Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Document safety access control method and device based on Linux kernel

A security access control and kernel technology, applied in the direction of digital data protection, platform integrity maintenance, etc., can solve the problems of low reliability of security access control, complex interaction process, etc., and achieve the effect of good file security access control

Inactive Publication Date: 2015-08-26
武汉华工安鼎信息技术有限责任公司
View PDF4 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the embodiment of the present invention is to provide a Linux kernel-based document security access control method to solve the problems of low reliability and complicated interaction process of document security access control in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Document safety access control method and device based on Linux kernel
  • Document safety access control method and device based on Linux kernel
  • Document safety access control method and device based on Linux kernel

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Such as figure 1 Shown is a functional module structural diagram of a Linux kernel-based document security access control method provided by the present invention, mainly involving startup scripts, policy loaders, preprocessing modules, security policies; virtual file systems, secure file systems, local files system; and application processes. Its relationship is specifically:

[0034] The startup information of the policy loader and the registration information of the preprocessing module are stored in the startup script, so that when the Linux system starts, the registration of the preprocessing module in the kernel can be completed according to the startup script, and the strategy can be started loader.

[0035] After the policy loader is started, the stored policy will be called and sent to the preprocessing module, so that the preprocessing module can generate a security policy in the kernel.

[0036] The security policy includes directories that need to be moun...

Embodiment 2

[0041] Such as figure 2 Shown is a schematic flow diagram of a Linux kernel-based document security access control method provided by an embodiment of the present invention, wherein the Linux system includes a preprocessing module, and the registration information of the preprocessing module is written into the startup script, which is determined by figure 2 It can be seen that when the Linux system starts, it specifically includes the following steps:

[0042] In step 201, the Linux kernel reads the startup script registration information, registers the preprocessing module with the Linux kernel; reads the startup program information, and starts the strategy loading module; wherein, the preprocessing module runs on the Linux kernel state.

[0043] Wherein, the startup program information of the startup policy loading module is added to the startup script in advance by an operator with administrator authority.

[0044] In step 202, the preprocessing module registers the se...

Embodiment 3

[0059] Such as image 3 As shown, the embodiment of the present invention provides a document security access control device based on the Linux kernel, the device includes a memory 1, an input and output interface 2, a processor 3 and a display device 4, specifically:

[0060] The memory 1 is used to store the program code executed in the processor, including the code of the Linux kernel, the code of the preprocessing loading module, the code of the policy loading module and the code of the security system.

[0061] The processor 3 is configured to run the program code stored in the memory, and complete the method according to any one of claims 1-9.

[0062] The input and output interface 2 is used to provide an interface for the operator to interact with the Linux system.

[0063] The display device 4 is used to display the operation result to the operator.

[0064] The embodiment of the present invention provides a kernel-level document security access control device, whic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of safety of operation systems, and provides a document safety access control method based on a Linux kernel. The document safety access control method comprises the following steps: when a Linux system is started up, the Linux kernel reads startup script registration information, and is registered with a pre-processing module; starting procedure information is read, and a strategy loading module is started up, wherein the pre-processing module runs in the state of the Linux kernel; after the pre-processing module is started up, a safety document system is registered in a VFS (virtual file system), and then a listening port is registered; the strategy loading module reads a local safety strategy file, and a safety strategy is created, and is sent to the listening port of the pre-processing module; the pre-processing module receives the safety strategy, and a safety strategy is created in a memory to be used for the safety file system; when a file is accessed by an application process, the safety file system calls the local file system to complete the operation of the file data according to the safety strategy. According to the method, the efficiency of the file safety access control in the Linux system is improved.

Description

technical field [0001] The invention belongs to the field of operating system security, in particular to a Linux kernel-based document security access control method. Background technique [0002] The document security access control in the common Linux environment is to set the security policy in the user state. During the file access process, the filter driver interacts with the user state to judge the policy. Its security depends on the user state program operating environment, and its reliability is low. . At the same time, the filter driver intercepts operations on all files on the disk, causing unnecessary security judgments. For example, when a user logs in to the system with a personal account, the application process only has read and write permissions to the Home directory, and the filter driver only needs to control the files created by the user in the Home directory, without having to control the configuration files and the root directory generated by the applic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/62G06F21/57
Inventor 唐威唐相雄周涛景弈昕韩敏
Owner 武汉华工安鼎信息技术有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com