Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Multi-stage domain protection method and system based on information security level identifiers

A multi-level domain and identification technology, applied in the field of computer security, can solve the problems of inability to implement accountability, information monitoring, interception, and inability to conduct audits, and achieve the effect of achieving access and solving information leakage threats.

Active Publication Date: 2013-03-27
FUCHUN COMM
View PDF4 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Disadvantage 1: The invention is only applied to computer data security protection, and cannot realize fine-grained control, and does not realize hierarchical protection of information at different levels of confidentiality, resulting in users with electronic keys being able to access various levels of confidential information
[0005] Disadvantage 2: There is no monitoring and interception of information in the process of information circulation in multi-level security domains, and there is no real-time monitoring and alarm device to prevent information leakage
[0006] Disadvantage 3: There is no audit of user behavior, and for information leakage accidents, it will not be possible to audit, so that the accountability system cannot be realized

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-stage domain protection method and system based on information security level identifiers
  • Multi-stage domain protection method and system based on information security level identifiers
  • Multi-stage domain protection method and system based on information security level identifiers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0041] The ciphertext is created by the authenticated user above, see figure 2 , in one embodiment may specifically include the steps:

[0042] A1), through page redirection (a common mandatory authentication method), the user is forced to implement handshake authentication through the SSL security mechanism, establish a communication security channel, and connect to the server;

[0043]A2), the client application (the application software used by the user to open confidential information, such as word) calls the operating system to read and write information functions (such as the CreateFile function, which is the function to be called when reading and writing information in the windows framework) Send an IRP_MJ_WRITE write request to the I / 0 manager;

[0044] A3), the I / 0 manager extracts the process name, storage path, start address, data length, data to be stored, etc. to construct an I / 0 request packet (IRP) corresponding to the write request, and sends the IRP to the f...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a multi-stage domain protection method and a multi-stage domain protection system based on information security level identifiers. Dynamic encryption / decryption of confidential documents is realized on the basis of security level identifiers including a creator identifier, a document identifier and a domain security level identifier, so that fine-grained access of validated users is realized, and the problem of information disclosure threat existing in a series of processes including generation, access, circulation and destruction of information of different security levels is solved.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a multi-level domain protection method and system based on information confidentiality level identification. Background technique [0002] The informatization of society has brought convenience to everyone, but it has also brought many security threats. For security reasons, secret-related networks are usually divided into security domains according to different security levels. According to national requirements, reliable technology must be adopted to strictly prohibit the flow of high-secret level information to low-secret level domains. And the many commercial secrets involved in the enterprise intranet also need to be controlled to the minimum scope of knowledge to prevent information leakage. Security domain management and information flow control based on confidentiality identification are the direction and key to solve this problem. At present, in the field of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/62
Inventor 林文美缪品章翁鲲鹏王美方演
Owner FUCHUN COMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products