WO2010091607A1 - Method for providing custom access control mode in file system - Google Patents

Method for providing custom access control mode in file system Download PDF

Info

Publication number
WO2010091607A1
WO2010091607A1 PCT/CN2010/070267 CN2010070267W WO2010091607A1 WO 2010091607 A1 WO2010091607 A1 WO 2010091607A1 CN 2010070267 W CN2010070267 W CN 2010070267W WO 2010091607 A1 WO2010091607 A1 WO 2010091607A1
Authority
WO
WIPO (PCT)
Prior art keywords
access control
access
verification
file
verification method
Prior art date
Application number
PCT/CN2010/070267
Other languages
French (fr)
Chinese (zh)
Inventor
马杰
Original Assignee
Ma Jie
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ma Jie filed Critical Ma Jie
Publication of WO2010091607A1 publication Critical patent/WO2010091607A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • the content of the present invention relates to a file management system, i.e., a file system, responsible for managing and storing file information in an operating system. Specifically, a method of providing a custom access control method in a file system is described. By providing a configurable file access control process and providing a variety of authentication methods, users and applications can use the file system to meet personalized file access control requirements, ultimately making the file system a content management and its application.
  • the file system responsible for managing and storing file information consists of three main components: software related to file management, managed files, and data structures required to implement file management.
  • a file system is a system that organizes and allocates file storage space, is responsible for storing files, and protects and retrieves stored files. Specifically, it is responsible for creating files for users, depositing, reading, modifying, dumping files, controlling the storage of files, and revoking files when users are no longer using them.
  • Access to control files is an essential function of the file system.
  • the purpose is to avoid the occurrence of corruption during the use of file sharing, usually by the access control verification module in the file system.
  • the access control verification module is a checkpoint between the directory retrieval module and the logical file system, responsible for checking and judging access restrictions and sharing rights, as shown in Figure 1.
  • Implementing file protection is the basic function of the access control verification module. The working process is usually to compare the access request made by the user with the access control setting information specified in the file control block, and to check whether the user's access is legal.
  • Access control setting information is the basis for file access control work.
  • the Access Matrix is a typical type of existing access control setup information.
  • the Access Matrix uses rows to represent the initiator of an access action, that is, the access subject.
  • the Access Matrix uses columns to represent the objects being accessed, ie access objects. Each element in the access matrix stores some access rights.
  • the Access Control List (ACL) and the Capability List are the most common implementations of the Access Matrix.
  • the file system access control core based on the access matrix is to limit the access authority of the access subject to the access object.
  • the type range of the access subject is predefined by the operating system.
  • the access control of the existing file system is based on the access matrix protection in the operating system, that is, the access rights of the access subject to the access object are defined.
  • the access matrix protection in the operating system that is, the access rights of the access subject to the access object are defined.
  • file managers and visitors are often distributed at both ends of the network.
  • the meaning of the access subject needs to be defined by the remote file manager, that is, the access subject is characterized by networking. Since the access subject in the access control requirement is not limited to a single operating system In the scope of the system, the access control methods provided by the file system can no longer meet the file management needs under the distributed state.
  • Fi leSecure provides content control using a specific file format.
  • Word added an access password to the document, and even 0ffice2003 further proposed the IRM management mechanism.
  • the file system can provide a custom access control method, the administrator and the application can customize the required access by providing a configurable access control interface and basic access control.
  • the control process will have the following advantages:
  • the basic and general access control means are stored in the file system, which can save a lot of work of application development and improve development efficiency.
  • the core idea of providing a custom access control method in a file system is to subdivide the access control verification work of the access operation into a plurality of independent verification steps, each of which is determined by a preset verification method and The input information that performs the verification method consists of.
  • the meaning of customization is reflected in the certification process that the administrator and the application can specify for the access control verification work, the operational flow that can specify each verification step, and the various data content that can be specified for the verification step, and can even add The required verification method.
  • the method of providing a custom access control method in the file system includes the following four aspects:
  • the access control setting information of the files and directories is composed of access control requirements of one or more access operations. Access control requires that the necessary information required for each verification method to be executed be recorded in addition to the verification method associated with the access operation.
  • the basic process of the access control verification module works as follows: In the first step, the access control requirements affecting the access operation are collected, and the second step is performed in association with the access operation for the collected access control requirements. Verification method. The third step is to decide whether to approve the access operation according to the execution result of all the executed verification methods.
  • the file system allows the tool program and application to operate on the data structure that records the access control setting information by providing an access interface.
  • the verification method is a verification code implementation, which exists in the form of a static code module contained in the file system itself and a dynamic link library added from outside the file system.
  • the verification method has three types: user identity verification, access program verification, and use environment verification.
  • the function of user authentication is to verify that the visitor has a legal identity for the specified authentication system, for example, to require a legal identity on the network authentication server, and to require a specific identity with the local operating system.
  • the verification of the access program is used to ensure that the access operation can only be performed by a prescribed computer software program, for example, requiring the access program to have a specified program name and the process requiring access to the program to be a system process. Verification of the usage environment is used to ensure that access operations can only be performed in a specific computer environment, for example, requiring a specific server on the network, requiring specific hardware to be installed on the computer, and requiring specific software to run on the computer.
  • each of the recorded verification methods is a verification step of the access operation access verification.
  • the data information required to perform the verification step is also recorded in the access control requirements corresponding to the access operation, and the scope includes the identification information of the software program, the hardware device, the network element, the user, the data acquisition path, and the like, and also affects the Verification method Control information for the working process.
  • the access operation of the access control setting information management in the custom access control mode includes a file system conventional access operation, an access operation around the access control setting information, an individual management operation of a file (directory), and the like.
  • a file system conventional access operation For an access operation of a file (directory), the location of the access control requires two aspects, one is in the access control setting information of the file (directory) itself, and the other is in the file (directory).
  • the access control setting information that the superior directory has.
  • the data structure of the record access control setting information is directly associated with the content storage of the file (directory) in the file system and exists as part of the file (directory).
  • the administrator and the application select the desired verification method in the access control setting information of the file (directory) and give the required data information, and the file system providing the customized access control mode is stored according to the above.
  • the administrator can utilize the access control verification module of the file system on the remote computer.
  • the read operation of the guaranteed file can only be performed by the user authorized by the network authentication server. This approach is more convenient than providing a document viewer that looks or waits to provide a compliant authentication mode, even without changing the document format for the browsing tool.
  • the file system with custom access control mode is responsible for managing and storing file information.
  • it can also be the underlying platform for supporting personalized content management applications. Embodiments are given later in the text, which will be explained above.
  • Figure 1 is an internal block diagram of a typical file system.
  • FIG. 2 is a diagram showing an example of various common verification methods.
  • Fig. 3 is a diagram showing an example of a storage form of access control setting information.
  • Fig. 4 is a diagram showing an example of an access control setting information recording format. detailed description
  • a file system with a custom access control method is first a file system, and the main function of the custom access control method is added to the traditional file system.
  • An embodiment of the present invention will be described below, and the specific content is divided into the following aspects:
  • the verification method is a function code called by the access control verification module, and is a verification step that does not include identification information of hardware, software, network equipment, users, and the like. Identification information such as software programs, hardware devices, network elements, users, data acquisition paths, and control information affecting the verification step workflow will be passed to the verification method as input data.
  • the verification method has two types: static form and dynamic form.
  • the static form of the verification method is the verification method that the file system comes with, and its essence is a piece of function code that the file system itself has.
  • the other is a verification method that exists in a dynamic form, added to the application or administrator, and located in a dynamic link library accessible to the file system.
  • the access control verification module uses a static form of the verification method in the form of a function call.
  • the access control verification module first needs to use the technology of the dynamic link library to obtain the access point of the verification method, and then use it.
  • the function return value is used to mark whether the verification is successful, and the non-zero value is used to indicate true, that is, the verification is successful, and the zero value is used to indicate fal se, that is, the verification fails.
  • the data pointer and data size parameters are used to pass data information to the verification method, specifically the data pointer points to the data area in which all input data information is stored, and the data size represents the size of the data area in which all input data information is stored.
  • the result indicates that the content pointed to by the parameter is the verification result description information returned by the verification method.
  • each verification method has one and only identification string, and the identification strings are different between different verification methods.
  • the verification method identification string consists of the verification method type, the verification method category, the verification method provider, and the verification method name.
  • the verification method type indicates that the verification method is static or dynamic.
  • the purpose of the verification method is to indicate the purpose of the verification method, such as accessing program verification.
  • the validation method provider is a string that characterizes the verification method developer or developer.
  • the verification method name is the name given by the developer or developer for the verification method.
  • the verification method type, the verification method category, the verification method provider, and the verification method name are connected together by an underscore to form a verification method identification string.
  • the specific form is as follows:
  • an authentication method identifier string is static—user—majie—remotessh, where static indicates that the verification method is static, user indicates that the verification method works as user authentication, majie is the authentication method developer's identification string, and remotessh is the developer. The name given to the verification method.
  • the added dynamic verification method needs to record the correspondence between the identification string and the dynamic link library and the function name of the verification method in the specified configuration file.
  • the main function of the configuration file is for the access control verification module to query the dynamic link library to be used according to the identification string of the dynamic verification method, and finally access the verification method.
  • the dynamic verification method is added to copy the dynamic link library corresponding to the dynamic method to a directory accessible by the file system, and add corresponding entries in the configuration file of the record identification string and the dynamic link library.
  • the verification method can be divided into three categories: verification of the user identity, verification of the access procedure, and verification of the usage environment. among them:
  • User authentication can be divided into three cases: local authentication, network authentication, and device authentication.
  • Local authentication is when both the authentication information and the authentication process are on the local computer, such as the user identity of the operating system.
  • Network authentication refers to the need to obtain authentication information over the network or the authentication process needs to be used on the network, for example through an authentication server.
  • Device authentication is when you need to use a specific device to obtain authentication information or the authentication process requires a specific device, such as using USB-key.
  • Access program verification has direct verification procedures, program certification and other verification methods.
  • a direct verification procedure is to confirm that an access program meets the requirements based on the given program information, such as the name of the verification program and the process attribute of the verification program.
  • Procedural verification means that the access program provides data information that proves that it has access rights, such as a digital certificate with the meaning of access authorization.
  • Hardware environment verification is the verification of hardware that contains a specific identity or specific functionality within a computer, such as a network card that specifies a MAC address.
  • Software environment verification refers to verifying that specific software is installed or running on a computer, such as running specific security detection software.
  • a computer network environment means that the authentication is in a specific network, such as a specific network computer.
  • Fig. 2 a partial type of verification method is illustrated. Access control setting information
  • the access control setting information is saved in the form of the internal data structure of the file system.
  • the specific storage method is:
  • the access control setting information of 1 file (directory) is recorded on a separate physical block, and the number of occupied physical blocks is determined by the content size of the access control setting information.
  • the data structure type of the data item is an array of pointers, and each pointer points to a physical block that records the contents of the access control settings.
  • Figure 3 shows the storage method of the access control setting information by taking a file as an example. Among them, there is a special area in the index block for recording the physical block holding the access control setting information.
  • the access control setting information records the access control requirements of the access operation, specifically the verification method associated with the access operation and the necessary information required for each verification method to be executed.
  • the xml markup language is used as a recording tool for access control setting information, and the contents of the access control setting information are recorded in a hierarchically nested form.
  • Specific records can be taken in the following examples:
  • the content of a document is a company phone book, owned by ABC. ABC hopes that the reading of the phone book will require a network authentication license, and that the phone book modification must be on a computer with a specific MAC address and must pass a software tool called DocWriter.exe.
  • the access control setting information that satisfies the above requirements is shown in Fig. 4.
  • the meanings of the main tags are as follows:
  • the access control is used to mark the entire access control setting information.
  • Operation is used to mark the access control requirements of an access operation.
  • the check method is used to mark content related to a verification method.
  • Param is used to mark the parameters used by the verification method.
  • the operationID is used to mark the identification string of the access operation.
  • checkID is used to mark the identification string of the authentication method.
  • the access operations associated with itself in the access control setting information of the file (directory) mainly include the following three types:
  • Content access operations around a directory or file For example, for reading, writing, and executing files, reading and writing to directories.
  • Individual management operations around directories or files For example, copying, renaming, deleting, moving, and modifying attribute operations for files and directories.
  • Access operations around access control settings information For example, read and write operations for access control setting information.
  • the access control setting information of the directory has the function of affecting the lower directory access operation and the lower file access operation, and the specific way is to store the access control requirements of the lower directory or the lower file to the directory access control setting.
  • Information For example, for an access operation, all files in the same directory have the same access control requirements, and the access control requirements of the access operation can be recorded in the access control setting information of the directory where the file is located.
  • each access operation within the storage control setup information is represented by a globally unique identification string.
  • the naming rules for accessing the action ID string are:
  • the operation associated with the file (directory) itself directly uses the access operation name as the identification string.
  • the read operation is identified by read
  • the read of the storage control setting information is identified by readconf ig.
  • the access operation associated with the subordinate directory or subordinate file uses the name of the access operation followed by ' ⁇ dir ' or '-fi le ' as the identification string.
  • the identifier string corresponding to the read operation of all files in the directory is read_f i 1 e
  • the identifier string corresponding to the write operation of all directories in the directory is write_dir.
  • the substantive work of auditing access rights is performed by the access control verification module in a manner that performs various authentication methods associated with the access operations.
  • the implementation work includes four aspects: (1) obtaining the access control requirements associated with the operation; (2) obtaining access methods for the verification methods included in each access control request; (3) executing each access control request in turn. The verification method included; (4) Determine the execution of the operation based on the verification result.
  • the access control requirements associated with the access operation mainly have two sources, one is the access control setting information of the file (directory) itself, and the other is carried by the upper directory on the path where the file (directory) is located. Access control settings information.
  • obtaining access control requirements associated with an access operation requires completion of both aspects of the work.
  • the access control setting information of the file (directory) itself is traversed, and the identification string corresponding to the access operation is used to find the access control request corresponding to the access operation.
  • the access control setting information of each level of the directory is retrieved by using the identification string representing the access operation of the lower-level file (directory), and is used to find the access that affects the access operation. Control requirements.
  • the access control setting information accessing process of the file (directory) is: accessing the index node of the record file (directory) information, finding the data item of the record storage access control setting information access location; traversing the data item
  • Each pointer member realizes the purpose of accessing the access control setting information content by accessing the physical block pointed to by the pointer.
  • the verification methods in the access control setting information are all characterized by the identification string, after the storage control requirements associated with the access operation are collected, the verification method included in each access control request is also required.
  • the identity string is converted to a form that can be called by the execution code.
  • the file system in order to complete the conversion of the verification method identification string to the execution code calling form, the file system maintains a static method mapping table and a dynamic method mapping table for the static verification method and the dynamic verification method, respectively.
  • the two mapping tables respectively store the mapping relationship between the static verification method identification string and the static verification method function pointer, and the dynamic verification method identifier The mapping between the string and the dynamic authentication method access entry.
  • the construction of the dynamic method mapping table is completed when the access control verification module first uses the dynamic verification method.
  • the basic way of constructing is to read the configuration file that records the mapping between the dynamic authentication method access path and the dynamic authentication method identification string.
  • the access control verification module directly views the configuration file and updates the data content of the dynamic method mapping table.
  • the access control verification module needs to first extract the verification method category information from the verification method identification string, and then obtain the dynamic method mapping table or the static method mapping table according to the category of the verification method.
  • the access point to the authentication method in order to use the verification method, the access control verification module needs to first extract the verification method category information from the verification method identification string, and then obtain the dynamic method mapping table or the static method mapping table according to the category of the verification method. The access point to the authentication method.
  • the access control verification module sequentially executes the verification methods covered by the access control requirements.
  • the execution order of the specific verification method is divided into two levels:
  • the verification method of each associated access control request record is stepwise executed from the upper layer to the lower layer according to the path of the file (directory).
  • the associated verification method is executed according to the order of the records.
  • the parameters recorded in the access control request are used as the input data required for the verification method, that is, the content of the parameter keyword tag in the access control request is used to pass the verification method.
  • the access control verification module will obtain the verification result after executing each verification method, and if the verification result indicates that the verification step fails to execute, the execution of the access operation is denied.
  • the access control verification module cannot find the access entry of the associated authentication method in the access control request, and then denies the access operation.
  • the program access interface provided by the file system to the upper layer application is composed of three parts, which are: 1. A common access interface of a typical file system, such as file reading, file writing, etc.; 2. Access control setting information Access interfaces, such as read, write, delete, etc. of access control settings information. 4. Individual management access interfaces for files and directories, such as file and directory movement and replication.
  • the access control verification process involved is not the same as directly calling the corresponding individual management access interface.
  • two common access operations, read and write can be used to implement operational replication in the individual management access interface.
  • the access control verification involves the read operation of the source file and the access control of the target directory, and the latter involves the copy operation of the source file and the access control verification of the write operation of the target directory.
  • file (directory) access control setting information when a file (directory) with access control setting information is moved or copied between a file system supporting and supporting a custom access control mode, file (directory) access setting information is to be encapsulated. Or disassembly operations. Specifically:
  • the access control setting information is saved as a file system that does not support the access control setting information.
  • a separate file is
  • the access control setting information is derived from the separate file of the record access control setting information, and is Store the storage location in the file system that supports the custom access control mode.
  • the file in which the access control setting information is recorded has the same file name as the content file, but the suffix name uses a dedicated suffix.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A method for providing custom access control mode in a file system, wherein the task of access control validation for access operations is subdivided into several validation steps which are independent to each other, and each validation step is constituted of the preset validation methods and the input information for performing the validation methods. The meaning of the custom is that the administrator and application are capable of defining the validation steps included in the task of access control validation, defining the operation flow of each validation step, and defining various data contents required by the validation steps, and even adding the desired validation methods.

Description

一种在文件系统中提供自定义存取控制方式的方法 技术领域  A method for providing a customized access control method in a file system
本发明的内容涉及操作系统中负责管理和存储文件信息的文件管理系统,即文件系统。 具 体讲述一种在文件系统中提供自定义存取控制方式的方法。 其中通过提供可配置化的文件存 取控制过程和提供多样性的验证方法, 使得用户和应用程序利用文件系统便能满足个性化的 文件存取控制需求, 最终让文件系统成为内容管理及其应用的基础平台。 背景技术  The content of the present invention relates to a file management system, i.e., a file system, responsible for managing and storing file information in an operating system. Specifically, a method of providing a custom access control method in a file system is described. By providing a configurable file access control process and providing a variety of authentication methods, users and applications can use the file system to meet personalized file access control requirements, ultimately making the file system a content management and its application. The base platform. Background technique
负责管理和存储文件信息的文件系统主要由三部分组成: 与文件管理有关的软件、被管理 的文件以及实施文件管理所需的数据结构。 从系统角度来看, 文件系统是对文件存储器空间 进行组织和分配, 负责文件的存储并对存入的文件进行保护和检索的系统。 具体地说, 它负 责为用户建立文件, 存入、 读出、 修改、 转储文件、 控制文件的存以及当用户不再使用时撤 销文件等。  The file system responsible for managing and storing file information consists of three main components: software related to file management, managed files, and data structures required to implement file management. From a system perspective, a file system is a system that organizes and allocates file storage space, is responsible for storing files, and protects and retrieves stored files. Specifically, it is responsible for creating files for users, depositing, reading, modifying, dumping files, controlling the storage of files, and revoking files when users are no longer using them.
控制文件的存取是文件系统的基础功能, 目的是在文件共享的使用过程中避免破坏的发 生, 通常在文件系统中由存取控制验证模块来完成。 在通用文件系统中, 存取控制验证模块 是位于目录检索模块和逻辑文件系统之间的检査站, 负责访问限制和共享权的核对与判断, 如图 1。 实现文件保护是存取控制验证模块的基础功能。 其工作过程通常为, 把用户提出的 访问要求与文件控制块中所规定的存取控制设置信息进行比较, 审核用户的访问是否合法。  Access to control files is an essential function of the file system. The purpose is to avoid the occurrence of corruption during the use of file sharing, usually by the access control verification module in the file system. In the general file system, the access control verification module is a checkpoint between the directory retrieval module and the logical file system, responsible for checking and judging access restrictions and sharing rights, as shown in Figure 1. Implementing file protection is the basic function of the access control verification module. The working process is usually to compare the access request made by the user with the access control setting information specified in the file control block, and to check whether the user's access is legal.
存取控制设置信息是文件存取控制工作的依据。 存取矩阵 (Access Matrix) 是现有存取 控制设置信息的典型类型。 存取矩阵 (Access Matrix)使用行来表示访问动作的引发者, 即 访问主体。 存取矩阵 (Access Matrix)使用列来表示被访问的对象, 即访问客体。 存取矩阵 中每个元素都存储着一些存取权限。 存取控制列表 ACL (Access Control List ) 和存取能力 列表 (Capability List ) 是最常见的存取矩阵 (Access Matrix) 实现形式。 基于存取矩阵 的文件系统存取控制核心为限定访问主体对访问客体的操作权限, 访问主体的类型范围由操 作系统预先定义。  Access control setting information is the basis for file access control work. The Access Matrix is a typical type of existing access control setup information. The Access Matrix uses rows to represent the initiator of an access action, that is, the access subject. The Access Matrix uses columns to represent the objects being accessed, ie access objects. Each element in the access matrix stores some access rights. The Access Control List (ACL) and the Capability List are the most common implementations of the Access Matrix. The file system access control core based on the access matrix is to limit the access authority of the access subject to the access object. The type range of the access subject is predefined by the operating system.
在互联网快速发展和移动存储日益普及的背景下,电子文件的携带性逐渐增强和传播速度 日益加快, 分布性是现今电子文件的重要存在特征。 现有文件系统的存取控制工作基于操作 系统中的存取矩阵保护, 即限定访问主体对访问客体的访问权限。 在网络的环境下, 文件的 管理者和访问者经常分布在网络的两端, 访问主体的含义需要由远程文件管理者来定义, 即 访问主体具呈现网络化的特点。 由于存取控制需求中的访问主体已经不局限于单一的操作系 统范畴, 文件系统提供的存取控制手段已经不能满足分布状态下的文件管理需要。 In the context of the rapid development of the Internet and the increasing popularity of mobile storage, the portability of electronic documents is gradually increasing and the speed of dissemination is increasing. Distribution is an important feature of today's electronic documents. The access control of the existing file system is based on the access matrix protection in the operating system, that is, the access rights of the access subject to the access object are defined. In the network environment, file managers and visitors are often distributed at both ends of the network. The meaning of the access subject needs to be defined by the remote file manager, that is, the access subject is characterized by networking. Since the access subject in the access control requirement is not limited to a single operating system In the scope of the system, the access control methods provided by the file system can no longer meet the file management needs under the distributed state.
为了解决分布状态下的文件管理需要,越来越多的文件编辑器或文件访问工具开始利用改 变文件内容格式的方式来提供文件内容访问控制。 例如, Fi leSecure使用特定文件格式提供 内容控制。 Word在文档中加入访问密码, 甚至 0ffice2003进一步提出了 IRM管理机制。  In order to address the need for file management in distributed state, more and more file editors or file access tools have begun to provide file content access control by changing the file content format. For example, Fi leSecure provides content control using a specific file format. Word added an access password to the document, and even 0ffice2003 further proposed the IRM management mechanism.
在应用工具中增添文件内容访问控制措施的技术手段在能满足特定文件管理需要的同时, 也存在一些不足。 首先, 用户需求的多样性和变化性使得单纯应用层解决方案将不断增加应 用开发的复杂度。 其次, 应用层的管理根本上是内容层面的管理, 电子文件的分散性和围绕 电子文件的物理访问两方面依然没有得到有效管理。 发明内容  There are also some shortcomings in the application tool to add file content access control measures to meet specific file management needs. First, the diversity and variability of user requirements has made it simple for application-level solutions to increase the complexity of application development. Second, the management of the application layer is fundamentally content-level management. The decentralization of electronic files and the physical access around electronic files are still not effectively managed. Summary of the invention
由于文件系统的特殊地位,如果文件系统能提供一种自定义存取控制方式,通过提供可配 置的存取控制接口以及基础的存取控制手段让管理者和应用程序能定制所需的存取控制过 程, 将会有以下优点:  Due to the special status of the file system, if the file system can provide a custom access control method, the administrator and the application can customize the required access by providing a configurable access control interface and basic access control. The control process will have the following advantages:
1通过可配置的接口, 管理者和应用程序设置符合自己要求的验证条件, 甚至加入新的验 证手段, 进而可以便捷实现个性化的文件管理的目的, 不需等待其他应用软件的支持。  1 Through the configurable interface, administrators and applications can set the verification conditions that meet their requirements, and even add new verification methods, which can easily realize the purpose of personalized file management without waiting for support from other application software.
2将基础和通用的存取控制手段存放于文件系统中, 可以省去应用程序开发的大量工作, 进而提高开发效率。  2 The basic and general access control means are stored in the file system, which can save a lot of work of application development and improve development efficiency.
本发明中,在文件系统内提供自定义存取控制方式的核心思想是将访问操作的存取控制验 证工作细分成若干彼此独立的验证步骤, 每个验证步骤由预先设定的验证方法和执行验证方 法的输入信息所组成。 自定义的含义体现在管理者和应用程序能规定存取控制验证工作所包 括的验证步骤、能规定每个验证步骤的操作流程以及能规定验证步骤所需要的各种数据内容, 甚至能添加所需的验证方法。 具体来说, 在文件系统中提供自定义存取控制方式的方法包括 以下四个方面:  In the present invention, the core idea of providing a custom access control method in a file system is to subdivide the access control verification work of the access operation into a plurality of independent verification steps, each of which is determined by a preset verification method and The input information that performs the verification method consists of. The meaning of customization is reflected in the certification process that the administrator and the application can specify for the access control verification work, the operational flow that can specify each verification step, and the various data content that can be specified for the verification step, and can even add The required verification method. Specifically, the method of providing a custom access control method in the file system includes the following four aspects:
1文件系统提供多种用于存取控制验证工作的验证方法, 并支持新验证方法的添加。 每种 验证方法和执行该验证方法的输入信息能共同组成一个验证步骤。  1 File system provides a variety of verification methods for access control verification work, and supports the addition of new verification methods. Each verification method and the input information that performs the verification method can together form a verification step.
2文件系统中, 文件和目录所具有的存取控制设置信息由一个或多个访问操作的存取控制 要求所组成。 存取控制要求在记录与访问操作关联的验证方法之外, 还记录各验证方法执行 所需的必要信息。  In the file system, the access control setting information of the files and directories is composed of access control requirements of one or more access operations. Access control requires that the necessary information required for each verification method to be executed be recorded in addition to the verification method associated with the access operation.
3访问操作发生时, 存取控制验证模块工作的基本过程为: 第一步, 收集影响访问操作的 存取控制要求, 第二步, 针对收集的存取控制要求, 执行其中与访问操作相关联的验证方法。 第三步, 依据所有被执行验证方法的执行结果来决定是否批准访问操作执行。 4文件系统通过提供访问接口, 使得工具程序和应用程序能对记录存取控制设置信息的数 据结构进行操作。 3 When the access operation occurs, the basic process of the access control verification module works as follows: In the first step, the access control requirements affecting the access operation are collected, and the second step is performed in association with the access operation for the collected access control requirements. Verification method. The third step is to decide whether to approve the access operation according to the execution result of all the executed verification methods. The file system allows the tool program and application to operate on the data structure that records the access control setting information by providing an access interface.
如上方案中,验证方法是验证歩骤的代码实现,其存在形式包括文件系统自身含有的静态 代码模块和从文件系统外部加入的动态链接库两种。  In the above scheme, the verification method is a verification code implementation, which exists in the form of a static code module contained in the file system itself and a dynamic link library added from outside the file system.
验证方法存在用户身份的验证、访问程序的验证以及使用环境的验证等三种类型。用户身 份验证的功能是核实访问者具有规定认证体系的合法身份, 例如, 要求具有网络认证服务器 上的合法身份、 要求具有本地操作系统的特定身份。 访问程序的验证用来确保访问操作仅能 由规定的计算机软件程序执行, 例如, 要求访问程序具有规定的程序名称、 要求访问程序的 进程为系统进程。 使用环境的验证用来确保访问操作仅能在特定的计算机使用环境下执行, 例如, 要求网络上存在特定服务器、 要求计算机上安装特定硬件、 要求计算机上运行着特定 软件。  The verification method has three types: user identity verification, access program verification, and use environment verification. The function of user authentication is to verify that the visitor has a legal identity for the specified authentication system, for example, to require a legal identity on the network authentication server, and to require a specific identity with the local operating system. The verification of the access program is used to ensure that the access operation can only be performed by a prescribed computer software program, for example, requiring the access program to have a specified program name and the process requiring access to the program to be a system process. Verification of the usage environment is used to ensure that access operations can only be performed in a specific computer environment, for example, requiring a specific server on the network, requiring specific hardware to be installed on the computer, and requiring specific software to run on the computer.
在访问操作的存取控制要求中,每个被记录的验证方法都为访问操作存取验证的一个验证 步骤。 执行验证步骤时需要的数据信息也记录在访问操作所对应的存取控制要求中, 其范围 包括软件程序、 硬件设备、 网络元素、 使用者、 数据获取途径等方面的标识信息, 还包括影 响此验证方法工作过程的控制信息。  In the access control requirements of the access operation, each of the recorded verification methods is a verification step of the access operation access verification. The data information required to perform the verification step is also recorded in the access control requirements corresponding to the access operation, and the scope includes the identification information of the software program, the hardware device, the network element, the user, the data acquisition path, and the like, and also affects the Verification method Control information for the working process.
在自定义存取控制方式中存取控制设置信息管理的访问操作包括文件系统传统访问操作、 围绕存取控制设置信息的访问操作、文件(目录)的个体管理操作等方面。对于一个文件(目 录) 的访问操作, 其存取控制要求的记录位置有两方面, 一方面是在文件 (目录)本身的存 取控制设置信息中, 另一方面是在包含该文件 (目录) 的上级目录所具有的存取控制设置信 息中。  The access operation of the access control setting information management in the custom access control mode includes a file system conventional access operation, an access operation around the access control setting information, an individual management operation of a file (directory), and the like. For an access operation of a file (directory), the location of the access control requires two aspects, one is in the access control setting information of the file (directory) itself, and the other is in the file (directory). The access control setting information that the superior directory has.
记录存取控制设置信息的数据结构在文件系统中与文件(目录)的内容存储直接关联, 并 作为文件 (目录) 的一部分而存在。  The data structure of the record access control setting information is directly associated with the content storage of the file (directory) in the file system and exists as part of the file (directory).
基于上述方案, 管理者和应用程序通过在文件(目录)的存取控制设置信息中选择所要的 验证方法并给定所需的数据信息, 提供自定义存取控制方式的文件系统便会根据存取控制设 置信息的要求而管理文件 (目录)所关联的访问操作。  Based on the above scheme, the administrator and the application select the desired verification method in the access control setting information of the file (directory) and give the required data information, and the file system providing the customized access control mode is stored according to the above. Manage access operations associated with files (directories) by taking control of the settings information.
例如: 通过在文件读取操作的存取控制要求中选择执行远程身份验证的验证方法, 并给定 网络认证服务器的访问途经, 管理者便能利用远程计算机上文件系统的存取控制验证模块来 保证文件的读取操作只能由自己网络认证服务器授权的用户执行。 这种方式相比去找寻或等 待的文档浏览程序来提供符合要求的认证模式更为便捷, 甚至不需要为浏览工具而改变文档 格式。  For example: By selecting the verification method for performing remote authentication in the access control request of the file reading operation, and given the access path of the network authentication server, the administrator can utilize the access control verification module of the file system on the remote computer. The read operation of the guaranteed file can only be performed by the user authorized by the network authentication server. This approach is more convenient than providing a document viewer that looks or waits to provide a compliant authentication mode, even without changing the document format for the browsing tool.
相比传统文件系统,具有自定义存取控制方式的文件系统在具备负责管理和存储文件信息 的基本功能之外, 还能成为支持个性化内容管理应用的基础平台。 本文后面给出实施方案, 其中将对上述内容进行阐述。 附图说明 Compared with the traditional file system, the file system with custom access control mode is responsible for managing and storing file information. In addition to the basic functionality, it can also be the underlying platform for supporting personalized content management applications. Embodiments are given later in the text, which will be explained above. DRAWINGS
图 1是典型文件系统的内部结构图。  Figure 1 is an internal block diagram of a typical file system.
图 2是说明各种常见验证方法的示例图。  FIG. 2 is a diagram showing an example of various common verification methods.
图 3是说明存取控制设置信息存储形式的示例图。  Fig. 3 is a diagram showing an example of a storage form of access control setting information.
图 4是说明存取控制设置信息记录格式的示例图。 具体实施方式  Fig. 4 is a diagram showing an example of an access control setting information recording format. detailed description
具有自定义存取控制方式的文件系统首先是一个文件系统,与传统文件系统相比主要是增 添了自定义存取控制方式的相关功能。 下面将介绍一种本发明的实施方案, 具体内容分为以 下几个方面:  A file system with a custom access control method is first a file system, and the main function of the custom access control method is added to the traditional file system. An embodiment of the present invention will be described below, and the specific content is divided into the following aspects:
验证方法  Authentication method
在本实施中, 验证方法是供存取控制验证模块调用的功能代码, 是不包括硬件、 软件、 网 络设备、 使用者等方面标识信息的验证步骤。 软件程序、 硬件设备、 网络元素、 使用者、 数 据获取途径等方面的标识信息和影响验证步骤工作流程的控制信息将以输入数据的形式传入 验证方法。  In this implementation, the verification method is a function code called by the access control verification module, and is a verification step that does not include identification information of hardware, software, network equipment, users, and the like. Identification information such as software programs, hardware devices, network elements, users, data acquisition paths, and control information affecting the verification step workflow will be passed to the verification method as input data.
在本实施中,验证方法有静态形式和动态形式两类。静态形式的验证方法为文件系统自带 的验证方法, 其实质是文件系统自身所具有的一段函数代码。 另一种是以动态形式存在的验 证方法, 为应用程序或管理者所添加, 且位于文件系统能访问到的动态链接库中。  In this implementation, the verification method has two types: static form and dynamic form. The static form of the verification method is the verification method that the file system comes with, and its essence is a piece of function code that the file system itself has. The other is a verification method that exists in a dynamic form, added to the application or administrator, and located in a dynamic link library accessible to the file system.
在本实施中,存取控制验证模块通过函数调用的形式来使用静态形式的验证方法。对于动 态形式的验证方法, 存取控制验证模块首先需要利用动态链接库的技术来获得验证方法的访 问入口, 然后使用。  In this implementation, the access control verification module uses a static form of the verification method in the form of a function call. For the dynamic form verification method, the access control verification module first needs to use the technology of the dynamic link library to obtain the access point of the verification method, and then use it.
在本实施中,无论静态形式还是动态形式的验证方法, 不同验证方法之间仅存在函数名称 的差异, 返回值类型、参数个数、 参数类型和参数顺序都完全相同。例如采用下列函数形式:  In this implementation, regardless of the static form or the dynamic form of the verification method, there are only differences in function names between different verification methods, and the return type, number of parameters, parameter type, and parameter order are all the same. For example, the following functional forms are used:
int 函数名称 (void *数据指针, int 数据大小, void *结果说明)  Int function name (void * data pointer, int data size, void * result description)
其中, 函数返回值用来标记是否验证成功, 使用非零值表示 true , 即验证成功, 使用零 值表示 fal se, 即验证失败。 数据指针和数据大小两个参数用于向验证方法传递数据信息, 具体为数据指针指向存储所有输入数据信息的数据区域, 而数据大小表示存储所有输入数据 信息的数据区域大小。 结果说明参数指向的内容为验证方法返回的验证结果说明信息。 在本实施中,每个验证方法都具有一个且唯一的标识字符串,不同验证方法之间标识字符 串不同。 验证方法标识字符串由验证方法类型、 验证方法类别、 验证方法提供者以及验证方 法名称四部分组成。 验证方法类型表示验证方法为静态或者动态。 验证方法用途表示验证方 法的工作目的, 例如访问程序验证。 验证方法提供者为表征验证方法开发者或开发厂家的字 符串。 验证方法名称为开发者或者开发厂家为验证方法起的名字。 The function return value is used to mark whether the verification is successful, and the non-zero value is used to indicate true, that is, the verification is successful, and the zero value is used to indicate fal se, that is, the verification fails. The data pointer and data size parameters are used to pass data information to the verification method, specifically the data pointer points to the data area in which all input data information is stored, and the data size represents the size of the data area in which all input data information is stored. The result indicates that the content pointed to by the parameter is the verification result description information returned by the verification method. In this implementation, each verification method has one and only identification string, and the identification strings are different between different verification methods. The verification method identification string consists of the verification method type, the verification method category, the verification method provider, and the verification method name. The verification method type indicates that the verification method is static or dynamic. The purpose of the verification method is to indicate the purpose of the verification method, such as accessing program verification. The validation method provider is a string that characterizes the verification method developer or developer. The verification method name is the name given by the developer or developer for the verification method.
在本实施中, 使用下划线将验证方法类型、验证方法类别、验证方法提供者以及验证方法 名称四部分连接在一起而形成验证方法标识字符串。 具体形式如下:  In this implementation, the verification method type, the verification method category, the verification method provider, and the verification method name are connected together by an underscore to form a verification method identification string. The specific form is as follows:
验证方法类型—验证方法类别—验证方法提供者—验证方法名称  Authentication Method Type - Authentication Method Category - Authentication Method Provider - Authentication Method Name
例如, 一个验证方法标识字符串为 static— user— majie—remotessh, 其中 static表示验 证方法为静态, user表示验证方法工作为用户身份验证, majie为验证方法开发者的标识字 符串, remotessh为开发者给验证方法起的名称。  For example, an authentication method identifier string is static—user—majie—remotessh, where static indicates that the verification method is static, user indicates that the verification method works as user authentication, majie is the authentication method developer's identification string, and remotessh is the developer. The name given to the verification method.
在本实施中,已添加的动态验证方法需要将标识字符串和动态链接库的对应关系以及验证 方法的函数名称记录在规定的配置文件中。 该配置文件主要功能是供存取控制验证模块根据 动态验证方法的标识字符串査询所要使用的动态链接库, 并能最终访问到验证方法。  In this implementation, the added dynamic verification method needs to record the correspondence between the identification string and the dynamic link library and the function name of the verification method in the specified configuration file. The main function of the configuration file is for the access control verification module to query the dynamic link library to be used according to the identification string of the dynamic verification method, and finally access the verification method.
在本实施中,动态验证方法的添加工作是将动态方法对应的动态链接库复制到文件系统能 访问到的目录中, 并在记录标识字符串和动态链接库的配置文件中增添相应条目。  In this implementation, the dynamic verification method is added to copy the dynamic link library corresponding to the dynamic method to a directory accessible by the file system, and add corresponding entries in the configuration file of the record identification string and the dynamic link library.
在本实施中, 根据工作目的, 验证方法可分为用户身份的验证、访问程序的验证以及使用 环境的验证等三种类别。 其中:  In this implementation, according to the purpose of the work, the verification method can be divided into three categories: verification of the user identity, verification of the access procedure, and verification of the usage environment. among them:
1用户身份验证可分为本地身份验证、 网络身份验证、 设备身份验证三种情况。 本地身份 验证是指身份验证信息及身份验证过程都在本地计算机上的情况,例如操作系统的用户身份。 网络身份验证是指需要通过网络获得身份验证信息或者身份验证过程需要使用到网络的情 况, 例如通过认证服务器。 设备身份验证是指需要利用特定设备获得身份验证信息或者身份 验证过程需要使用特定设备的情况, 例如使用 USB-key。  1 User authentication can be divided into three cases: local authentication, network authentication, and device authentication. Local authentication is when both the authentication information and the authentication process are on the local computer, such as the user identity of the operating system. Network authentication refers to the need to obtain authentication information over the network or the authentication process needs to be used on the network, for example through an authentication server. Device authentication is when you need to use a specific device to obtain authentication information or the authentication process requires a specific device, such as using USB-key.
2访问程序验证有直接验证程序、 程序提供证明等验证途径。 直接验证程序是指根据给定 程序信息确认访问程序符合要求, 例如验证程序的名称、 验证程序的进程属性。 程序提供证 明是指访问程序提供能证明其具有访问权限的数据信息,例如带有访问授权含义的数字证书。  2 Access program verification has direct verification procedures, program certification and other verification methods. A direct verification procedure is to confirm that an access program meets the requirements based on the given program information, such as the name of the verification program and the process attribute of the verification program. Procedural verification means that the access program provides data information that proves that it has access rights, such as a digital certificate with the meaning of access authorization.
3使用环境验证可分为计算机硬件环境、 计算机软件环境、 计算机网络环境三种情况。 硬 件环境验证是指验证计算机内包含特定标识或特定功能的硬件, 例如指定 MAC地址的网卡。 软件环境验证是指验证计算机内安装或运行着特定软件, 例如运行着特定安全检测软件。 计 算机网络环境是指验证处于特定的网络中, 例如有特定的网络计算机。  3 use environment verification can be divided into computer hardware environment, computer software environment, computer network environment. Hardware environment verification is the verification of hardware that contains a specific identity or specific functionality within a computer, such as a network card that specifies a MAC address. Software environment verification refers to verifying that specific software is installed or running on a computer, such as running specific security detection software. A computer network environment means that the authentication is in a specific network, such as a specific network computer.
图 2中, 举例说明部分类型的的验证方法。 存取控制设置信息 In Fig. 2, a partial type of verification method is illustrated. Access control setting information
本实施中,在文件系统使用索引方式存储文件以及目录的基础上,存取控制设置信息以文 件系统内部数据结构的形式来保存。 具体的保存方式为:  In the present embodiment, on the basis that the file system stores the file and the directory using the index method, the access control setting information is saved in the form of the internal data structure of the file system. The specific storage method is:
1文件(目录) 的存取控制设置信息记录在独立的物理块上, 所占用物理块的数量由存取 控制设置信息的内容大小决定。  The access control setting information of 1 file (directory) is recorded on a separate physical block, and the number of occupied physical blocks is determined by the content size of the access control setting information.
2在记录文件 (目录) 信息的索引块上, 添加记录存取控制设置信息存储位置的数据项。 数据项的数据结构类型为指针数组, 每个指针都指向一个记录存取控制设置内容的物理块。  2 On the index block of the record file (directory) information, add the data item of the record access control setting information storage location. The data structure type of the data item is an array of pointers, and each pointer points to a physical block that records the contents of the access control settings.
图 3以文件为例展示了存取控制设置信息的存储方式。其中,在索引块中有专门一块区域 用来记录保存存取控制设置信息的物理块。  Figure 3 shows the storage method of the access control setting information by taking a file as an example. Among them, there is a special area in the index block for recording the physical block holding the access control setting information.
在本实施中,存取控制设置信息中记录的是访问操作的存取控制要求,具体为与访问操作 关联的验证方法以及各验证方法执行所需的必要信息。  In the present embodiment, the access control setting information records the access control requirements of the access operation, specifically the verification method associated with the access operation and the necessary information required for each verification method to be executed.
在本实施中,使用 xml标记语言作为存取控制设置信息的记录工具,通过分级嵌套的形式 来记录存取控制设置信息的内容。 具体记录形式可参加下面的例子:  In the present embodiment, the xml markup language is used as a recording tool for access control setting information, and the contents of the access control setting information are recorded in a hierarchically nested form. Specific records can be taken in the following examples:
一个文件记录的内容为公司电话薄, 属于 ABC公司所有。 ABC公司希望该电话本的读取需 要通过网络认证许可, 并且希望该电话本的修改必须在具有特定 MAC地址的计算机上以及必 须通过名为 DocWriter. exe的软件工具。  The content of a document is a company phone book, owned by ABC. ABC hopes that the reading of the phone book will require a network authentication license, and that the phone book modification must be on a computer with a specific MAC address and must pass a software tool called DocWriter.exe.
满足上述要求的存取控制设置信息如图 4, 其中主要标记的含义简要如下:  The access control setting information that satisfies the above requirements is shown in Fig. 4. The meanings of the main tags are as follows:
access control用于标记整个存取控制设置信息。  The access control is used to mark the entire access control setting information.
operation用于标记一个访问操作的存取控制要求。  Operation is used to mark the access control requirements of an access operation.
check method用于标记与一个验证方法有关的内容。  The check method is used to mark content related to a verification method.
param用于标记验证方法所用到的参数。  Param is used to mark the parameters used by the verification method.
operationID用于标记访问操作的标识字符串。  The operationID is used to mark the identification string of the access operation.
checkID用于标记验证方法的标识字符串。  checkID is used to mark the identification string of the authentication method.
在本实施中, 文件(目录)的存取控制设置信息内与自身关联的访问操作主要包括以下三 类:  In this implementation, the access operations associated with itself in the access control setting information of the file (directory) mainly include the following three types:
1围绕目录或文件的内容访问操作。例如, 针对文件的读、写和执行, 针对目录的读、 写。 2围绕目录或文件的个体管理操作。例如, 针对文件与目录的复制、重命名、删除、移动、 修改属性操作。  1 Content access operations around a directory or file. For example, for reading, writing, and executing files, reading and writing to directories. 2 Individual management operations around directories or files. For example, copying, renaming, deleting, moving, and modifying attribute operations for files and directories.
3围绕存取控制设置信息的访问操作。 例如, 针对存取控制设置信息的读、 写操作。 在本实施中, 目录的存取控制设置信息具有影响下级目录访问操作及下级文件访问操作的 功能, 具体途径为将下级目录或下级文件都具有的存取控制要求存放到目录的存取控制设置 信息中。 例如, 对于一个访问操作, 同一目录内的所有文件都具有一样的存取控制要求, 则 访问操作的存取控制要求可被记录到文件所在目录的存取控制设置信息中。 3 Access operations around access control settings information. For example, read and write operations for access control setting information. In this implementation, the access control setting information of the directory has the function of affecting the lower directory access operation and the lower file access operation, and the specific way is to store the access control requirements of the lower directory or the lower file to the directory access control setting. Information. For example, for an access operation, all files in the same directory have the same access control requirements, and the access control requirements of the access operation can be recorded in the access control setting information of the directory where the file is located.
在本实施中, 存储控制设置信息内每个访问操作都会用一个全局唯一的标识字符串来表 示。 访问操作标识字符串的命名规则为:  In this implementation, each access operation within the storage control setup information is represented by a globally unique identification string. The naming rules for accessing the action ID string are:
1与文件(目录)本身关联的操作直接使用访问操作名称做标识字符串, 例如, 读操作使 用 read来标识, 存储控制设置信息的读取使用 readconf ig来标识。  1 The operation associated with the file (directory) itself directly uses the access operation name as the identification string. For example, the read operation is identified by read, and the read of the storage control setting information is identified by readconf ig.
2 与下级目录或下级文件关联的访问操作使用访问操作名称后面分别加上 '― dir ' 或 '—fi le '作为标识字符串。例如,目录下属所有文件的读操作对应的标识字符串为 read— f i 1 e, 目录下属所有目录的写操作对应的标识字符串为 write— dir。  2 The access operation associated with the subordinate directory or subordinate file uses the name of the access operation followed by '― dir ' or '-fi le ' as the identification string. For example, the identifier string corresponding to the read operation of all files in the directory is read_f i 1 e, and the identifier string corresponding to the write operation of all directories in the directory is write_dir.
存取控制验证模块  Access control verification module
在本实施中, 审核访问权限的实质工作由存取控制验证模块来完成, 完成的方式为执行各 种与访问操作关联的验证方法。 执行工作具体包含四个方面: (1 ) 获得与操作关联的存取控 制要求; (2 ) 获取每项存取控制要求所包含验证方法的访问途经; (3 ) 依次执行每项存取控 制要求包含的验证方法; (4) 依据验证结果, 决定操作的执行。  In this implementation, the substantive work of auditing access rights is performed by the access control verification module in a manner that performs various authentication methods associated with the access operations. The implementation work includes four aspects: (1) obtaining the access control requirements associated with the operation; (2) obtaining access methods for the verification methods included in each access control request; (3) executing each access control request in turn. The verification method included; (4) Determine the execution of the operation based on the verification result.
在本实施中, 与访问操作关联的存取控制要求主要有两个来源, 一个是文件(目录)本身 的存取控制设置信息, 另一个是文件 (目录) 所在路径上的上层目录所携带的存取控制设置 信息。  In this implementation, the access control requirements associated with the access operation mainly have two sources, one is the access control setting information of the file (directory) itself, and the other is carried by the upper directory on the path where the file (directory) is located. Access control settings information.
在本实施中, 获取与访问操作关联的存取控制要求需要完成两方面工作。首先, 遍历文件 (目录) 本身的存取控制设置信息, 利用访问操作对应的标识字符串来査找与访问操作对应 的存取控制要求。其次, 根据文件(目录)所在路径, 从根目录开始, 利用表征下级文件(目 录) 访问操作的标识字符串来检索每级目录的存取控制设置信息, 用来査找会影响访问操作 的存取控制要求。  In this implementation, obtaining access control requirements associated with an access operation requires completion of both aspects of the work. First, the access control setting information of the file (directory) itself is traversed, and the identification string corresponding to the access operation is used to find the access control request corresponding to the access operation. Secondly, according to the path of the file (directory), starting from the root directory, the access control setting information of each level of the directory is retrieved by using the identification string representing the access operation of the lower-level file (directory), and is used to find the access that affects the access operation. Control requirements.
在本实施中, 文件(目录) 的存取控制设置信息的访问过程为: 访问记录文件(目录)信 息的索引节点, 找到记录存储存取控制设置信息存取位置的数据项; 遍历该数据项的每个指 针成员, 通过访问指针指向的物理块实现访问存取控制设置信息内容的目的。  In this implementation, the access control setting information accessing process of the file (directory) is: accessing the index node of the record file (directory) information, finding the data item of the record storage access control setting information access location; traversing the data item Each pointer member realizes the purpose of accessing the access control setting information content by accessing the physical block pointed to by the pointer.
在本实施中, 由于存取控制设置信息中的验证方法都是用标识字符串来表征的,与访问操 作关联的存储控制要求搜集完毕之后, 还需要将每个存取控制要求包含的验证方法标识字符 串转换为可被执行代码所调用的形式。  In this implementation, since the verification methods in the access control setting information are all characterized by the identification string, after the storage control requirements associated with the access operation are collected, the verification method included in each access control request is also required. The identity string is converted to a form that can be called by the execution code.
在本实施中, 为了完成验证方法标识字符串向执行代码调用形式的转换, 文件系统分别为 静态验证方法和动态验证方法维持一个静态方法映射表和一个动态方法映射表。 两个映射表 分别存储静态验证方法标识字符串和静态验证方法函数指针的映射关系、 动态验证方法标识 字符串和动态验证方法访问入口的映射关系。 In this implementation, in order to complete the conversion of the verification method identification string to the execution code calling form, the file system maintains a static method mapping table and a dynamic method mapping table for the static verification method and the dynamic verification method, respectively. The two mapping tables respectively store the mapping relationship between the static verification method identification string and the static verification method function pointer, and the dynamic verification method identifier The mapping between the string and the dynamic authentication method access entry.
在本实施中,静态方法映射表和动态方法映射表的数据内容初始构建和运行期间更新遵循 以下原则:  In this implementation, the initial construction and runtime updates of the data content of the static method mapping table and the dynamic method mapping table follow the following principles:
1静态方法映射表的构建在文件系统加载时直接完成。静态方法映射表的数据内容在运行 期间保持不变。  1 The construction of the static method mapping table is completed directly when the file system is loaded. The data content of the static method map remains unchanged during the run.
动态方法映射表的构建在存取控制验证模块第一次使用动态验证方法时完成。构建的基 本途径是读取记录动态验证方法访问途径和动态验证方法标识字符串之间映射关系的配置文 件。 在动态验证方法标识字符串査询失败时, 存取控制验证模块会直接查看配置文件, 并将 动态方法映射表的数据内容进行一次更新。  The construction of the dynamic method mapping table is completed when the access control verification module first uses the dynamic verification method. The basic way of constructing is to read the configuration file that records the mapping between the dynamic authentication method access path and the dynamic authentication method identification string. When the dynamic authentication method identifies the string query failure, the access control verification module directly views the configuration file and updates the data content of the dynamic method mapping table.
在本实施中, 为了使用验证方法,存取控制验证模块需要先从验证方法标识字符串中提取 出验证方法类别信息, 然后根据验证方法的类别去访问动态方法映射表或者静态方法映射表 而获得验证方法的访问入口。  In this implementation, in order to use the verification method, the access control verification module needs to first extract the verification method category information from the verification method identification string, and then obtain the dynamic method mapping table or the static method mapping table according to the category of the verification method. The access point to the authentication method.
在本实施中,获得各个验证方法的访问入口之后,存取控制验证模块依次执行存取控制要 求所覆盖的验证方法。 具体验证方法的执行次序分为两个层面:  In the present embodiment, after obtaining the access entries of the respective verification methods, the access control verification module sequentially executes the verification methods covered by the access control requirements. The execution order of the specific verification method is divided into two levels:
1在不同存取控制设置信息之间, 根据文件(目录)所在路径由上层到下层逐步执行每个 关联存取控制要求记录的验证方法。  1 Between different access control setting information, the verification method of each associated access control request record is stepwise executed from the upper layer to the lower layer according to the path of the file (directory).
2在同一个存取控制要求内, 根据记录的顺序来执行关联的验证方法。  2 Within the same access control requirement, the associated verification method is executed according to the order of the records.
在本实施中,执行验证方法时将存取控制要求中所记录的参数作为验证方法执行所需的输 入数据, 即使用存取控制要求中参数关键字标记的内容传入验证方法。 例如, 图 4中 param 关键字所标记的内容。  In the present embodiment, when the verification method is executed, the parameters recorded in the access control request are used as the input data required for the verification method, that is, the content of the parameter keyword tag in the access control request is used to pass the verification method. For example, the content marked by the param keyword in Figure 4.
在本实施中,存取控制验证模块执行每个验证方法后都会得到验证结果,若验证结果表明 存在验证步骤执行失败, 则拒绝访问操作的执行。  In this implementation, the access control verification module will obtain the verification result after executing each verification method, and if the verification result indicates that the verification step fails to execute, the execution of the access operation is denied.
在本实施中,存取控制验证模块无法找到存取控制要求中关联验证方法的访问入口,则拒 绝访问操作执行。  In this implementation, the access control verification module cannot find the access entry of the associated authentication method in the access control request, and then denies the access operation.
程序访问接口  Program access interface
在本实施中, 文件系统向上层应用程序提供的程序访问接口由三部分组成, 分别为: 1, 典型文件系统具有的通用访问接口, 例如文件读、 文件写等; 2, 存取控制设置信息的访问接 口, 例如存取控制设置信息的读、 写、 删除等操作。 4, 文件与目录的个体管理访问接口, 例 如文件与目录的移动和复制等。  In this implementation, the program access interface provided by the file system to the upper layer application is composed of three parts, which are: 1. A common access interface of a typical file system, such as file reading, file writing, etc.; 2. Access control setting information Access interfaces, such as read, write, delete, etc. of access control settings information. 4. Individual management access interfaces for files and directories, such as file and directory movement and replication.
在本实施中, 上层应用程序通过通用访问接口实现文件(目录)个体管理功能时, 其涉及 的到的存取控制验证过程与直接调用相应个体管理访问接口并不相同。 例如,对一个文件,利用读和写两个通用访问操作可以实现个体管理访问接口中的操作复 制。但在存取控制验证时,前者涉及到源文件的读操作和目标目录的写操作的存取控制验证, 而后者涉及到源文件的复制操作和目标目录的写操作的存取控制验证。 In this implementation, when the upper application implements the file (directory) individual management function through the universal access interface, the access control verification process involved is not the same as directly calling the corresponding individual management access interface. For example, for a file, two common access operations, read and write, can be used to implement operational replication in the individual management access interface. However, in the access control verification, the former involves the read operation of the source file and the access control of the target directory, and the latter involves the copy operation of the source file and the access control verification of the write operation of the target directory.
其他方面  other aspects
在本实施中, 带有存取控制设置信息的文件(目录)在支持与不支持自定义存取控制方式 的文件系统间进行移动或复制时, 文件 (目录) 存取设置信息将被执行封装或拆装操作。 具 体为:  In this implementation, when a file (directory) with access control setting information is moved or copied between a file system supporting and supporting a custom access control mode, file (directory) access setting information is to be encapsulated. Or disassembly operations. Specifically:
1文件从支持自定义存取控制方式的文件系统移动复制到不支持自定义存取控制方式的文 件系统时, 存取控制设置信息在不支持存取控制设置信息的文件系统中会被保存为一个独立 的文件。  1 When a file is moved from a file system that supports a custom access control mode to a file system that does not support the custom access control mode, the access control setting information is saved as a file system that does not support the access control setting information. A separate file.
2文件从不支持自定义存取控制方式的文件系统移动复制到支持自定义存取控制方式的文 件系统时, 存取控制设置信息将从记录存取控制设置信息的独立文件中导出, 并被存入支持 自定义存取控制方式文件系统中的存储位置。  2 When a file is moved from a file system that does not support the custom access control mode to a file system that supports the custom access control mode, the access control setting information is derived from the separate file of the record access control setting information, and is Store the storage location in the file system that supports the custom access control mode.
在本实施中,不支持自定义存取控制方式的文件系统中,记录存取控制设置信息的文件具 有和内容文件相同的文件名, 但后缀名使用专用后缀。  In the present embodiment, in a file system that does not support the custom access control mode, the file in which the access control setting information is recorded has the same file name as the content file, but the suffix name uses a dedicated suffix.
此外,尽管以上揭示了本发明的一种实施方案,但本发明并不局限在特定的形式或所揭示 的形式。 本领域技术人员在熟读本申请后能够理解, 在不脱离本发明的内容、 范围和精神的 前提下而获得的等效事物也在本发明的覆盖范围中。  In addition, although an embodiment of the invention has been disclosed above, the invention is not limited to the specific forms or forms disclosed. Those skilled in the art will understand that the equivalents obtained without departing from the scope, scope and spirit of the invention are also in the scope of the invention.

Claims

权 利 要 求 书 1一种在文件系统中提供自定义存取控制方式的方法, 包括以下步骤: Claim 1 is a method for providing a custom access control method in a file system, comprising the steps of:
( 1 ) 文件系统提供多种验证方法, 并支持新验证方法的添加;  (1) The file system provides multiple verification methods and supports the addition of new verification methods;
(2)在文件(目录)的存取控制设置信息中记录与访问操作相关联的验证方法以及关联验证 方法执行所需的必要信息;  (2) recording the verification method associated with the access operation and the necessary information required for the execution of the associated verification method in the access control setting information of the file (directory);
(3 )针对文件(目录)的访问操作,存取控制工作过程为执行访问操作关联的每个验证方法; (3) for the access operation of the file (directory), the access control work process is each verification method associated with performing the access operation;
(4) 文件系统提供操作存取控制设置信息的访问接口。 (4) The file system provides an access interface for operating access control setting information.
2如权利要求 1 中所述验证方法, 其特征包括: 验证方法的存在形式为一个验证访问操作发 生是否符合执行条件的功能函数。  The verification method according to claim 1, characterized in that the verification method exists in the form of a function function for verifying whether the access operation meets the execution condition.
3如权利要求 2中所述执行条件, 其特征包括: 执行条件的内容由验证方法的工作过程和验 证方法执行所需的必要信息共同决定。  The execution condition as set forth in claim 2, characterized in that the content of the execution condition is determined by the work process of the verification method and the necessary information required for the execution of the verification method.
4如权利要求 2中所述执行条件, 其特征包括: 要求访问者具有规定认证体系的合法身份。 5如权利要求 2中所述执行条件, 其特征包括: 要求访问程序具有规定属性。  4. Execution conditions as recited in claim 2, characterized by: requiring the visitor to have a legal identity specifying the authentication system. 5. An execution condition as recited in claim 2, characterized by: requiring the access program to have a specified attribute.
6如权利要求 2中所述执行条件, 其特征包括: 要求计算机硬件、 软件或网络环境具有规定 的特征。 6. Execution conditions as recited in claim 2, characterized by: requiring the computer hardware, software or network environment to have defined characteristics.
7如权利要求 1 中所述存取控制工作过程, 其特征包括: 所有关联验证方法的执行结果共同 决定访问操作是否被批准执行。  The access control work process of claim 1 wherein: the execution results of all associated verification methods collectively determine whether the access operation is approved for execution.
PCT/CN2010/070267 2009-02-13 2010-01-20 Method for providing custom access control mode in file system WO2010091607A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910008922.6 2009-02-13
CN 200910008922 CN101807185B (en) 2009-02-13 2009-02-13 Method for providing user-defined access control mode in file system

Publications (1)

Publication Number Publication Date
WO2010091607A1 true WO2010091607A1 (en) 2010-08-19

Family

ID=42561400

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/070267 WO2010091607A1 (en) 2009-02-13 2010-01-20 Method for providing custom access control mode in file system

Country Status (2)

Country Link
CN (1) CN101807185B (en)
WO (1) WO2010091607A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102915410A (en) * 2012-10-11 2013-02-06 国网电力科学研究院 Computer file protection method and protection device
CN104517060A (en) * 2015-01-08 2015-04-15 南京创和信息技术有限公司 System and method for intercepting file access instruction based on Android platform
CN106055986A (en) * 2016-05-06 2016-10-26 北京优炫软件股份有限公司 Method and device for permission control
CN108572832B (en) * 2018-03-28 2021-07-06 福建天晴数码有限公司 Method and system for dynamically updating application version

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000259476A (en) * 1999-03-10 2000-09-22 Toshiba Corp File management system and server computer
US20010023421A1 (en) * 1999-12-16 2001-09-20 International Business Machines Corporation Access control system, access control method, storage medium and program transmission apparatus
US20060174080A1 (en) * 2005-02-03 2006-08-03 Kern Robert F Apparatus and method to selectively provide information to one or more computing devices

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000259476A (en) * 1999-03-10 2000-09-22 Toshiba Corp File management system and server computer
US20010023421A1 (en) * 1999-12-16 2001-09-20 International Business Machines Corporation Access control system, access control method, storage medium and program transmission apparatus
US20060174080A1 (en) * 2005-02-03 2006-08-03 Kern Robert F Apparatus and method to selectively provide information to one or more computing devices

Also Published As

Publication number Publication date
CN101807185A (en) 2010-08-18
CN101807185B (en) 2012-08-01

Similar Documents

Publication Publication Date Title
US11308126B2 (en) Different hierarchies of resource data objects for managing system resources
US10540173B2 (en) Version control of applications
CN106202452B (en) Unified data resource management system and method for big data platform
US11574070B2 (en) Application specific schema extensions for a hierarchical data structure
JP5380540B2 (en) Data tier application component
JP4537022B2 (en) A data processing method, a storage area control method, and a data processing system that limit data arrangement.
US11341118B2 (en) Atomic application of multiple updates to a hierarchical data structure
US11675774B2 (en) Remote policy validation for managing distributed system resources
US8219919B2 (en) Method for automating construction of the flow of data driven applications in an entity model
US8180812B2 (en) Templates for configuring file shares
US10089371B2 (en) Extensible extract, transform and load (ETL) framework
EP2711860B1 (en) System and method for managing role based access control of users
US9560121B2 (en) Provisioning a web hosting resource using a cloud service
US20030041154A1 (en) System and method for controlling UNIX group access using LDAP
US20050234966A1 (en) System and method for managing supply of digital content
US7233949B2 (en) System and method for controlling user authorities to access one or more databases
WO2010091607A1 (en) Method for providing custom access control mode in file system
JP2010079444A (en) File management method and system by metadata
JP5783010B2 (en) Index management program, index management device, and search system
JP4342326B2 (en) Database controller
CN112905564B (en) Atlas-based method and device for managing metadata of Oracle database
KR102438329B1 (en) Method for managing virtual file, apparatus for the same, computer program for the same, and recording medium storing computer program thereof
JP4489634B2 (en) Web server system using Java servlet
JP4882550B2 (en) Object management system, object management method, and computer program
CN114064659A (en) Method, device, medium and electronic equipment for setting database table of database

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10740896

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10740896

Country of ref document: EP

Kind code of ref document: A1