A file protection method and device

A file and file operation technology, applied in the field of system security, to achieve the effect of protection

Active Publication Date: 2019-03-26
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, the above two conventional methods no longer work in the Xen paravirtualized environment system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A file protection method and device
  • A file protection method and device
  • A file protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] First of all, it needs to be explained that Intel processors implement access control through the Ring level, which is divided into four layers: Ring0 layer, Ring1 layer, Ring2 layer, and Ring3 layer. Ring0 layer has the highest authority, and Ring3 layer has the lowest authority. According to Intel's original concept, the application program works at the Ring3 layer and can only access the data of the Ring3 layer; the operating system works at the Ring0 layer and can access the data of all layers; while other drivers are located at the Can access the data of this layer and the lower layer. But the current operating system (OS), including Windows and Linux, only uses two layers—Ring0 layer and Ring3 layer, respectively to store operating system data and application data, and drivers (including device drivers and non-device drivers) all run on Ring0 level, and the location of the kernel (Kernel) is also at the Ring0 level. In the Xen paravirtualized environment system,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a file protection method and apparatus. The method is applied to a Xen para-virtualized environment system. The method comprises the steps of when a program is driven to be initialized, positioning a system call table; mapping the system call table to a writable memory subpage in the Xen para-virtualized environment system; modifying a function pointer in the system call table, wherein the modified function pointer points to a preset rule check function; and through the rule check function, judging whether a kernel-level file operation meets a preset protective rule or not, if so, preventing the kernel-level file operation, and if not, finishing the kernel-level file operation. The method is capable of protecting a kernel-level file by modifying the system call table in the Xen para-virtualized environment system.

Description

technical field [0001] The invention relates to the technical field of system security, in particular to a file protection method and device. Background technique [0002] In the field of desktop security software and website anti-tampering, file anti-tampering technology plays a very important role. Using file tamper-proof technology, functions such as process startup, file modification authorization, and file access monitoring can be controlled. Existing anti-tampering technologies for files include: application layer polling, application layer hooks, and system service hooks. Among them, the system service hook is one of the most effective and stable implementation methods on the Linux platform. Its protection mechanism is to hijack system calls related to file operations, and perform legality checks in custom system call implementation functions. [0003] The first conventional method flow is as follows: [0004] a) Obtain the first address of the interrupt vector tab...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 马驰晁璐朱二夫
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap