File access control method

A technology of file access and control methods, which is applied in the directions of instruments, digital data authentication, electronic digital data processing, etc., to achieve the effect of reducing the attack range, improving security, and protecting security

Inactive Publication Date: 2008-02-27
何鸿君
View PDF0 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the technical problem of automatically granting too large file access rights to programs in existing file access control methods, the present invention provides a new file access control method, so that programs only have the minimum file access rights required to complete tasks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File access control method
  • File access control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] A specific implementation of the present invention on the Micorosoft Windows XP operating system is described below.

[0020] Fig. 1 is the overall structural diagram of the implementation method of the present invention, comprises 4 main modules, has provided the relation between them in the figure. The file access monitoring module is the core of implementing file access control. The desktop module, file management module, and authorization dialog box are all trusted window programs, that is, the actions of user input devices such as mouse, keyboard, and stylus that they process must be generated by the user, and their communication with the file access monitoring module is safe and reliable. of. Unless otherwise specified, directories are treated as files.

[0021] Use (p, f, m) to indicate that the user authorizes the program p to access the file f in mode m, I indicates the dynamic authorization set, and I s Represents a static authorization collection. Dynamic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a kind of method of file access control, including: A. program p sends the request to access the file f with the mode m, and the file access control module examines the access authority of the program p, if it belongs to static authorized collection or dynamic authorized collection, allowing the program p to access the file f, otherwise, go to step B; B. enquiring whether to authorize the program p to access the file f with the mode m, if the user agrees to authorize, allowing the program p to access the file f, otherwise, go to step C; C. refusing the request that program p access the file f with the mode m. With the method the invention provides, any program can only access the files that the user authorizes it to access, which reduces the range that the hostile programs can attack, and improves the security of the file system. At the same time, any access that is not authorized is not allowed, so the hostile programs will be captured on the spot when trying to access other files, which is good for adopting measures to clean out the hostile programs in time to protect the security of the file system.

Description

technical field [0001] The invention relates to a method for controlling the file access behavior of a program. Background technique [0002] At present, the methods for controlling the file access behavior of programs mainly include voluntary access control methods, mandatory access control methods and role-based access control methods. These three methods all control the file access behavior of the program, so that the access rights of the program are consistent with those of the user running the program. [0003] Obviously, the collection of files that need to be accessed during the execution of most programs is far smaller than the collection of files that users can access. Therefore, if the access rights granted by the system to the program are equal to the access rights of the logged-in user or user role, it violates the principle of least privilege for the program, that is, the rights granted to the program by the system are not the minimum access rights required by ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F21/44
Inventor 何鸿君罗莉曹四化宁京宜李朋潘莉邹之霁冯涛
Owner 何鸿君
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap