200905516 九、發明說明: 【發明所屬之技術領域】 本發明係提供一種軟體標荦枯 ^ ^ ^ „ , 預茶之技術領域,尤指提供一 ..^ ^ ^ 特別是用於視窗系統所 產生的檔案資料的保護。 【先前技術】 為防止檔案資料外洩,_船 a m ^ ^ 般而S疋利用檔案權限控管 柱序,搭配加解密演算法來達成 素^成貪枓保護的目的,然而檔 案加雄程式,通常是在檔案產生 Λσ to ^ 丨夂竹成疋疋否將該檔案 gp η ^ , A 1示邊措施會有一致命的漏洞, 即疋短暫時間内存在一個未加密 無意間資料外洩的機會。 八,m 增整保護權案資料,加解密保護措施,在槽案新 目1 4取的過程中,全方位的加解密是必要的,但 曰則尚未有相關保護機制。 習知保護機制有: 性,二欲移轉特定格式,例如PDF:藉由pdf播案特 移轉後的呆護的文件轉成PDF保密文件。惟,其是檔案 保蠖,需要改變使用者習慣使用特定格式的檔案 ° 亦無法達到保護原始檔案資料内容之目的。、 — •外掛程式:在應用軟體開發外掛程式保護檔案内 :::如此㈣’因為應用軟體實在太多,版本更新又很 、 以都要寫外掛有寫不完的問題,成本也不划算。 存产=.暫存檔案:在檔案產生後,產生一相同内容之暫 、而將原本檔案加密並鎖定禁止其他應用程式存取 200905516 該檔案。應用軟體對於該擋案的存取都先暫時寫入該暫存 標案,存取完畢後,再將樓案内容回存到原播案内容。此 作法的問題是為M f時間内存在一個未加密的暫存棺案版 本,造成有意或無意間的資料外洩的機會。 參閱第六圖所示,為其現今新版的微軟作業系統基本 架構圖,该個人電腦(5 )内之微軟作業系統内核模式層 (6) 内一定會有一輸出入管理員(I〇 Manager) ( i )及一 過濾器管理員(Filter Manager) (2),其在使用者模式層 (7) 之應用程式的輸出入作業(4) 一定會先經過輸出 入管理員(10 Manager) ( 1 )及過濾器管理員(Filter Manager) (2 ) ’才到達檔案系統(3 ),而檔案系統(3 )資料 亦是經由輸出入管理員(I〇 Manager) ( 1 )及過濾器管理員 (Filter Manager) (2),才到達應用程式的輸出入作業 (4 ) ° 是以’針對上述習知技術所存在之問題點,如何一種 更具理想實用性之創新保護技術,實消費者所殷切企盼, 亦係相關業者須努力研發突破之目標及方向。 有鑑於此,發明人本於多年從事相關產品之開發與設 計經驗,針對上述之目標,詳加設計與審慎評估後,終得 一確具實用性之新技術成為本發明。 【發明内容】 欲解決之技術問題點:習知保護機制的問題點有下列 三種。 1 ·移轉特定格式,例如PDF :藉由PDF檔案特 性’將欲保護的文件轉成p D F保密文件。惟,其是檔案 200905516 移轉後的保唯,a = 1呆護 茜要改變使用者習慣使用特定格式的檔案 閱°賣器’亦無法達到保護原始檔案資料内容之目的。200905516 IX. Description of the invention: [Technical field to which the invention pertains] The present invention provides a software standard for the production of a tea, in particular, for providing a .. ^ ^ ^ especially for use in a window system. [Previous technology] In order to prevent the leakage of archives, _ ship am ^ ^ and then use the file permission control column order, with encryption and decryption algorithm to achieve the purpose of greed protection, However, the file plus program is usually generated in the file Λ to to ^ 丨夂 疋疋 疋疋 将该 将该 将该 将该 档案 档案 档案 档案 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Opportunities for data leakage. VIII, m enhancement of protection rights data, encryption and decryption protection measures, in the process of the new case of the slot case, all-round encryption and decryption is necessary, but there is no relevant protection mechanism The conventional protection mechanisms are: Sex, and the second is to transfer to a specific format, such as PDF: The file that has been transferred by the pdf broadcast is turned into a PDF file. However, it is file protection and needs to be changed. Used to make The file of a specific format can not achieve the purpose of protecting the contents of the original file. - - Plug-in: In the application software development plug-in protection file::: (4) 'Because there are too many application software, the version update is very It is not worthwhile to write the plug-in. The cost is not cost-effective. Save the file =. Temporary file: After the file is generated, the same content will be generated, and the original file will be encrypted and locked to prohibit other applications from accessing 200905516. The file. The application software temporarily writes the temporary file to the access file, and after the access is completed, the content of the building is restored to the original broadcast content. The problem of this method is that the time is M f There is an unencrypted temporary file version, which causes an intentional or unintentional leak of data. See Figure 6 for the current version of the new Microsoft operating system basic architecture diagram, within the PC (5) In the Microsoft operating system kernel mode layer (6), there must be an input and output administrator (I〇Manager) (i) and a filter manager (2), which is in the user mode. The input/output operation (4) of the application of layer (7) must first pass through the output manager (10 Manager) (1) and the filter manager (2) to reach the file system (3). The file system (3) data is also sent to the application through the output manager (I〇Manager) (1) and the filter manager (2) (2). In view of the problems existing in the above-mentioned prior art, how to create an innovative protection technology that is more ideal and practical, and the consumers are eagerly awaiting, and the relevant industry must strive to develop the goal and direction of breakthrough. In view of this, the inventor has been engaged in the development and design experience of related products for many years, and after the detailed design and careful evaluation of the above objectives, a new technology that has become practical has become the present invention. SUMMARY OF THE INVENTION Technical problems to be solved: There are three types of problems in the conventional protection mechanism. 1 • Transfer a specific format, such as PDF: Convert the file to be protected into a pDF confidential file by PDF file characteristics. However, it is the file 200905516. After the transfer, Bao Wei, a = 1 Guardian 茜 To change the user's accustomed to using a specific format of the file, the viewer can not achieve the purpose of protecting the contents of the original file.
η · /,L ^ •卜掛程式:在應用軟體開發外掛程式保護播案内 谷’但如此作法’因為應用軟體實在太多,版本更新又很 陕,所以都要寫外掛有寫不完的問題,成本也不划算。 3 暫存槽案:在檔案產生後’產生一相同内容之暫 存樓案,而將原本檔案加密並鎖定禁止其他應用程式存取 該檔案。應用軟體對於該檔案的存取都先暫時寫入該暫存 槽案存取完畢後,再將檔案内容回存到原樓案内容。此 作法的問題是為短暫時間内存在一個未加密的暫存檔案版 本,造成有意或無意間的資料外洩的機會。 解決問之技術特點:提供一種檔案資料外洩保護方 法一系統係基於微軟作業系統之擋案系統過濾器驅動程 式(File System Filter Driver)主架構,加入一個人化安全控 官代理程式及-隱形加解密驅動模組,該隱形加解密驅動 模沮放置在系統輸出入管理員(1〇肘肋聯”與檔案系統動程 式(FUeSy_Driver)之間,作業系統上任何播案的新增、 編輯及讀取動作及資料流,都被隱形加解密驅動模組攔 截。w新禮案產生或暫存時,隱形加解密驅動模組根據權 限及安全控管模組及應用程式辨識模粗,決定檔案是否予 以加密,對於需要加密的稽案㈣,隱形加解密驅動模組 將透過加解密模組將攔截到的資料流加密後儲存於儲存器 中,當應用程式欲讀取標案内容時,冑形加解密驅動模組 依據應用程式辨識模組及權限及安全控管模組決定是否將 該樓案内容解密,《有經過隱形加解密驅動模組及加解密 200905516 模組的檔案,不管經由任何方式傳送到何處,使用者將無 法辨識檔案内容資料,達到完善防止資料外洩之保護。 對照先前技術之功效: 1 .先前技術有暫存檔的漏洞,即其檔案是在完成後 再保護,所以造成有意無意的資料外洩情形;而本發明之 白名單内檔案之寫入動作均會自動加密所以沒有空窗期 2.應用程式的外掛、其版本相容/格式相容開發難 度高;而本發明之檔案格式與應用程式不受限。 3 .先前技術轉檔特定格式需要改變使用者操作習慣 ;而本發明係在系統核心攔截,所以使用者介面完全沒有 改變’不用改變使用者使用習慣。 有關本發明所採用之技術、手段及其功效,兹舉一較 佳實施例並配合圖式詳細說明於后,相信本發明上述之目 的、構造及特徵,當可由之得_深入而具體的瞭解。 【實施方式】 本發月開發出種利用隱形加解密技術以達成檔案資 料外泡保護措施。纟用於電腦之微軟視窗系統中,尤指權 案系統過渡器驅動程式(File Sys細Fiiter架構下, 當稽案在新增、編輯及讀取的過程中,自動加解密以防護 檔案資枓不外洩。以下依序說明本發明技術。 參閱第-圖所心係為本發明之其一實施例系統圖, /'個人電腦(1 〇〇)之内,區分有使用者模式層(7 及内核模式層(8 〇 )該微軟視窗作業系統中其内 核模式層(8 〇 )内有輸出入管理員(I〇Manager)(丄丄) 200905516 及過濾器官理員(Filter Manager) ( 1 2 ),其係作為内部的 控官及使用者模式層(7 0 )之應用程式的輸出入作業 (1 0 )與檔案系統(4 0 )間之橋樑,本發明主要在使 用者模式層(7 0)下建立一安全控管代理程式(5〇) ,並於内核模式層(8 0 )之過濾器管理員(FUterManager) (1 2 )與檔案系統(4 0 )間建立隱形加解密驅動模組 (20),如此,應用程式的輪出入作業(1 〇)及檔案 系統(4 0 )之資料流,則都會被隱形加解密驅動模組〃 (20)攔截’如果是白名單内應用程式存取的檔案就在 讀取時解密並依權限開給使用者,而在開新檔或儲存或暫 存時加密並加入識別證到檔案内容中。 一種檔案資料外洩保護方法,係包含有: 步驟一:於使用在擋案系統過濾器驅動程式⑻比加獅η · /, L ^ • Bugs: In the application software development plug-in to protect the broadcast case valley 'but this way' because the application software is too much, the version update is very Shaanxi, so you have to write the plug-in can not finish the problem The cost is not cost-effective. 3 Temporary storage case: After the file is generated, a temporary storage project with the same content is generated, and the original file is encrypted and locked to prohibit other applications from accessing the file. The application software accesses the file temporarily and temporarily writes the temporary slot. After the file is accessed, the file content is restored to the original content. The problem with this approach is that there is an unencrypted temporary archive version for a short period of time, resulting in an intentional or unintentional leak of information. Technical features of the solution: Provide a method for protecting the archives data. The system is based on the main structure of the File System Filter Driver of the Microsoft operating system, adding a humanized security officer agent and - stealth plus Decryption driver module, the invisible encryption and decryption driver mode is placed between the system input and output administrator (1〇 elbow rib joint) and the file system program (FUeSy_Driver), adding, editing and reading of any broadcast on the operating system The action and data stream are intercepted by the stealth encryption and decryption driver module. When the new gift case is generated or temporarily stored, the stealth encryption and decryption driver module determines the file according to the authority and the security control module and the application module. Encrypted, for the audit file that needs to be encrypted (4), the stealth encryption and decryption driver module encrypts the intercepted data stream through the encryption and decryption module and stores it in the storage. When the application wants to read the content of the standard, the shape is shaped. The encryption and decryption driver module determines whether to decrypt the content of the building according to the application identification module and the authority and security control module. The encryption and decryption driver module and the file of the encryption and decryption 200905516 module, no matter where it is transmitted by any means, the user will not be able to identify the file content data, and perfect the protection against data leakage. Compare the effects of the prior art: 1. Previous The technology has a temporary archived vulnerability, that is, its file is protected after completion, so it causes intentional or unintentional data leakage; and the write action of the file in the whitelist of the present invention is automatically encrypted, so there is no window period. The application plug-in, its version compatibility/format compatibility development is difficult; and the file format and application of the present invention are not limited. 3. The prior art transfer specific format needs to change the user's operating habit; The system core intercepts, so the user interface does not change at all. It is not necessary to change the user's usage habits. Regarding the technology, means and functions of the present invention, a preferred embodiment will be described in detail with reference to the drawings. The above objects, structures and features of the invention can be obtained from the in-depth and specific understanding. Issued the use of stealth encryption and decryption technology to achieve the protection of file data. In the Microsoft Windows system for computers, especially the file system transition driver (File Sys fine Fiiter architecture, when the case is added, During the process of editing and reading, the automatic encryption and decryption is performed to protect the archives from leakage. The following describes the technology of the present invention in sequence. Referring to the drawings, the system is a system diagram of an embodiment of the present invention, /' PC Within (1 〇〇), there is a user mode layer (7 and kernel mode layer (8 〇). There is an input manager (I〇Manager) in the kernel mode layer (8 〇) in the Microsoft Windows operating system (丄丄) 200905516 and Filter Manager (1 2), which is used as an internal control and user mode layer (70) application for input and output (10) and file system (4) 0) bridge, the invention mainly establishes a security control agent (5〇) in the user mode layer (7 0), and in the kernel mode layer (80) filter administrator (FUterManager) (1 2) Establish invisibility with the file system (40) Decrypt the driver module (20), so that the application's round-trip operation (1 〇) and file system (40) data stream will be intercepted by the stealth encryption and decryption driver module 20 (20) interception 'if it is a white list The files accessed by the internal application are decrypted at the time of reading and are opened to the user according to the authority, and are encrypted and added to the file contents when the new file is opened or stored or temporarily stored. A file data leakage protection method includes: Step 1: Use the filter driver in the file system (8)
Filter Driver)架構之微軟視窗系統内,載入安裝 一女全控管代理程式於該使用者模式層及一隱形 加解密驅動模組安裝於該内核模式層之該過i器 管理員(Filter Manager)及該檔案系統間,該安全控 管代理程式可與該隱形加解冑驅動模組直接溝 通; 步驟二:該隱形加解密驅動模組内設有數白名單或數權 限; 步驟三··戶斤有經過隱形加解密驅動模組之檔案均會比對白 名單及權限,儲存前如為白名單則會加密加入識 另J a 1¾開啟樓案時如4白名單則會解密並依權 限開啟給使用者。 200905516 上述該隱形加解密驅動模組内設之數白名單或數權限 為經由安全控管代理程式經網路(6 1 )至安全控管伺服 器(6 0)下載或更新之數權限或數白名單。 參閱第一圖所示,一種檔案資料外洩保護系統,係包 含有: 使用在檔案系統過濾器驅動程式〇rile System Filter Driver)架構之微軟視窗系統之一安全控管代理程式(5 〇 )及一隱形加解密驅動模組(2 0),其中該安全控管代 理程式(5 0 )設於作業系統使用者模式層(7 〇 ) 内,而該隱形加解密驅動模組(2 〇 )設於該内核模式層 (8 0 )之該過濾器管理員(Fiiter Manager) ( 1 2 )及該檔 案系統(40)間,該安全控管代理程式可與該 隱形加解密驅動模組(2 〇 )直接溝通; ^ μ m )之所有檔 形加解密驅 解密、權限 )内執行, (2 1 )判 隱形加解密 (21), 模組(2 2 案無論在何 權限,則無 程式的 案的新 動模組 控管或 使用者 定是否 驅動模 決定檔 )加密 處,只 法正確 增、編 (20 識別證 不會發 需進行 組(2 案是否 ,加密 要沒有 開啟或 忭栗I 1 〇 輯及讀取動 )搁載,白 工作均在内 覺,並以一 安全控管, 0 )根據權 予以加密, 後的檔案嵌 隱形加解密 編輯。 作及資料流, 名單内檔案的 核模式層(8 權限及安全控 當新檔案產生 限及安全控管 加密則利用一 入有識别碼, 驅動模級(2 (40 都被隱 隱形加 0 管模組 時,該 模組 加解密 其後檔 0 )及In the Microsoft Windows system of the Filter Driver architecture, a female full control agent is loaded and installed in the user mode layer and a stealth encryption/decryption driver module is installed in the kernel mode layer. And the file system, the security control agent can directly communicate with the invisible add-on driver module; Step 2: the invisible encryption and decryption driver module has a number of white lists or a number of permissions; Step 3·· The files that have been encrypted and decrypted by the invisible encryption and decryption drive module will be compared to the whitelist and the permissions. If the whitelist is stored before the storage, it will be encrypted and added to the other. When the project is opened, the whitelist will be decrypted and opened according to the permission. user. 200905516 The number of whitelists or number of permissions in the above-mentioned stealth encryption/decryption driver module is the number or number of rights downloaded or updated via the security control agent via the network (6 1 ) to the security management server (60). whitelist. Referring to the first figure, a file data leakage protection system includes: one of the Microsoft Windows system security control agents (5 〇) used in the file system filter driver (Rile System Filter Driver) and a stealth encryption and decryption driver module (20), wherein the security control agent (50) is set in the user mode layer (7 〇) of the operating system, and the stealth encryption and decryption driver module (2 〇) is set The security management agent and the stealth encryption and decryption driver module (2 〇) between the filter manager (1 2) and the file system (40) of the kernel mode layer (80) ) direct communication; ^ μ m ) all file encryption and decryption decryption, permission) execution, (2 1) stealth encryption and decryption (21), module (2 2 case no matter what permissions, no program The new dynamic module control or the user decides whether to drive the mode to determine the file.) The encryption is only correctly added and edited. (20 The identification card will not be sent to the group (2, whether the case is encrypted or not) 〇 及 读取 读取 读取 读取 读取 搁 搁In the sense, and with a security control, 0) encrypted according to the right, the file after the embedded invisible encryption and decryption editing. Workflow and data flow, the core mode layer of the files in the list (8 permissions and security control) When the new file generation limit and security control encryption are used, an identification code is used, and the driver mode is used (2 (40 are all implicitly plus 0 pipe) When the module is used, the module encrypts and decrypts the back file 0) and
上述該隱形加解密驅動模組(2 η) 6 A 包含有一權限及 10- 200905516 安全控管模組(21)、一加解密模組(22)、一輪出 入控制模& ( 2 3 )、_識別碼管理模組(2 4 )及: 用程式辨識模組(2 5 ) 。 % 上述該加解密模組(2 2 )使用之演算法可為對 加解密演算法^ 巧 控管^該識別證包含有儲存產生㈣環境、權限或安全 訊,該識別證作為檔案未來讀取編輯時的控管依 裝一…么 一圖所不,其電腦新加入本發明時,會安 裝一女全控管代理程式( 嘗文 (2〇^ (5〇)及一隱形加解密驅動模矣 Q 2 0 ),該安全控管 供、,且 層(7 n、 代理程式(5 0 )設於使用者模式 ’該隱形加解密驅動棋 核模式層(80)<輪出入敦理:(2〇)放置在該内 構案系統(4 〇 )之間; 員dOManager) ( 1 i )與 其權限/白名單初始化叙 安全控管代理鞀十ά ^ 之動作上,開始(1 1 0 )時 Β代理程式由t全控管伺 (111、廿从 服器取得權限及白名單 、丄丄1 ),其後安全控管 平 限及安全控管模組(i i 2 =將權限資料傳送到權 名單資料傳逆且文全控管代理程式將白 ::送到應用程式辨識模組(i ")。 2 〇 ),庫用案程序動作為,開始(1 輪出入管理昌她被β纪 莱之作業請求(121), 35八&理員攔截該新增檔案請 器管理員(199、 並將该凊求送給過遽 給隱形加解密驅動模組(丄 員將該新增播案請求送 新增檔案作紫r 1 〇 、 ,輸出入控制模組接手 ,詢問播 1權限及安全控管模組是否 200905516 ( ) 5 是 詢 問 應 用 内 ( 1 2 7 ) ? 否 入 控 制 模 組 新 增 檔 成 ( 1 2 9 ) 〇 參 閱 第 四 圖 所 3 0 ) 9 應 用 程 式 ) 9 輸 出 入 管 理 員 過 濾 器 管 理 員 ( 1 求 送 給 隱 形 加 解 密 接 手 讀 取 檔 案 作 業 統 讀 取 檔 案 内 容 ( 用 程 式 是 否 在 白 名 ia. 回 傳 檔 案 内 容 給 内 容 回 傳 給 輸 出 入 將 檔 案 内 容 回 傳 給 別碼 管 理 模 组 檔 案 加 解 密 模 組 將 檔 案 制 模 組 回 傳 檔 案 内 檔 案 内 容 回 傳 給 輸 理 員 將 檔 案 内 容 回 別 碼 管 理 模 組 嵌 入 模 組 將 播 案 内 容 加 内 容 回 存 到 檔 案 系 參 閱 第 五 圖 所 1 2 5 ) 否 3 新 增 程 式 辨 識 模 組 該 應 用 > 新增 檔 案 失 敗 ( 1 案 到 檔 案 系 統 ( 1 2 示 > 該 讀 取 文 件 程 序 送 出 厂 讀 取 檔 案 j 之 攔 截 該 讀 取 檔 案 請 求 3 2 ) 5 過 遽 器 管 理 驅 動 模 組 ( 1 3 3 ) ( 1 3 4 ) 9 輸 出 入 1 3 5 ) > 詢 問 應 用 單 内 ( 1 3 6 ) 5 否 過 >慮 器 管 理 員 ( 1 3 管 理 員 ( 1 3 6 2 ) 應 用 程 式 ( 1 3 6 3 内 容 是 否 有 識 別 證 ( 内 容解 密 ( 1 3 7 1 容 給 過 濾 器 管 理 員 ( 出 入 管 理 員 ( 1 3 6 傳 給 應 用 程 式 ( 1 3 識 別 證 到 檔 案 内 容 ( 密 ( 1 3 9 ) y 輸 出 統 ( 1 3 9 1 ) 〇 示 5 該 檔 案 儲 存 程 序 擋案失敗(1 2 6 程式是否在白名單 2 6),是,輸出 8 ),新增檔案完 動作為,開始(1 作業請求(1 3 1 ,並將該請求送給 員將該讀取檔案請 ,輸出入控制模組 控制模組從檔案系 程式辨識模組該應 ’則輸出入控制模 6 1),再將檔案 ’再輸出入管理員 )。是,則詢問識 13 7),是,則 ),其後輸出入控 1361),再將 2 ) ’再輸出入管 6 3 )。否,則識 1 3 8 ) ’加解密 入控制模組將檔案 為,開始(1 4 〇 -12· 200905516 )’應用程式送出「檔案儲存」之作業請$ ( i 4工), 輸出入管理員攔截該檔案儲存請求,並將該請求送給過滤 器管理員f Ί /。、 丄4 2 ),過濾器管理員將該檔案儲存請求送 給隱形加解密μ #裙 動摈、·且(1 4 3 ),輸出入控制模組接手 用备葙4 Γ作業(1 4 4 ),詢間權限及安全控管模組該應 儲,否有權限(145),否’輸出入控制模組回傳 員將回值妙—“理員(1 4 5 1) ’過濾器管理 子失敗訊息給輪出入管理員(1452),耠 出入管理員回傳儲在“ 4 5 2 } ^ 是,則詢問應息給應用程式(1 4 5 3 )。 (2 4 6 . 工s、模組該應用程式是否在白名單内 容(工 π貝]識別碼管理模組嵌入識別證到檔案内 輸出入心’加解密模組將檔案内容加密(148), 輪人;η: μ 、,擋案内谷回存到檔案系統(1 4 9 :), 輸出入控制模組回傳 、丄4 y ) 9 1 ),過瀘 力矾心給過濾器管理員(χ 4 員(1492),輸出3存^力訊息給輸出入管理 程式(1 4 9 3 )。否, 員回傳儲存成功訊息給應用 存到檔案系統(i 4 9 ) / 2出入控制模組將檔案内容回 訊息給過濾器管理員(1 4出入控制模組回傳儲存成功 儲存成功訊息給輪出入管理員1 :,過據器管理員將回傳 員回傳儲存成功訊息給應用 ^92),輸出入管理 藉由上述,本發明達到了 — 4 9 3 )。 解密保護,而且其係在於樓案護樓案資料及隱形加 、暫存或儲存過程均自動加解密,:二編輯及讀取的新增 案或未加密的檔案變成不心 彳牙想要竊取該原始檔 此,進而使得本發明的防護得 -13- 200905516 以滴水不漏。 刖文係針對本發明之較佳 進行具體之說明;惟,熟悉此 本發明之精神與原則下對本發 變更與修改,皆應涵蓋於如下 中0 實施例為本發明之技術特徵 項技術之人士當可在不脫離 明進行變更與修改,而該等 申請專利範圍所界定之範疇 【圖式簡單說明】 第一圖:係本發明其一實施例之系統圖。 第二圖:係本發明權限/白名單初始化流程圖。 第三圖:係本發明新增檔案程序流程圖。 第四圖:係本發明讀取文件程序流程圖。 第五圖:係本發明檔案儲存程序流程圖。 第六圖:係習知微軟作業系統基本架構圖。 【主要元件符號說明】 •習用部份· (1 )輸出入管理員(10 Manager) (2 )過濾器官理員Manager) (3 )檔案系統 (4 )應用程式的輪出入作業 (5 )個人電腦 (6 )内核模式層 (7 )使用者模式層 •本發明部份. (1 0)應用程式的輸出入作業 (1 1 )輸出入管理員(10 Manager) (1 2 )過遽器管理員(Filter Manager) (2 〇 )隱形加解密驅動模組 -14- 輸出入控制模組接手新增檔 詢問權限及安全控管模組是 新增檔案失敗 200905516 (2 1 )權限及安全控管模組 (2 2 )加解密模組 (2 3 )輸出 (2 4 )識別碼管理模組(2 5 )應用 (4 0 )檀案系統 (5 0 )安全 (6 0 )安全控管伺服器(6 1 )網路 (70)使用者模式層(80)内核 (1 0 0 )個人電腦 (110) 開始 (111) 安全控管代理程式由安全控 及白名單 (1 12)安全控管代理程式將權限資 全控管模組 (113)安全控管代理程式將白名單 式辨識模組 (1 2 〇 )開始 (121)應用程式送出新增標案之作 (1 2 2 )輸出入管理員攔截該新增檔 求送給過濾器管理員 (1 2 3 )過濾器管理員將該新增檔案 密驅動模組 〃 (12 4) (12 5) (12 6) (1 2 7 )詢問應用程式辨識模組該應 單内 ~ 入控制模組 程式辨識模組 控管代理程式 模式層 管伺服器取得權限 料傳送到權限及安 資料傳送到應用程 業請求 案請求,並將該請 請求送給隱形加解 案作業 否有權限新增檔案 用程式是否在白名 -15- 200905516 (1 2 8)輸出Λ控制模組新增檔案到檔案系統 (129)新増檔案完成 r 1 3 〇 )開始 1 3 〜…征八送出碩取檔案」之作業請求 求送給過濾器管理員 2 )=出♦入管理員攔截該讀取檔案請求,並將該請 •5咼應崙官》3 (133) °慮器管理員將該讀取檔案請求送給隱形加解 密驅動模組 (1 3 4 )輸出入控制模組接手讀取檔案作業 (1 3 5 )輸出入控制模組從檔案系統讀取檔案内容 (1 3 6 )相應用程式辨識模㈣應用程式是否在白名 單内 (1 3 6 1 )冑出入控制模組回傳檔案内容給過濾器管理 員 β (1 3 6 2)將檔案内容回傳給輸出入管理員 (1 3 6 3 )輪出入官理員將檔案内容回傳給應用程式 (1 3 7 )詢問識別碼管理模組檔案内容是否有識別證 (1 3 7 1 )加解密模組將槽案内容解密 (1 3 8 )識別碼管理模組嵌入識別證到檀案内容 (1 3 9 )加解密模組將檔案内容加密 (1 3 9 1 )輸出入控制模組將檔案内容回存到檔案系統 (1 4 0 )開始 (1 (1 求送 4 1 )應用程式送出「檔案儲存」之作業請求 4 2 )輸出入管理員攔截該檔案儲存請求,並將該請 給過濾器管理員 -16- 905516 (14 在、驅動 (14 (14 限 (14 管理員 (14 管理員 (14 (14 單内 (14 (14 (14 (14 管理貝 (14 管理負 (14 隱形加解 權 敗訊息給输出入 過據器管理員將該樓案健存請求送給 入控制模組接+檔案儲存作業 5句問權限及安全控營握 s棋組该應用程式是否有 、出入控制模組回傳健存失敗訊息給過溏器 )過濾器管理員將回傳儲存失 5 3)輪出入管理員回值 3 ) .. Λ 員傳儲存失敗訊息給應用程式 1應用程式辨識模級該應用程式是否在白名 管理模組嵌入識別證到權案内容 加解密模組將播案内容加密 9 )輸出入控制模組將 )1 ^ . 權案内谷回存到檔案系統 1 )輪出入控制模組 w 1寻儲存成功訊息給過據器 )2)過攄器管理員將 口傳儲存成功訊息給輸出入 )3)輪出入管理員回值 貝口傳儲存成功訊息給應用程式 -17-The invisible encryption and decryption driving module (2 η) 6 A includes a permission and a 10-200905516 security control module (21), an encryption and decryption module (22), a round-in and out control mode & (23), _ ID Management Module (2 4) and: Application Identification Module (2 5). % The above algorithm used by the encryption and decryption module (2 2 ) can be used to control the encryption and decryption algorithm ^ The identification certificate contains a storage generation (4) environment, authority or security message, and the identification certificate is read as a file in the future. When editing, the control is installed according to a picture. When the computer is newly added to the present invention, a female full control agent program is installed (Tianwen (2〇^ (5〇) and a stealth encryption/decryption drive mode).矣Q 2 0 ), the security control is provided, and the layer (7 n, the agent (5 0 ) is set in the user mode'. The stealth encryption and decryption drive chess core mode layer (80) < (2〇) placed between the internal structure system (4 〇); member dOManager) (1 i ) and its authority / whitelist initialization security control agent 鼗 十ά ^ action, start (1 1 0) The agent is managed by t full control (111, 廿 from the server to obtain permissions and whitelist, 丄丄 1), then security control level and security control module (ii 2 = transfer permission data to The rights list is reversed and the full control agent will be sent to the application identification module (i "). 2 〇 ), the library use program action, start (1 round of entry and exit management Chang she was requested by β Jilai (121), 35 eight & staff intercepted the new file request administrator (199, and will The request is sent to the invisible encryption and decryption driver module (the employee sends the new broadcast request to the new file for purple r 1 〇, the input and output control module takes over, and asks the broadcast 1 permission and security control module. Whether 200905516 ( ) 5 is inquiring about the application ( 1 2 7 ) ? No input control module is added to the file ( 1 2 9 ) 〇 See the fourth figure 3 0 ) 9 Application) 9 Output into the administrator filter management Member (1) Send invisible encryption and decryption to read the file operation system to read the file content (whether the application is in white name ia. Return the file content to the content back to the output and return the file content to the other code management module The file encryption and decryption module returns the file contents of the file system back to the file to the operator to review the file content. The module embedding module adds the content of the broadcast to the file and saves it to the file. See Figure 5 1 2 5) No 3 Add the program identification module to the application> Add file failed (1 case to file system ( 1 2 Show > The read file program is sent to the factory to read the file j to intercept the read file request 3 2) 5 filter management drive module ( 1 3 3 ) ( 1 3 4 ) 9 output 1 3 5 ) > ; Ask the application within the (1 3 6 ) 5 No > Administrator ( 1 3 Administrator ( 1 3 6 2 ) Application ( 1 3 6 3 Whether the content has a license (content decryption ( 1 3 7 1 To the filter administrator (access manager (1 3 6 to the application (1 3 identification card to the file content (tight (1 3 9) y output system (1 3 9 1) display 5 the file storage program block The case failed (1 2 6 program is in the white list 2 6), yes, output 8), the new file finish action is, start (1 job request (1 3 1 , and send the request to the staff) Please read the file, the control module controls the output module from the file system program identification module should 'then the output control module 61), then the file' lose access administrator). Yes, the query 13 7), yes, then), then the input control 1361), and then 2) 're-input into the tube 6 3). No, then I know 1 3 8) 'Encryption and decryption into the control module will be the file, start (1 4 〇-12· 200905516 ) 'Application to send the "File Storage" operation, please ($ 4 work), output management The interceptor intercepts the file save request and sends the request to the filter administrator f Ί /. , 丄 4 2), the filter manager sends the file storage request to the invisible encryption and decryption μ # skirt, 且 and (1 4 3), the input and output control module takes over the 葙 4 Γ operation (1 4 4 ), the inter-inquiry authority and security control module should be stored, whether there is permission (145), no 'output control module return agent will return value--"Policy (1 4 5 1) 'filter management The sub-failure message is sent to the inbound and outbound administrator (1452), and the inbound and outbound administrator returns the stored in "4 5 2 } ^ Yes, then asks the application to the application (1 4 5 3 ). (2 4 6 . Work s, module whether the application is in the whitelist content (work π ]) identification code management module embedded identification certificate into the file output into the heart 'encryption module to encrypt the file content (148), Wheel people; η: μ,, the valley inside the file is stored in the file system (1 4 9 :), the input control module returns, 丄 4 y ) 9 1 ), and the filter administrator is given χ 4 members (1492), output 3 memory information to the output management program (1 4 9 3). No, the member returns the storage success message to the application to the file system (i 4 9) / 2 access control module Send the file content back to the filter administrator (1 4 access control module return storage save successful success message to the round entry manager 1 :, the passer administrator will return the return message to the application to send the message to the application ^92 ), output management By the above, the present invention achieves - 4 9 3 ). Decryption protection, and it is based on the case of the building case and the invisible addition, temporary storage or storage process are automatically encrypted and decrypted: 2 new and unencrypted files edited and read become unintentional and want to steal The original file thus makes the protection of the present invention -13-200905516 drip. The present invention is specifically described with reference to the present invention; however, variations and modifications of the present invention, which are familiar with the spirit and principles of the present invention, should be included in the following. Changes and modifications may be made without departing from the scope of the invention, and the scope of the application is defined by the scope of the invention. FIG. 1 is a system diagram of an embodiment of the invention. The second figure is a flowchart of the authority/white list initialization of the present invention. The third figure is a flow chart of the newly added file program of the present invention. The fourth figure is a flow chart of the program for reading a file according to the present invention. Figure 5 is a flow chart of the file storage program of the present invention. Figure 6: The basic architecture of the Microsoft operating system. [Main component symbol description] • Conventional part · (1) Input and output administrator (10 Manager) (2) Filtering organ manager Manager) (3) File system (4) Application round-in and out operation (5) Personal computer (6) kernel mode layer (7) user mode layer • part of the invention. (1 0) application input and output job (1 1 ) output manager (10 Manager) (1 2 ) filter administrator (Filter Manager) (2 〇) Stealth encryption and decryption driver module-14- Input and output control module take over new file query permission and security control module is a new file failure 200905516 (2 1) authority and security control mode Group (2 2 ) encryption and decryption module (2 3 ) output (2 4 ) identification code management module (2 5 ) application (4 0) Tan file system (5 0) security (60) security control server ( 6 1) Network (70) User Mode Layer (80) Kernel (1 0 0) Personal Computer (110) Start (111) Security Control Agent by Security Control and Whitelist (1 12) Security Control Agent The privilege management control module (113) security control agent will send the whitelisted identification module (1 2 〇) to the (121) application to send the new standard. Make (1 2 2 ) output and administrator to intercept the new file and send it to the filter administrator (1 2 3) filter administrator to add the new file to the driver module (12 4) (12 5) ( 12 6) (1 2 7) Ask the application to identify the module. The application module is controlled. The module is controlled by the agent. The mode server manages the access to the permissions and the data is transferred to the application. Request for the case, and send the request to the invisible add-on case. Is there any permission to add the file to the file in the white name -15- 200905516 (1 2 8) output control module to add file to the file system (129 ) new file completion r 1 3 〇) start 1 3 ~ ... levy eight to send out the master file" job request to the filter administrator 2) = ♦ ♦ into the administrator to intercept the read file request, and will Please (5) Ying Lunguan 3 (133) ° the administrator to send the read file request to the stealth encryption and decryption driver module (1 3 4) output control module to take over the file operation (1 3 5 The input/output control module reads the file content from the file system (1 3 6 ) and the application identification module (4) application Whether in the whitelist (1 3 6 1), the control module returns the file contents to the filter administrator β (1 3 6 2) to return the file contents to the output administrator (1 3 6 3) round-trip The official will return the contents of the file to the application (1 3 7) to ask if the ID of the ID management module file has a identification card (1 3 7 1 ). The encryption and decryption module decrypts the contents of the slot (1 3 8) The management module embeds the identification card to the content of the Tan file (1 3 9). The encryption and decryption module encrypts the file content (1 3 9 1 ) and outputs it to the control module to save the file content to the file system (1 4 0 ). (1 request 4 1) The application sends the "file storage" job request 4 2) The output manager intercepts the file storage request and sends the request to the filter administrator-16-905516 (14 in, driver (14 (14 limit (14 administrators (14 administrators (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14 (14) Case survival request is sent to the control module to connect + file storage operation 5 sentences and security control camp holding s chess group whether the application has, out Into the control module to return the health failure message to the filter) The filter administrator will return the storage loss 5 3) round the administrator return value 3) .. 传 member transfer failure message to the application 1 application identification Modular level whether the application embeds the identification certificate in the white name management module to the right content encryption and decryption module to encrypt the content of the broadcast case 9) The input and output control module will) 1 ^ . The right file returns to the file system 1) The round-in and out control module w 1 searches for a success message to the passer) 2) the switch manager sends the port-storage success message to the input and output) 3) the round-in and out-in administrator returns the value of the port-to-send success message to the application -17 -