to the basic access control information 31 and the extended access control information 32 and permits the file access request received from the process 13 or confirms to the user using the access permission confirmation unit 22. Determine if processing is required.

  The access permission confirmation unit 22 displays an access permission confirmation screen (hereinafter referred to as a confirmation screen) 14 shown in FIG. As shown in FIG. 4, the confirmation screen 14 includes the name of the process making the file access request and the name of the file access target as information, and the user views the confirmation screen 14. Check the process name and file name. A result input by the user from the input device 42 (in the case of FIG. 4, “Yes” or “No”) is received, and processing for the file access request is performed according to the result. When the access is permitted, the file access request is transferred to the file system 5 of the operating system. When the access is denied, the process 13 is notified of the abnormal end with respect to the file access request.

  The access control information management means 30 includes basic access control information 31, extended access control information 32, and extended access control information management means 33. The basic access control information 31 and the extended access control information 32 are held in a predetermined storage unit (control information storage unit) such as the HDD 5 or the RAM 4.

  The basic access control information 31 is control information based on the association between the process and file type on the target operating system, the relationship between the application software and the installation destination folder, and the like. For example, there are a plurality of pieces of information such as “process A permits access to file 1” and “application X permits access to folder 5”. The basic access control information 31 is held in advance from the start of use of the computer, and it is not necessary for the user to set the contents of the control information. Due to the presence of this control information, there is a low possibility that the confirmation screen 14 is displayed when a general computer is used, and the user hardly needs to be aware of the presence of the access control means 20 or the like.

  The extended access control information 32 has the same information content as the basic access control information 31, but is not held at the start of computer use. The extended access control information 32 is control information that is added / changed / deleted by a setting operation by the user. The user can make a desired setting for the content of the predetermined basic access control information using the input device 42 on the predetermined setting screen displayed on the output device 41. For example, when there is already basic access control information 31 with the content “Process A permits access to file 1”, the content “Process A permits access to file 2” is designated as control information 31. In addition to the control information 31, a setting with a content “Process A permits access to the file 3” is added to the control information 31 (in the case of addition, the control information 31 is related to the existing control information 31. The control information 31 itself can be deleted. The extended access control information management means (control information update means) 33 that has received the above setting operation by the user performs update processing such as change / addition / deletion of the basic access control information 31. In the case of change / addition, it is held as extended access control information 32.

  The output device 41 is a display 9, and the input device 42 is a keyboard 10, a mouse 11, or the like.

  The file system 5 of the operating system is a standard that is generally used in the past, and is a means for storing and managing files. The file system 5 itself does not need the function related to the file access control of this embodiment.

  Next, the operation of the computer 1 of this embodiment, that is, the file access control method executed by the file access control program of this embodiment will be described in detail with reference to the flowcharts of FIGS.

  First, in FIG. 1, a file open request is executed as a file access request for a predetermined file from the process 13 (step S1 in FIG. 2).

  Next, the access right determination means 21 temporarily holds the file open request received from the process 13 (step S2 in FIG. 2), and confirms with the user by referring to the basic access control information 31 and the extended access control information 32. It is determined whether or not (confirmation of whether the file can be accessed) is necessary (step S3).

  When confirmation with the user is unnecessary (step S3 / NO in FIG. 2), the access right determination means 21 delivers the pending file open request to the file system 5 of the operating system (step S7).

  On the other hand, when confirmation to the user is necessary (step S3 / YES in FIG. 2), the access right determination means 21 notifies the access permission confirmation means 22 to that effect, and the access permission confirmation means 22 notifies the output device 41 of FIG. The confirmation screen 14 is displayed (step S4 in FIG. 2). Then, the access permission confirmation unit 22 receives an instruction input by the user from the input device 42 (step S5 in FIG. 2), and whether to permit the pending file open request based on the instruction input by the user. Is determined (step S6 in FIG. 2).

  When permitting the file open request (step S6 / YES in FIG. 2), the access permission confirmation means 22 delivers the file open request to the file system 5 of the operating system (step S7).

  When the file open request is not permitted (step S6 / NO in FIG. 2), the access permission confirmation unit 22 returns an error response to the file open request from the process 13 (step S8), and returns to step S1.

As described above, according to the embodiment of the present invention, the following effects can be obtained.
The first effect is that the user can easily prevent information (file) from being leaked or leaked without requiring knowledge or labor related to file access control.
The reason is that, even if settings relating to file access control are not particularly performed, a file access request from a process that is not normally required is in a state where the user needs permission by displaying a confirmation screen.

The second effect is that a user can use a computer without being aware of file access control.
The reason is that all file access from the operating system standard file management tool is permitted in the specified state, and file access from other processes is also permitted based on information such as the association of the operating system. Therefore, a confirmation screen is not displayed in a general usage range, and work such as setting change of access control information is unnecessary.

  In other words, according to the embodiment of the present invention, whether or not file access is possible as necessary based on the association between a file stored in a personal computer used by a user and a program running on the personal computer. Since the user can make a decision, when a malicious program such as a computer virus is running on a personal computer, the user is usually aware of detection of the unauthorized program and prevention of information leakage by the unauthorized program. It becomes possible to do without.

  The embodiment of the present invention has been described above, but the present invention is not limited to the above description, and various modifications can be made without departing from the scope of the invention.

It is a block diagram which shows the function structure of the computer which is embodiment of this invention. It is a flowchart which shows operation | movement of the computer which is embodiment of this invention. It is a block diagram which shows the hardware constitutions of the computer which is embodiment of this invention. It is a figure which shows an example of the confirmation screen displayed on the computer which is embodiment of this invention.

Explanation of symbols

1 PC (an example of an information processing device)
2 CPU
3 ROM
4 RAM
5 HDD
6 Removable media (recording media)
7 drive 8 network interface 9 display (an example of the output device 41)
10 Keyboard (an example of the input device 42)
11 Mouse (an example of the input device 42)
DESCRIPTION OF SYMBOLS 12 Bus controller 13 Process 14 Confirmation screen 20 Access control means 21 Access right judgment means 22 Access permission confirmation means 30 Access control information management means 31 Basic access control information 32 Extended access control information 33 Extended access control information management means 41 Output device 42 Input Device 50 Operating system file system

Claims (15)

An information processing apparatus having a plurality of programs and a plurality of files,
Control information storage means for holding control information indicating whether to allow access to a predetermined file for each of the plurality of programs;
An access right determining means for temporarily holding the access request when an access request is executed from a predetermined program to a predetermined file and determining whether the access request is permitted based on the control information; ,
As a result of the determination by the access right determination means, if the access request is not permitted, an access permission confirmation means for confirming to the user whether to permit the access request;
An information processing apparatus comprising: The access right determination means includes
2. The information according to claim 1, wherein when the access request is permitted as a result of the determination, the access request is delivered to a file management unit that manages a file to be accessed. Processing equipment. The access permission confirmation means includes:
When an instruction to permit the access request is received from the user, the access request is passed to a file management unit that manages the target file of the access request,
The information processing apparatus according to claim 1, wherein an error response is returned in response to the access request when an instruction not to permit the access request is received from the user.   The control information update means according to any one of claims 1 to 3, further comprising control information update means capable of performing at least one of change, addition, and deletion on the control information based on an operation by the user. The information processing apparatus described in 1. The access permission confirmation means includes:
Confirmation screen that allows the user to confirm the name of the program that is the request source of the access request and the name of the file that is the target of the access request in order to confirm with the user whether or not to permit the access request The information processing apparatus according to claim 1, wherein an instruction from the user is received from the confirmation screen. A file access control method executed by an information processing apparatus having a plurality of programs and a plurality of files,
When an access request is executed from a predetermined program to a predetermined file, the access request is temporarily suspended and based on control information indicating whether access to the predetermined file is permitted for each of the plurality of programs An access right determination step for determining whether or not the access request is permitted;
As a result of the determination in the access right determination step, when the access request is not permitted, an access permission confirmation step for confirming to the user whether to permit the access request;
And a file access control method.   When the access request is permitted as a result of the determination in the access right determination step, the access request is delivered to a file management unit that manages a target file of the access request. Item 7. The file access control method according to Item 6. In the access permission confirmation step,
When an instruction to permit the access request is received from the user, the access request is delivered to a file management unit that manages the target file of the access request,
8. The file access control method according to claim 6, wherein an error response is returned in response to the access request when an instruction not to permit the access request is received from the user.   The control information update step according to any one of claims 6 to 8, further comprising a control information update step capable of performing at least one of change, addition, and deletion on the control information based on an operation by the user. The file access control method described in 1. The access permission confirmation step includes:
Confirmation screen that allows the user to confirm the name of the program that is the request source of the access request and the name of the file that is the target of the access request in order to confirm with the user whether or not to permit the access request A confirmation screen display step for displaying
A user instruction receiving step for receiving the user's instruction from the confirmation screen;
10. The file access control method according to claim 6, further comprising: A program for causing an information processing apparatus having a plurality of programs and a plurality of files to execute file access control,
When an access request is executed from a predetermined program to a predetermined file, the access request is temporarily suspended and based on control information indicating whether access to the predetermined file is permitted for each of the plurality of programs An access right determination process for determining whether or not the access request is permitted;
As a result of the determination of the access right determination process, if the access request is not permitted, an access permission confirmation process for confirming to the user whether to permit the access request;
The information processing apparatus executes the program.   If the access request is permitted as a result of the determination of the access right determination process, a process of delivering the access request to a file management unit that manages a target file of the access request 12. The program according to claim 11, wherein the program is executed. In the access permission confirmation process,
When receiving an instruction for permitting the access request from the user, a process of delivering the access request to a file management unit that manages the target file of the access request,
When receiving an instruction not to permit the access request from the user, processing to return an error response to the access request,
The program according to claim 11 or 12, wherein the program is executed by the information processing apparatus.   14. The information processing apparatus according to claim 11, further causing the information processing apparatus to execute a control information update process for performing at least one of change, addition, and deletion on the control information based on an operation by the user. The program according to item 1. As the access permission confirmation process,
Confirmation screen that allows the user to confirm the name of the program that is the request source of the access request and the name of the file that is the target of the access request in order to confirm with the user whether or not to permit the access request Confirmation screen display processing to display
A user instruction acceptance process for accepting the user's instruction from the confirmation screen;
The program according to claim 11, wherein the information processing apparatus is executed.

Images