Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Kernel level desktop access control method

An access control, kernel-level technology, applied in the field of kernel-level desktop access control, can solve problems such as stay, control invalidation, etc., and achieve high security, strong compatibility, and outstanding performance

Active Publication Date: 2013-04-10
南京中孚信息技术有限公司 +1
View PDF3 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the management and control based on desktop delivery still stays at the application layer of the operating system, and users can still easily crack it in various ways, for example, using the resource manager or shortcuts to directly execute the application software installed in the server but not delivered to the desktop ;For example, many business systems of an enterprise require administrator privileges to run, and users can modify the system as they wish after obtaining this privilege, resulting in ineffective management and control

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Kernel level desktop access control method
  • Kernel level desktop access control method
  • Kernel level desktop access control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be further described in detail below in conjunction with the accompanying drawings and preferred embodiments.

[0050] see Figure 1-Figure 8 , the present invention includes two parts of application control driver and policy application service, and its overall structure is as follows figure 1 shown. The application control driver runs on the Windows kernel layer of the desktop server. When the user opens the application program, it intercepts the creation I / O request of the operating system process and provides the process characteristics and user session characteristics to the policy application service. The desktop application policy configured by the administrator is used to judge; if the user has access rights, the application control driver is notified to continue the I / O operation; if the user does not have access rights, the application control driver is notified of the I / O created by the process The O request is discarded and retur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a kernel level desktop access control method which belongs to the field of information management. The kernel level desktop access control method comprises the following modules of: 1, an application management and control drive in a kernel layer, wherein the application management and control drive is realized on the basis of a Windows filter manager and is in charge of implementing the forced access control on access to a desktop application; and 2, a strategy application service consisting of a drive communication sub module and an access strategy sub module and being positioned in an application layer, wherein the strategy application service obtains a desktop configuration strategy corresponding to a user through communication with a desk virtual service end, and controls the application management and control drive according to the strategy definition to ensure that the application management and control drive takes effect. Under an environment of a desktop delivery framework, the invention provides a method for managing and controlling user behaviors on the basis of an application management and control module of the kernel layer of an operating system, and the method prevents the user from illegally operating an application program being installed in a server but being not delivered to a desktop. The kernel level desktop access control method is realized on the basis of the filter manager of the kernel layer of the operating system, ensures enforceability of access control on the bottom layer of a system, and realizes safety and high efficiency and wide applicability.

Description

technical field [0001] The invention relates to the field of computer information management, in particular to a kernel-level desktop access control method and a solution for managing and controlling terminal users' desktops and application programs based on the desktop delivery environment. Background technique [0002] Today, with the rapid development of informatization, the infrastructure of enterprise IT platforms is also undergoing continuous changes, gradually upgrading from the traditional "distributed PC system" to the "client / server" system. Thin clients and cloud terminals are terminal devices under this system, which are simplified computers without powerful computing resources, local storage, floppy drives, optical drives, etc., which can use powerful server software and hardware resources for local computing. Users can use the terminal to remotely access the desktop environment distributed by the server at the same time for office work. Terminal equipment has ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/50G06F21/44
Inventor 马力任勋益孔强陈丹伟万海山
Owner 南京中孚信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com