WO2022191455A1 - Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement - Google Patents

Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement Download PDF

Info

Publication number
WO2022191455A1
WO2022191455A1 PCT/KR2022/002139 KR2022002139W WO2022191455A1 WO 2022191455 A1 WO2022191455 A1 WO 2022191455A1 KR 2022002139 W KR2022002139 W KR 2022002139W WO 2022191455 A1 WO2022191455 A1 WO 2022191455A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
processor
file system
sensitive information
electronic device
Prior art date
Application number
PCT/KR2022/002139
Other languages
English (en)
Korean (ko)
Inventor
길영진
서성종
이우중
김재욱
Original Assignee
삼성전자 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 삼성전자 주식회사 filed Critical 삼성전자 주식회사
Publication of WO2022191455A1 publication Critical patent/WO2022191455A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • G06F16/164File meta data generation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • Embodiments disclosed in this document relate to an electronic device that performs file redaction and an operating method thereof.
  • a user-space process can read a file through the kernel-space file system.
  • file redaction may be performed on the specific area of the file.
  • the file redacting may refer to a function of processing data of a specific area among data of a file and providing it to a process.
  • a database for communication between processes, switching of modes, and a file redaction area may cause overhead to the electronic device.
  • An electronic device includes a processor and a storage connected to the processor and storing instructions, and the instructions, when executed by the processor, cause the processor to In response to the file creation request: requesting a media provider to create a file via the first file system, requesting a second file system to create the file via the media provider, and via the second file system and create a file, and store setting information indicating access rights of the file and the scope of sensitive information in a designated area of the file and/or a metadata block of the storage.
  • a first file system of the electronic device in response to a file creation request from an application of the electronic device: a first file system of the electronic device sends a file to a media provider of the electronic device requesting creation, the media provider requesting the second file system of the electronic device to create the file, the second file system creating the file, and the second file system generating the file.
  • the method may include storing setting information indicating the access right of the file and the range of sensitive information in a designated area of the file and/or in a metadata block of storage of the electronic device.
  • a non-transitory computer-readable recording medium when executed by a processor, causes the processor to: in response to a file creation request from an application: to a media provider through a first file system request creation of a file, request creation of the file from a second file system through the media provider, create a file through the second file system, access right of the file, and scope of sensitive information It may include instructions for storing the indicated setting information in a designated area and/or meta data block of the file.
  • an overhead for file redaction can be reduced when reading a file.
  • FIG. 1 is a block diagram of an electronic device in a network environment, according to various embodiments of the present disclosure.
  • FIG. 2 is a diagram illustrating a configuration of an electronic device according to an embodiment of the present disclosure.
  • 3A is a diagram illustrating a processing sequence of a file creation operation between components of an electronic device according to an embodiment of the present disclosure.
  • 3B is a diagram illustrating a processing sequence of a file creation operation between a media provider, a file system, and a memory according to an embodiment of the present disclosure.
  • FIG. 4 is a diagram illustrating a processing sequence of a file open operation between components of an electronic device according to an embodiment of the present disclosure.
  • FIG. 5 is a diagram illustrating a processing sequence of a file read operation between components of an electronic device according to an embodiment of the present disclosure.
  • FIG. 6 is a flowchart illustrating a file creation operation of the electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 7 is a flowchart illustrating a file open operation of the electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 8 is a flowchart illustrating a file read operation of the electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 1 is a block diagram of an electronic device 101 in a network environment 100 according to various embodiments of the present disclosure.
  • an electronic device 101 communicates with an electronic device 102 through a first network 198 (eg, a short-range wireless communication network) or a second network 199 . It may communicate with the electronic device 104 or the server 108 through (eg, a long-distance wireless communication network). According to an embodiment, the electronic device 101 may communicate with the electronic device 104 through the server 108 .
  • a first network 198 eg, a short-range wireless communication network
  • a second network 199 e.g., a second network 199
  • the electronic device 101 may communicate with the electronic device 104 through the server 108 .
  • the electronic device 101 includes a processor 120 , a memory 130 , an input module 150 , a sound output module 155 , a display module 160 , an audio module 170 , and a sensor module ( 176), interface 177, connection terminal 178, haptic module 179, camera module 180, power management module 188, battery 189, communication module 190, subscriber identification module 196 , or an antenna module 197 .
  • at least one of these components eg, the connection terminal 178
  • some of these components are integrated into one component (eg, display module 160 ). can be
  • the processor 120 for example, executes software (eg, a program 140) to execute at least one other component (eg, a hardware or software component) of the electronic device 101 connected to the processor 120. It can control and perform various data processing or operations. According to an embodiment, as at least part of data processing or operation, the processor 120 stores a command or data received from another component (eg, the sensor module 176 or the communication module 190 ) into the volatile memory 132 . may be stored in , process commands or data stored in the volatile memory 132 , and store the result data in the non-volatile memory 134 .
  • software eg, a program 140
  • the processor 120 stores a command or data received from another component (eg, the sensor module 176 or the communication module 190 ) into the volatile memory 132 .
  • the processor 120 stores a command or data received from another component (eg, the sensor module 176 or the communication module 190 ) into the volatile memory 132 .
  • the processor 120 is a main processor 121 (eg, a central processing unit or an application processor) or a secondary processor 123 (eg, a graphic processing unit, a neural network processing unit) a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor).
  • a main processor 121 eg, a central processing unit or an application processor
  • a secondary processor 123 eg, a graphic processing unit, a neural network processing unit
  • NPU neural processing unit
  • an image signal processor e.g., a sensor hub processor, or a communication processor.
  • the secondary processor 123 may, for example, act on behalf of the main processor 121 while the main processor 121 is in an inactive (eg, sleep) state, or when the main processor 121 is active (eg, executing an application). ), together with the main processor 121, at least one of the components of the electronic device 101 (eg, the display module 160, the sensor module 176, or the communication module 190) It is possible to control at least some of the related functions or states.
  • the auxiliary processor 123 eg, image signal processor or communication processor
  • the auxiliary processor 123 may include a hardware structure specialized for processing an artificial intelligence model.
  • Artificial intelligence models can be created through machine learning. Such learning may be performed, for example, in the electronic device 101 itself on which artificial intelligence is performed, or may be performed through a separate server (eg, the server 108).
  • the learning algorithm may include, for example, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning, but in the above example not limited
  • the artificial intelligence model may include a plurality of artificial neural network layers.
  • Artificial neural networks include deep neural networks (DNNs), convolutional neural networks (CNNs), recurrent neural networks (RNNs), restricted boltzmann machines (RBMs), deep belief networks (DBNs), bidirectional recurrent deep neural networks (BRDNNs), It may be one of deep Q-networks or a combination of two or more of the above, but is not limited to the above example.
  • the artificial intelligence model may include, in addition to, or alternatively, a software structure in addition to the hardware structure.
  • the memory 130 may store various data used by at least one component (eg, the processor 120 or the sensor module 176 ) of the electronic device 101 .
  • the data may include, for example, input data or output data for software (eg, the program 140 ) and instructions related thereto.
  • the memory 130 may include a volatile memory 132 or a non-volatile memory 134 .
  • the program 140 may be stored as software in the memory 130 , and may include, for example, an operating system 142 , middleware 144 , or an application 146 .
  • the input module 150 may receive a command or data to be used by a component (eg, the processor 120 ) of the electronic device 101 from the outside (eg, a user) of the electronic device 101 .
  • the input module 150 may include, for example, a microphone, a mouse, a keyboard, a key (eg, a button), or a digital pen (eg, a stylus pen).
  • the sound output module 155 may output a sound signal to the outside of the electronic device 101 .
  • the sound output module 155 may include, for example, a speaker or a receiver.
  • the speaker can be used for general purposes such as multimedia playback or recording playback.
  • the receiver can be used to receive incoming calls. According to an embodiment, the receiver may be implemented separately from or as a part of the speaker.
  • the display module 160 may visually provide information to the outside (eg, a user) of the electronic device 101 .
  • the display module 160 may include, for example, a control circuit for controlling a display, a hologram device, or a projector and a corresponding device.
  • the display module 160 may include a touch sensor configured to sense a touch or a pressure sensor configured to measure the intensity of a force generated by the touch.
  • the audio module 170 may convert a sound into an electric signal or, conversely, convert an electric signal into a sound. According to an embodiment, the audio module 170 acquires a sound through the input module 150 , or an external electronic device (eg, a sound output module 155 ) connected directly or wirelessly with the electronic device 101 .
  • the electronic device 102) eg, a speaker or headphones
  • the electronic device 102 may output a sound.
  • the sensor module 176 detects an operating state (eg, power or temperature) of the electronic device 101 or an external environmental state (eg, a user state), and generates an electrical signal or data value corresponding to the sensed state. can do.
  • the sensor module 176 may include, for example, a gesture sensor, a gyro sensor, a barometric pressure sensor, a magnetic sensor, an acceleration sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biometric sensor, It may include a temperature sensor, a humidity sensor, or an illuminance sensor.
  • the interface 177 may support one or more specified protocols that may be used by the electronic device 101 to directly or wirelessly connect with an external electronic device (eg, the electronic device 102 ).
  • the interface 177 may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface.
  • the connection terminal 178 may include a connector through which the electronic device 101 can be physically connected to an external electronic device (eg, the electronic device 102 ).
  • the connection terminal 178 may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (eg, a headphone connector).
  • the haptic module 179 may convert an electrical signal into a mechanical stimulus (eg, vibration or movement) or an electrical stimulus that the user can perceive through tactile or kinesthetic sense.
  • the haptic module 179 may include, for example, a motor, a piezoelectric element, or an electrical stimulation device.
  • the camera module 180 may capture still images and moving images. According to an embodiment, the camera module 180 may include one or more lenses, image sensors, image signal processors, or flashes.
  • the power management module 188 may manage power supplied to the electronic device 101 .
  • the power management module 188 may be implemented as, for example, at least a part of a power management integrated circuit (PMIC).
  • PMIC power management integrated circuit
  • the battery 189 may supply power to at least one component of the electronic device 101 .
  • the battery 189 may include, for example, a non-rechargeable primary cell, a rechargeable secondary cell, or a fuel cell.
  • the communication module 190 is a direct (eg, wired) communication channel or a wireless communication channel between the electronic device 101 and an external electronic device (eg, the electronic device 102, the electronic device 104, or the server 108). It can support establishment and communication performance through the established communication channel.
  • the communication module 190 may include one or more communication processors that operate independently of the processor 120 (eg, an application processor) and support direct (eg, wired) communication or wireless communication.
  • the communication module 190 is a wireless communication module 192 (eg, a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) or a wired communication module 194 (eg, : It may include a local area network (LAN) communication module, or a power line communication module).
  • a wireless communication module 192 eg, a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module
  • GNSS global navigation satellite system
  • wired communication module 194 eg, : It may include a local area network (LAN) communication module, or a power line communication module.
  • a corresponding communication module among these communication modules is a first network 198 (eg, a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)) or a second network 199 (eg, legacy It may communicate with the external electronic device 104 through a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (eg, a telecommunication network such as a LAN or a WAN).
  • a first network 198 eg, a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)
  • a second network 199 eg, legacy It may communicate with the external electronic device 104 through a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (eg, a telecommunication network such as a LAN or a WAN).
  • a telecommunication network
  • the wireless communication module 192 uses subscriber information (eg, International Mobile Subscriber Identifier (IMSI)) stored in the subscriber identification module 196 within a communication network such as the first network 198 or the second network 199 .
  • subscriber information eg, International Mobile Subscriber Identifier (IMSI)
  • IMSI International Mobile Subscriber Identifier
  • the electronic device 101 may be identified or authenticated.
  • the wireless communication module 192 may support a 5G network after a 4G network and a next-generation communication technology, for example, a new radio access technology (NR).
  • NR access technology includes high-speed transmission of high-capacity data (eMBB (enhanced mobile broadband)), minimization of terminal power and access to multiple terminals (mMTC (massive machine type communications)), or high reliability and low latency (URLLC (ultra-reliable and low-latency) -latency communications)).
  • eMBB enhanced mobile broadband
  • mMTC massive machine type communications
  • URLLC ultra-reliable and low-latency
  • the wireless communication module 192 may support a high frequency band (eg, mmWave band) to achieve a high data rate, for example.
  • a high frequency band eg, mmWave band
  • the wireless communication module 192 uses various techniques for securing performance in a high-frequency band, for example, beamforming, massive multiple-input and multiple-output (MIMO), all-dimensional multiplexing. It may support technologies such as full dimensional MIMO (FD-MIMO), an array antenna, analog beam-forming, or a large scale antenna.
  • the wireless communication module 192 may support various requirements defined in the electronic device 101 , an external electronic device (eg, the electronic device 104 ), or a network system (eg, the second network 199 ).
  • the wireless communication module 192 includes a peak data rate (eg, 20 Gbps or more) for realizing eMBB, loss coverage (eg, 164 dB or less) for realizing mMTC, or U-plane latency for realizing URLLC ( Example: Downlink (DL) and uplink (UL) each 0.5 ms or less, or round trip 1 ms or less) can be supported.
  • a peak data rate eg, 20 Gbps or more
  • loss coverage eg, 164 dB or less
  • U-plane latency for realizing URLLC
  • the antenna module 197 may transmit or receive a signal or power to the outside (eg, an external electronic device).
  • the antenna module 197 may include an antenna including a conductor formed on a substrate (eg, a PCB) or a radiator formed of a conductive pattern.
  • the antenna module 197 may include a plurality of antennas (eg, an array antenna). In this case, at least one antenna suitable for a communication method used in a communication network such as the first network 198 or the second network 199 is connected from the plurality of antennas by, for example, the communication module 190 . can be selected. A signal or power may be transmitted or received between the communication module 190 and an external electronic device through the selected at least one antenna.
  • other components eg, a radio frequency integrated circuit (RFIC)
  • RFIC radio frequency integrated circuit
  • the antenna module 197 may form a mmWave antenna module.
  • the mmWave antenna module comprises a printed circuit board, an RFIC disposed on or adjacent to a first side (eg, bottom side) of the printed circuit board and capable of supporting a designated high frequency band (eg, mmWave band); and a plurality of antennas (eg, an array antenna) disposed on or adjacent to a second side (eg, top or side) of the printed circuit board and capable of transmitting or receiving signals of the designated high frequency band. can do.
  • peripheral devices eg, a bus, general purpose input and output (GPIO), serial peripheral interface (SPI), or mobile industry processor interface (MIPI)
  • signal eg commands or data
  • the command or data may be transmitted or received between the electronic device 101 and the external electronic device 104 through the server 108 connected to the second network 199 .
  • Each of the external electronic devices 102 or 104 may be the same as or different from the electronic device 101 .
  • all or part of the operations executed by the electronic device 101 may be executed by one or more external electronic devices 102 , 104 , or 108 .
  • the electronic device 101 may perform the function or service itself instead of executing the function or service itself.
  • one or more external electronic devices may be requested to perform at least a part of the function or the service.
  • One or more external electronic devices that have received the request may execute at least a part of the requested function or service, or an additional function or service related to the request, and transmit a result of the execution to the electronic device 101 .
  • the electronic device 101 may process the result as it is or additionally and provide it as at least a part of a response to the request.
  • cloud computing, distributed computing, mobile edge computing (MEC), or client-server computing technology may be used.
  • the electronic device 101 may provide an ultra-low latency service using, for example, distributed computing or mobile edge computing.
  • the external electronic device 104 may include an Internet of things (IoT) device.
  • the server 108 may be an intelligent server using machine learning and/or neural networks.
  • the external electronic device 104 or the server 108 may be included in the second network 199 .
  • the electronic device 101 may be applied to an intelligent service (eg, smart home, smart city, smart car, or health care) based on 5G communication technology and IoT-related technology.
  • FIG. 2 is a diagram illustrating a configuration of an electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 2 may be described with reference to configurations of the electronic device 101 of FIG. 1 .
  • the electronic device 101 is a program that may be executed by a processor (the processor 120 of FIG. 1 ), and includes an application 146 , a framework 210 , a kernel 230 , or a combination thereof.
  • the framework 210 may include a media provider 220.
  • the kernel 230 may include a file system in user space (FUSE) 240; may include file system 250.
  • the term 'fuse' refers to a program that enables a program running in user space to export a file system to kernel space.
  • a program that enables a program running in the user space to export a file system to the kernel space may be understood as a fuse 240.
  • the fuse 240 may include It is referred to as a first file system, and the file system 250 may also be referred to as a second file system.
  • the application 146 and/or the framework 210 may refer to a program operating in a user space of the memory 130 (or virtual memory). In one embodiment, the application 146 , and/or the framework 210 may perform operations while the processor 120 is in user mode.
  • the kernel 230 may refer to a program operating in a kernel space of the memory 130 (or virtual memory). In an embodiment, the kernel 230 may perform an operation while the processor 120 is in the kernel mode.
  • the user mode when a program operating in the user area requests an operation from a program operating in the kernel area, the user mode may be switched to the kernel mode. In an embodiment, when a program operating in the kernel region provides a response to a request to a program operating in the user region, the kernel mode may be switched to the user mode.
  • the application 146 may make a request to the fuse 240 and obtain a response to the request from the fuse 240 . In one embodiment, the application 146 may send and receive requests and/or responses directly to the fuse 240 . In one embodiment, the application 146 may indirectly send and receive requests and/or responses with the fuse 240 . For example, the application 146 may indirectly send and receive requests and/or responses to and from the fuse 240 through a virtual file system (VFS).
  • VFS virtual file system
  • the application 146 may perform an operation on a file through the fuse 240 .
  • the application 146 performs an operation of create, open, read, write, close, or a combination thereof through the fuse 240 . can do.
  • the file may include a photo, a video, or a combination thereof.
  • the application 146 may generate a system call to request an operation on a file through the fuse 240 .
  • the processor 120 may change from the user mode to the kernel mode.
  • fuse 240 forwards a request to media provider 220 based on a request from application 146 , and/or a designated area of memory 130 (eg, volatile memory 132 ). ) to process the request.
  • the fuse 240 may transmit a request to the media provider 220 in the case of a file creation, open, and/or close request.
  • the fuse 240 may access a designated area of the memory 130 (eg, the volatile memory 132 ) to process the request.
  • the fuse 240 reads the file by accessing a designated area (eg, the volatile memory 132) of the memory 130 based on information obtained from the file system 250 when the file is opened; and/or process write requests.
  • the information obtained from the file system 250 may include location and/or access information where the file is stored.
  • the fuse 240 may identify the requested file's access right, sensitive information, scope, or a combination thereof. In an embodiment, the fuse 240 may identify the access right of the application 146 to the requested file. In an embodiment, the fuse 240 may identify whether the requested file includes sensitive information. In an embodiment, the fuse 240 may identify a range of an area in which sensitive information of the requested file is recorded on the memory 130 . In an embodiment, the sensitive information may include information based on an exchangeable image file format (EXIF). In an embodiment, the sensitive information may include a photographing location, a photographing time, a face tag, or a combination thereof.
  • EXIF exchangeable image file format
  • the fuse 240 may modify sensitive information of the requested file based on identifying the access right, sensitive information, scope, or a combination thereof of the requested file. In an embodiment, the fuse 240 may modify sensitive information of the requested file through the redaction filter 245 .
  • the redaction filter 245 may modify the sensitive information of the requested file by changing the sensitive information to designated data (eg, 0 bit). In an embodiment, the redaction filter 245 may modify the sensitive information of the requested file by encrypting the sensitive information. In an embodiment, the redaction filter 245 may modify the sensitive information of the requested file by replacing the sensitive information with virtual information.
  • the fuse 240 may provide a file in which sensitive information is modified to the application 146 .
  • the media provider 220 may perform an operation on a file through the file system 250 based on a request from the fuse 240 . In one embodiment, the media provider 220 may generate a system call to request an operation on the file via the file system 250 based on a request from the fuse 240 . In an embodiment, the media provider 220 may perform an operation on the file through the file system 250 based on a request to create, open, and/or close the file from the fuse 240 .
  • the media provider 220 may process a file creation, open, and/or close request through the file system 250 .
  • the media provider 220 may request the file system 250 to create, open, and/or close a file through a system call based on an input/output control function (eg, ioctl).
  • an input/output control function eg, ioctl
  • the file system 250 may serve to organize files or data used in the application 146 .
  • the file system 250 may include a metadata block for identifying and managing data and a file data block for storing file data.
  • the file system 250 includes a File Allocation Table (FAT), FAT32, NT File System (NTFS), Hierarchical File System (HFS), Journaled File System2 (JSF2), On-Disk Structure-ODS-5 (ODS). 5), UFS (Unix File System), ext2, ext3, ext4, or a file system of a combination thereof.
  • the storage 260 may be managed through a different file system 250 for each partition.
  • the storage 260 may correspond to the non-volatile memory 134 of the memory 130 .
  • the file system 250 may allocate an area for storing a file in the storage 260 based on a file creation request.
  • file system 250 may store files in file data blocks of file system 250 .
  • the file system 250 may store meta information of a file in a meta data block and/or a file data block.
  • the meta information may include owner information of the file (eg, identification information of the application 146 ), access rights, a range of sensitive information, or a combination thereof.
  • the file system 250 may check a location where the file is stored in the storage 260 based on the file open request. In an embodiment, the file system 250 may identify information (eg, a file descriptor) that can access the file based on the file open request. In an embodiment, the file system 250 may provide the location and/or access information where the file is stored to the media provider 220 . In an embodiment, the file system 250 may provide the location and/or access information where the file is stored to the fuse 240 . In an embodiment, the file system 250 may store the location and/or access information where the file is stored in the reference link of the fuse 240 .
  • information eg, a file descriptor
  • the file system 250 may read meta information of a file based on a request to open the file. In an embodiment, the file system 250 may identify the owner of the file based on meta information of the read file.
  • the file system 250 transfers the meta information of the file stored in the meta data block and/or the file data block of the storage 260 to a designated area (eg: It can be loaded into the volatile memory 132 .
  • the file system 250 may determine a file flag (eg, read only, write only, read write) based on a file open request.
  • a file flag eg, read only, write only, read write
  • 3A is a diagram illustrating a processing sequence of a file creation operation between components of the electronic device 101 according to an embodiment of the present disclosure.
  • 3B is a diagram illustrating a processing sequence of a file creation operation between the media provider 220 , the file system 250 , and the storage 260 according to an embodiment of the present disclosure. 3A and 3B may be described with reference to configurations of the electronic device 101 of FIG. 1 .
  • the application 146 may request the fuse 240 to create a file.
  • the application 146 may request the fuse 240 to create a file through a system call.
  • the file creation request may include identification information (eg, ID (identification)) of the application 146 .
  • the fuse 240 may request the media provider 220 to create a file. In an embodiment, the fuse 240 may fetch a file creation request to the media provider 220 .
  • the media provider 220 may request the file system 250 to create a file.
  • the media provider 220 may request the file system 250 to create a file through a system call.
  • the media provider 220 may provide the file system 250 with a file creation request including identification information of the application 146 , access rights of the file, sensitive information, scope, or a combination thereof. have.
  • the media provider 220 may lock the file while creating the file.
  • the file system 250 may create the file 340 .
  • the file system 250 may store the file 340 in an area of the storage 260 managed by the file system 250 .
  • file system 250 may store file 340 in a file data block of storage 260 .
  • the file system 250 may store meta information of the file 340 .
  • the file system 250 may store the meta information of the file 340 in a meta data block and/or a file data block of the file system 250 .
  • the meta information may include owner information of the file (eg, identification information of the application 146 ), access rights, a range of sensitive information, or a combination thereof.
  • the file system 250 includes the owner information, the access right of the file 340 , and/or the scope of the sensitive information 343 and 345 as an extended attribute of the metadata block of the storage 260 . may be stored in area 349 and/or file data blocks. In one embodiment, the file system 250 stores owner information, access rights of the file 340, and/or sensitive information in the last file data block 347 of the file data blocks 341 in which the file 340 is stored. A range of (343, 345) can be stored.
  • the file system 250 may provide a file creation result (eg, a file descriptor) to the media provider 220 .
  • a file creation result eg, a file descriptor
  • the media provider 220 may unlock the file 340 .
  • the media provider 220 may provide the fuse 240 with the file creation result.
  • the fuse 240 may provide the application 146 with a file creation result.
  • FIG. 4 is a diagram illustrating a processing sequence of a file open operation between components of the electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 4 may be described with reference to configurations of the electronic device 101 of FIG. 1 .
  • the application 146 may request the fuse 240 to open a file.
  • the application 146 may request the fuse 240 to open the file through a system call.
  • the file open request may include identification information (eg, a file path) of the file 340 .
  • the fuse 240 may request the media provider 220 to open the file 340 .
  • the fuse 240 may fetch a file open request to the media provider 220 .
  • the fuse 240 may transmit a file open request including the reference link 445 to the media provider 220 .
  • the media provider 220 may request the file system 250 to open the file 340 .
  • the media provider 220 may request the file system 250 to open the file 340 through a system call.
  • the media provider 220 sends a file open request including a file path of the file 340 and/or a flag (eg, read only, write only, or read write) to the file system 250 .
  • a flag eg, read only, write only, or read write
  • the file system 250 may identify a location where the file 340 is stored and/or access information based on an open request for the file 340 . In one embodiment, the file system 250 may store the location and/or access information where the file 340 is stored in the reference link 445 of the fuse 240 .
  • the file system 250 may determine a flag (eg, read only, write only, read write) of the file 340 based on the open request of the file 340 .
  • a flag eg, read only, write only, read write
  • the file system 250 may read meta information of the file 340 based on an open request of the file 340 . In an embodiment, the file system 250 may identify an owner of the file 340 and/or an access right of the file 340 based on the meta information of the file 340 .
  • the file system 250 stores the meta data block and/or meta information of the file stored in the file data block in the storage 260 in a designated area (eg, in the memory 130 ) based on the file open request. It can be loaded into the volatile memory 132 .
  • the file system 250 stores the metadata block and/or the metadata of the file stored in the file data block from the storage 260 . It may be loaded into a designated area of the memory 130 (eg, the volatile memory 132 ).
  • the file system 250 when the application 146 does not have access to the sensitive information of the file 340 , stores the metadata block and/or the metadata of the file stored in the file data block in memory.
  • the file system 250 may load the access right of the file 340 , the range of sensitive information, or a combination thereof into a designated area of the memory 130 (eg, the volatile memory 132 ). .
  • the file system 250 may provide an open result (eg, a file descriptor) of the file 340 to the media provider 220 .
  • an open result eg, a file descriptor
  • the media provider 220 may provide the fuse 240 with an open result of the file 340 .
  • the fuse 240 may provide an open result of the file 340 to the application 146 .
  • FIG. 5 is a diagram illustrating a processing sequence of a file read operation between components of the electronic device 101 according to an embodiment of the present disclosure.
  • FIG. 5 may be described with reference to configurations of the electronic device 101 of FIG. 1 .
  • the application 146 may request the fuse 240 to read the file.
  • the application 146 may request the fuse 240 to read the file through a system call.
  • the file open request may include information about a file descriptor of the file 340 , a read range, or a combination thereof.
  • the fuse 240 may identify whether sensitive information exists in the file 340 . In an embodiment, the fuse 240 may identify whether sensitive information exists in the file 340 based on meta information (eg, a range of sensitive information) of the file 340 . In an embodiment, the fuse 240 may identify whether sensitive information exists in the read range of the file 340 .
  • meta information eg, a range of sensitive information
  • the fuse 240 may identify whether the application 146 has an access right to the sensitive information of the file 340 . In an embodiment, the fuse 240 identifies whether or not the application 146 has an access right to the sensitive information of the file 340 based on the meta information (eg, access right of sensitive information) of the file 340 . can
  • the fuse 240 sets the reference link 445.
  • the file 340 may be read through.
  • the fuse 240 may provide the read file 340 to the application 146 .
  • the fuse 240 establishes the reference link 445 . Through this, the sensitive information of the file 340 may be corrected, and the file 340 in which the sensitive information has been modified may be read.
  • the redaction filter 245 may modify the sensitive information of the file 340 by changing the sensitive information to designated data (eg, 0 bits). In an embodiment, the redaction filter 245 may modify the sensitive information of the file 340 by encrypting the sensitive information. In an embodiment, the redaction filter 245 may modify the sensitive information of the file 340 by replacing the sensitive information with virtual information. In this case, in operation 570 , the fuse 240 may provide the file 340 in which the sensitive information is modified to the application 146 .
  • FIG. 6 is a flowchart illustrating a file creation operation of the electronic device 101 according to an embodiment of the present disclosure.
  • the processor 120 of the electronic device 101 may generate a file 340 .
  • the processor 120 may create the file 340 through the file system 250 .
  • the file may include a photo, a video, or a combination thereof.
  • the processor 120 may store owner information of the file 340 .
  • the processor 120 may store identification information of the application 146 requesting creation of the file 340 as owner information of the file 340 .
  • the processor 120 may store owner information of the file 340 through the file system 250 . In an embodiment, the processor 120 may store owner information of the file 340 in a metadata block of the file system 250 . In an embodiment, the processor 120 may store owner information of the file 340 in the extended attribute area 349 of the file system 250 .
  • the processor 120 may identify whether sensitive information exists in the file 340 .
  • the processor 120 may identify whether sensitive information exists in the file 340 based on tag information (eg, EXIF-based tag information) of the file 340 .
  • the sensitive information may include a photographing location, a photographing time, a face tag, or a combination thereof.
  • the processor 120 may perform operation 640 . In an embodiment, in operation 630 , if sensitive information does not exist in the file 340 , the processor 120 may end the operation according to FIG. 6 .
  • the processor 120 may store information about the access right of the file 340 . In an embodiment, the processor 120 may store information about the access right to the sensitive information of the file 340 .
  • the processor 120 may store information about the access right of the file 340 in the extended attribute area 349 . In an embodiment, the processor 120 may store information about the access right of the file 340 in the last file data block 347 among the file data blocks 341 in which the file 340 is stored. In an embodiment, when the space of the extended attribute area 349 is insufficient, the processor 120 stores the file 340 in the last file data block 347 among the file data blocks 341 in which the file 340 is stored. Information about access rights can be stored. In an embodiment, when the space of the extended attribute area 349 allocated to the file 340 is insufficient, the processor 120 performs the last file data block 347 among the file data blocks 341 in which the file 340 is stored. ) may store information about the access right of the file 340 .
  • the processor 120 may store information on the range of sensitive information of the file 340 . In an embodiment, the processor 120 may store information about the access right to the sensitive information of the file 340 .
  • the processor 120 may store information on the range of the sensitive information 343 and 345 of the file 340 in the extended attribute area 349 .
  • the processor 120 includes information on the range of the sensitive information 343 and 345 of the file 340 in the last file data block 347 among the file data blocks 341 in which the file 340 is stored. can be saved.
  • the processor 120 stores the file 340 in the last file data block 347 among the file data blocks 341 in which the file 340 is stored. Information on the range of the sensitive information 343 and 345 may be stored.
  • the processor 120 when the space of the extended attribute area 349 allocated to the file 340 is insufficient, the processor 120 performs the last file data block 347 among the file data blocks 341 in which the file 340 is stored. ) in the file 340 may store information on the range of sensitive information 343 and 345 .
  • FIG. 7 is a flowchart illustrating a file open operation of the electronic device 101 according to an embodiment of the present disclosure.
  • the processor 120 of the electronic device 101 may open a file 340 .
  • the processor 120 may open the file 340 through the file system 250 .
  • the processor 120 may store the location and/or access information where the file 340 is stored in the reference link 445 of the fuse 240 .
  • the processor 120 may check owner information and access rights of the file 340 .
  • the processor 120 may check owner information and access rights of the file 340 based on the meta information of the file 340 .
  • the meta information of the file 340 may be stored in the extended attribute area 349 and/or the last file data block 347 of the file 340 .
  • the processor 120 may identify whether an access right exists in the application 146 requesting the file open. In an embodiment, the processor 120 may identify whether an access right to the file 340 exists in the application 146 requesting the file open based on the owner information and the access right.
  • the processor 120 may perform operation 740 . In an embodiment, in operation 730 , if the access right to the file 340 exists, the processor 120 may end the operation according to FIG. 7 .
  • the processor 120 may load the sensitive information range and access right information of the file 340 .
  • the processor 120 may load the scope and access right information of the sensitive information of the file 340 stored in the extended attribute area 349 and/or the last file data block 347 of the file 340 . have.
  • FIG. 8 is a flowchart illustrating a file read operation of the electronic device 101 according to an embodiment of the present disclosure.
  • the processor 120 of the electronic device 101 may read the file 340 .
  • the processor 120 may read the file 340 through the fuse 240 .
  • the processor 120 may read the file 340 based on the reference link 445 of the fuse 240 .
  • the processor 120 may identify whether sensitive information exists in the file 340 . In an embodiment, the processor 120 may identify whether sensitive information exists in the file 340 based on meta information (eg, a range of sensitive information) of the file 340 through the fuse 240 . In an embodiment, the processor 120 may identify whether sensitive information exists in the file 340 based on meta information (eg, a range of sensitive information) of the loaded file 340 .
  • meta information eg, a range of sensitive information
  • the processor 120 may perform operation 830 . In an embodiment, if sensitive information does not exist in operation 820 , the processor 120 may end the operation according to FIG. 8 .
  • the processor 120 may identify whether the access right of the application 146 requesting the file read exists. In an embodiment, the processor 120 may identify whether the access right of the application 146 exists based on the meta information (eg, the access right of sensitive information) of the file 340 through the fuse 240 . In an embodiment, the processor 120 may identify whether the access right of the application 146 exists based on meta information (eg, access right of sensitive information) of the loaded file 340 .
  • the processor 120 may perform operation 840 . In an embodiment, in operation 830 , if the access right of the application 146 exists, the processor 120 may end the operation according to FIG. 8 .
  • the processor 120 may process sensitive information of the file 340 .
  • the processor 120 may process sensitive information of the file 340 through the fuse 240 .
  • the processor 120 may process sensitive information of the file 340 through the redaction filter 245 of the fuse 240 .
  • the processor 120 may process the sensitive information of the file 340 by changing the sensitive information to designated data (eg, 0 bits) through the redaction filter 245 . In an embodiment, the processor 120 may process the sensitive information of the file 340 by encrypting the sensitive information through the redaction filter 245 . In an embodiment, the processor 120 may process the sensitive information of the file 340 by replacing the sensitive information with virtual information through the redaction filter 245 .
  • the electronic device 101 includes a processor 120 and a storage 260 connected to the processor 120 and storing instructions, wherein the instructions include the processor 120 .
  • the processor 120 in response to a file creation request from the application 146 , the processor 120 generates a file to the media provider 220 via a first file system (eg, fuse 240 ).
  • request request creation of the file from a second file system (eg, file system 250) through the media provider 220, and access the second file system (eg, file system 250)
  • It may be configured to create a file through the file and store setting information indicating the access right of the file and the range of sensitive information in a designated area of the file and/or the metadata block of the storage 260 .
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 responds to a file open request from the application 146 : the first file system (eg, fuse ( 240)) to request the media provider 220 to open the file, and to open the file through the second file system (eg, file system 250) through the media provider 220. and to provide the location of the file and the location of the setting information to the first file system (eg, the fuse 240 ) through the second file system (eg, the file system 250 ).
  • the first file system eg, fuse ( 240)
  • the second file system eg, file system 250
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 responds to a file read request from the application 146 : the first file system (eg, fuse ( 240)) to identify the setting information based on the location of the setting information, and to the file of the application 146 based on the setting information through the first file system (eg, fuse 240). identify an access right to the file system, process the sensitive information among areas of the file based on the identified access right through the first file system (eg, fuse 240), and process the sensitive information in the first file system (eg, fuse 240) : It may be configured to read the file in which the sensitive information is processed through the fuse 240 .
  • the first file system eg, fuse ( 240)
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 may be configured to process the sensitive information by changing the sensitive information into designated data.
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 is configured to process the sensitive information by encrypting the sensitive information.
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 may be configured to process the sensitive information by replacing the sensitive information with virtual information.
  • the designated area of the file may be a last file data block among file data blocks in which the file is stored.
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 transmits the setting information to the metadata block through the second file system (eg, the file system 250 ). and store the setting information in the last file data block when the space of the extended attribute area is insufficient through the second file system (eg, the file system 250). .
  • a first file system Example: the operation of the fuse 240
  • the second file system Example: an operation of requesting creation of the file from the file system 250 , an operation of the second file system (eg, file system 250 ) creating the file, and an operation of the second file system (eg, file)
  • the system 250 stores the setting information indicating the access right of the file and the range of sensitive information in the designated area of the file and/or the metadata block of the storage 260 of the electronic device 101 may include
  • the first file system eg, fuse 240
  • the operation of requesting the media provider 220 to open the file, the operation of the media provider 220 opening the file through the file system, and the second file system may include an operation of providing the location of the file and the location of the setting information to the first file system (eg, the fuse 240).
  • the first file system (eg, the fuse 240)
  • An operation of identifying the setting information based on the location of the setting information the first file system (eg, fuse 240 ) grants access to the file of the application 146 based on the setting information
  • An operation of identifying, an operation of the first file system (eg, fuse 240) processing the sensitive information among regions of the file based on the identified access right, and an operation of the first file system (eg, fuse 240) (240) may include an operation of reading the file in which the sensitive information is processed.
  • the processing of the sensitive information may include processing the sensitive information by changing the sensitive information into designated data by the first file system (eg, fuse 240 ). .
  • the processing of the sensitive information may include processing the sensitive information by encrypting the sensitive information.
  • the operation of processing the sensitive information may include processing the sensitive information by replacing the sensitive information with virtual information.
  • the designated area of the file may be a last file data block among file data blocks in which the file is stored.
  • the second file system (eg, the file system 250 ) stores the setting information in an extended attribute area of the metadata block. and, when the second file system (eg, the file system 250 ) runs out of space in the extended attribute area, storing the setting information in the last file data block.
  • the non-transitory computer-readable recording medium includes, when executed by the processor 120 , the processor 120 in response to a file creation request from the application 146: a first file
  • the system eg, the fuse 240
  • the second file system eg, the file system 250
  • request creation of a file create a file through the second file system (eg, file system 250), and send setting information indicating the access right of the file and the range of sensitive information to a designated area of the file and /
  • it may include instructions to be stored in the meta data block of the storage 260 .
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 responds to a file open request from the application 146 : the first file system (eg, fuse ( 240)) to request the media provider 220 to open the file, and to open the file through the second file system (eg, file system 250) through the media provider 220. and to provide the location of the file and the location of the setting information to the first file system (eg, the fuse 240 ) through the second file system (eg, the file system 250 ).
  • the first file system eg, fuse ( 240)
  • the second file system eg, file system 250
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 responds to a file read request from the application 146 : the first file system (eg, fuse ( 240)) to identify the setting information based on the location of the setting information, and to the file of the application 146 based on the setting information through the first file system (eg, fuse 240). identify an access right to the file system, process the sensitive information among areas of the file based on the identified access right through the first file system (eg, fuse 240), and process the sensitive information in the first file system (eg, fuse 240) : It may be configured to read the file in which the sensitive information is processed through the fuse 240 .
  • the first file system eg, fuse ( 240)
  • the processor 120 when the instructions are executed by the processor 120 , the processor 120 may be configured to process the sensitive information by changing the sensitive information into designated data.
  • the storage device includes a non-volatile memory area (eg, non-volatile memory 134 ), and stores setting information indicating access rights of a file and a range of sensitive information in a designated area of the file. and/or stored in a meta data block of the non-volatile memory area (eg, the non-volatile memory 134 ).
  • a non-volatile memory area eg, non-volatile memory 134
  • the electronic device may be a device of various types.
  • the electronic device may include, for example, a portable communication device (eg, a smart phone), a computer device, a portable multimedia device, a portable medical device, a camera, a wearable device, or a home appliance device.
  • a portable communication device eg, a smart phone
  • a computer device e.g., a laptop, a desktop, a tablet, or a portable multimedia device
  • portable medical device e.g., a portable medical device
  • camera e.g., a camera
  • a wearable device e.g., a smart watch
  • a home appliance device e.g., a smart bracelet
  • first, second, or first or second may simply be used to distinguish an element from other elements in question, and may refer elements to other aspects (e.g., importance or order) is not limited. It is said that one (eg, first) component is “coupled” or “connected” to another (eg, second) component, with or without the terms “functionally” or “communicatively”. When referenced, it means that one component can be connected to the other component directly (eg by wire), wirelessly, or through a third component.
  • module used in various embodiments of the present document may include a unit implemented in hardware, software, or firmware, for example, and interchangeably with terms such as logic, logic block, component, or circuit.
  • a module may be an integrally formed part or a minimum unit or a part of the part that performs one or more functions.
  • the module may be implemented in the form of an application-specific integrated circuit (ASIC).
  • ASIC application-specific integrated circuit
  • one or more instructions stored in a storage medium may be implemented as software (eg, the program 140) including
  • the processor eg, the processor 120
  • the device eg, the electronic device 101
  • the one or more instructions may include code generated by a compiler or code executable by an interpreter.
  • the device-readable storage medium may be provided in the form of a non-transitory storage medium.
  • 'non-transitory' only means that the storage medium is a tangible device and does not contain a signal (eg, electromagnetic wave), and this term is used in cases where data is semi-permanently stored in the storage medium and It does not distinguish between temporary storage cases.
  • a signal eg, electromagnetic wave
  • the method according to various embodiments disclosed in this document may be provided by being included in a computer program product.
  • Computer program products may be traded between sellers and buyers as commodities.
  • the computer program product is distributed in the form of a device-readable storage medium (eg compact disc read only memory (CD-ROM)), or via an application store (eg Play StoreTM) or on two user devices ( It can be distributed (eg downloaded or uploaded) directly, online between smartphones (eg: smartphones).
  • a portion of the computer program product may be temporarily stored or temporarily created in a machine-readable storage medium such as a memory of a server of a manufacturer, a server of an application store, or a relay server.
  • each component (eg, module or program) of the above-described components may include a singular or a plurality of entities, and some of the plurality of entities may be separately disposed in other components.
  • one or more components or operations among the above-described corresponding components may be omitted, or one or more other components or operations may be added.
  • a plurality of components eg, a module or a program
  • the integrated component may perform one or more functions of each component of the plurality of components identically or similarly to those performed by the corresponding component among the plurality of components prior to the integration. .
  • operations performed by a module, program, or other component are executed sequentially, in parallel, repeatedly, or heuristically, or one or more of the operations are executed in a different order, omitted, or , or one or more other operations may be added.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Human Computer Interaction (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Automation & Control Theory (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Est divulgué un dispositif électronique, comprenant un processeur et une mémoire connectée au processeur et stockant des instructions, les instructions étant configurées pour, lorsqu'elles sont exécutées par le processeur, amener le processeur à, en réponse à une demande de génération de fichier provenant d'une application : demander à un fournisseur de contenu multimédia de générer un fichier par le biais d'un système Fuse, demander à un système de fichiers de générer le fichier par le biais du fournisseur de contenu multimédia, générer le fichier par le biais du système de fichiers, et stocker des informations de configuration indiquant la portée d'informations sensibles et l'autorité d'accès du fichier dans un bloc de métadonnées et/ou une zone désignée du fichier. Divers autres modes de réalisation compréhensibles d'après la description sont également possibles.
PCT/KR2022/002139 2021-03-10 2022-02-14 Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement WO2022191455A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2021-0031209 2021-03-10
KR1020210031209A KR20220126903A (ko) 2021-03-10 2021-03-10 파일 리댁션을 수행하는 전자 장치 및 이의 동작 방법

Publications (1)

Publication Number Publication Date
WO2022191455A1 true WO2022191455A1 (fr) 2022-09-15

Family

ID=83227975

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2022/002139 WO2022191455A1 (fr) 2021-03-10 2022-02-14 Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement

Country Status (2)

Country Link
KR (1) KR20220126903A (fr)
WO (1) WO2022191455A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130304778A1 (en) * 2011-01-21 2013-11-14 Thomson Licensing Method for backward-compatible aggregate file system operation performance improvement, and respective apparatus
US20160283495A1 (en) * 1998-07-31 2016-09-29 Kom Networks Inc. Method and system for providing restricted access to a storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160283495A1 (en) * 1998-07-31 2016-09-29 Kom Networks Inc. Method and system for providing restricted access to a storage medium
US20130304778A1 (en) * 2011-01-21 2013-11-14 Thomson Licensing Method for backward-compatible aggregate file system operation performance improvement, and respective apparatus

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
SSUP2: "Linux Fuse (Filesystem in Userspace) | Ssup2 Blog", SSUP2 BLOG, KOREA, 24 August 2017 (2017-08-24), Korea, pages 1 - 3, XP055966223, Retrieved from the Internet <URL:https://ssup2.github.io/theory_analysis/Linux_FUSE/> [retrieved on 20220929] *
VANGOOR BHARATH KUMAR REDDY VANGOOR.BHARATH@GMAIL.COM; AGARWAL PRAFFUL PRAAGARWAL@CS.STONYBROOK.EDU; MATHEW MANU MANMATHEW@CS.STON: "Performance and Resource Utilization of FUSE User-Space File Systems", ACM TRANSACTIONS ON STORAGE, ASSOCIATION FOR COMPUTING MACHINERY, NEW YORK, NY, US, vol. 15, no. 2, 8 May 2019 (2019-05-08), US , pages 1 - 49, XP058691696, ISSN: 1553-3077, DOI: 10.1145/3310148 *
ZHU YUE, WANG TENG, MOHROR KATHRYN, MOODY ADAM, SATO KENTO, KHAN MUHIB, YU WEIKUAN: "Direct-FUSE : Removing the Middleman for High-Performance FUSE File System Support", PROCEEDINGS OF THE 8TH INTERNATIONAL WORKSHOP ON RUNTIME AND OPERATING SYSTEMS FOR SUPERCOMPUTERS; TEMPE, AZ, UNITED STATES; JUNE 12, 2018 THROUGH JUNE 12, 2018, ACM, NEW YORK, NY, USA, 12 June 2018 (2018-06-12) - 12 June 2018 (2018-06-12), New York, NY, USA, pages 1 - 8, XP055966225, ISBN: 978-1-4503-5864-4, DOI: 10.1145/3217189.3217195 *

Also Published As

Publication number Publication date
KR20220126903A (ko) 2022-09-19

Similar Documents

Publication Publication Date Title
WO2023058860A1 (fr) Dispositif électronique pour le traitement d&#39;un fichier apk à signatures multiples, et son procédé de fonctionnement
WO2022154414A1 (fr) Dispositif électronique et procédé de fonctionnement de stockage de dispositif électronique
WO2022191455A1 (fr) Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement
WO2022030890A1 (fr) Procédé de capture d&#39;image à fenêtres multiples et dispositif électronique associé
WO2022191454A1 (fr) Dispositif électronique pour effectuer une vérification de somme de contrôle d&#39;exécution sur des images de dispositif de bloc, et son procédé de fonctionnement
WO2022065704A1 (fr) Procédé et dispositif de gestion d&#39;édition de contenu non destructrice
WO2023149770A1 (fr) Procédé et dispositif d&#39;édition d&#39;image dans un dispositif électronique
WO2022154262A1 (fr) Procédé et dispositif de mise à jour d&#39;une base de données sur la base d&#39;un espace réservé
WO2024101878A1 (fr) Procédé de récupération de métadonnées endommagées, et dispositif électronique le prenant en charge
WO2022154383A1 (fr) Dispositif électronique et procédé de chargement de module de noyau du dispositif électronique
WO2022163907A1 (fr) Dispositif électronique et son procédé de commande
WO2022240031A1 (fr) Dispositif électronique et procédé de gestion de fichier de dispositif électronique
WO2022080652A1 (fr) Dispositif électronique de gestion de fichier journal et son procédé de fonctionnement
WO2022154163A1 (fr) Dispositif électronique et procédé de gestion de la mémoire d&#39;un dispositif électronique
WO2022154273A1 (fr) Dispositif électronique de prise en charge de sauvegarde de données, et son procédé de fonctionnement
WO2023101294A1 (fr) Dispositif électronique pour gérer un espace de stockage, et procédé pour faire fonctionner un dispositif électronique
WO2022181949A1 (fr) Dispositif électronique pour fournir un environnement de ra/rv et son procédé de fonctionnement
WO2023013886A1 (fr) Dispositif électronique utilisant une autorité de séparation et son procédé de fonctionnement
WO2023146173A1 (fr) Procédé de fourniture d&#39;écran et dispositif électronique le prenant en charge
WO2021177640A1 (fr) Procédé de commande d&#39;application de dispositif électronique externe, et dispositif électronique prenant en charge ce dernier
WO2024071927A1 (fr) Dispositif électronique et procédé de protection de données l&#39;utilisant
WO2024029717A1 (fr) Dispositif et procédé de gestion de processus
WO2024112034A1 (fr) Dispositif électronique et procédé d&#39;exploitation de système de fichiers d&#39;un dispositif électronique
WO2023085589A1 (fr) Procédé de conservation de données dans une situation d&#39;initialisation d&#39;un dispositif électronique et dispositif électronique associé
WO2022114648A1 (fr) Dispositif électronique de paramétrage d&#39;un écran d&#39;arrière-plan et procédé de fonctionnement dudit dispositif

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22767351

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22767351

Country of ref document: EP

Kind code of ref document: A1