Unlock instant, AI-driven research and patent intelligence for your innovation.

A Mimic Anti-tampering Method for Centralized File Service System

A technology of file service and file server, which is applied in the mimetic anti-tampering field of the centralized file service system, which can solve problems such as system hijacking, and achieve the effects of improved anti-tampering ability, easy rollback, and simple arbitration method

Inactive Publication Date: 2018-03-27
THE PLA INFORMATION ENG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] There are many measures to strengthen the security of the file service system, such as strengthening the customer identity authentication mechanism, strengthening the access control mechanism, adding a firewall and intrusion detection mechanism, adding an encryption and decryption mechanism, etc., but the loopholes and trapdoors in the file service system should be recognized There is always, no matter how enhanced, the possibility of the system still being hijacked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Mimic Anti-tampering Method for Centralized File Service System
  • A Mimic Anti-tampering Method for Centralized File Service System
  • A Mimic Anti-tampering Method for Centralized File Service System

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] Example 1: Combining Figure 1-Figure 4 , a mimetic anti-tampering method of a centralized file service system, the hardware includes a client, a file server, a block device manager, a file operation transceiver, and an arbitrator, respectively running in different computers, and the computers are independent computers The system may be a virtual machine, and the steps for mimic tampering are as follows:

[0028] Step 1: Introduce multiple variants of the same file server software, let different file servers run different software variants, and change the single file server in the file service system into multiple file servers. File server software variants are different implementations of the same file server software, different implementation versions for different processors and different operating systems; the normal behavior of all file server software variants should be the same; the number of file server variants should be Not less than 3, in order to arbitrate ...

Embodiment 2

[0033] Example 2, combined with Figure 1-Figure 4 In the mimetic anti-tampering method of the centralized file service system, the client FSClient, the file server FS Server, the block device manager, the file operation transceiver and the arbitrator are respectively run in different computers. The computer mentioned here may be an independent computer system or a virtual machine.

[0034] In the mimetic anti-tampering method, the block device manager is responsible for managing and driving storage devices in the system, such as disks and disk arrays. The block device manager abstracts the block devices in the system into an array of logical blocks, and provides a unified block operation interface to the file server.

[0035] In the mimetic anti-tampering method, RDisk is a physical block device actually configured in the system, which may be a disk partition, an independent disk, or a disk array. The RDisk has been formatted and a physical file system such as EXT, XFS, NTF...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of computer science and technology. It specifically relates to a mimetic tamper-proof method for a centralized file service system, which is aimed at small and medium-sized file service systems, and its core is a single file server or a file server cluster. The present invention replaces a single file server with multiple file server variants and introduces an arbiter therein. The client's file write operation request is submitted to multiple file servers at the same time, and each file server independently processes the file write request and generates multiple independent file copies. The arbitrator decides on each copy of the file, deletes the copy with less security, and keeps the copy with the highest security. The invention can discover the abnormal behavior of a single file server, correct the tampering of files by the abnormal server, improve the randomness and dynamics of the file service system, reduce the data loss after being hijacked, and improve the overall security of the centralized file service system .

Description

technical field [0001] The invention belongs to the field of computer science and technical information security, and in particular relates to a mimetic tamper-proof method of a centralized file service system. Background technique [0002] File service is one of the most common network services, and small and medium-sized file service systems are widely used. A small file service system usually consists of a single file server and multiple clients, and a file server cluster may be configured in a medium file service system. Small and medium-sized file service systems usually adopt a centralized file management method, and the files in the system are managed uniformly by the file server. The client directly submits an operation request to the file server, and the file server processes the client's request and feeds back the result to the client. [0003] The centralized file service system has a simple structure and is easy to manage, but there are security risks. If the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F17/30G06F21/55
Inventor 郭玉东邬江兴戚旭衍何红旗董卫宇王立新林键
Owner THE PLA INFORMATION ENG UNIV