Unlock instant, AI-driven research and patent intelligence for your innovation.

System and method for unified control of software operation based on whitelist mechanism

A control method and whitelist technology, applied in the field of information security, can solve the problem of lack of a unified software operation control system and method in the whitelist mechanism, and achieve the effect of convenient unified management and preventing tampering

Active Publication Date: 2022-03-04
中国航天系统科学与工程研究院
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem solved by the present invention is: to overcome the deficiencies of the prior art, provide a system and method for unified control of software operation based on the whitelist mechanism, and solve the problem that the existing software whitelist mechanism lacks the unified software operation control based on the C / S architecture system and method issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for unified control of software operation based on whitelist mechanism
  • System and method for unified control of software operation based on whitelist mechanism
  • System and method for unified control of software operation based on whitelist mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] A local area network has two clients U 1 and U 2 Perform whitelist initialization and software verification function startup.

[0045] S1. Before running the software on the client machine, generate a local software list, and send the local software list to the server machine. First, traverse the client U 1 All executable files (exe) in the system, get the path set P of all executable files 1 ={C:\\1.exe,C:\\2.exe}; Then use the SHA1 algorithm to calculate the set P 1 The eigenvalues ​​of the executable file corresponding to each element in , get the eigenvalue set H 1 ={5ef3...a263,5977...93b0} (Since the SHA1 and RSA encryption values ​​are too long, the middle part of the value is omitted, the same below), the set H 1 content is sent to the server. Similarly, traversing the client U 2 All executable files (exe) in the system, get the path set P of all executable files 2 ={C:\\3.exe,C:\\4.exe}; Then use the SHA1 algorithm to calculate the set P 2 The eigenval...

Embodiment 2

[0049] A user applies for client U 1 Add new software to the local software whitelist.

[0050] S1. The user is on the client computer U 1 Submit the software sample1.exe and its software type that needs to be added to the whitelist to the server machine: directly executable software type.

[0051] S2. After the server receives the application and the software sample1.exe, firstly, it uses the SHA1 algorithm to calculate the characteristic value 3316...de05 of the software sample1.exe, and then judges that the software type is directly executable; then, uses the algorithm EncF to calculate formula l 0 =EncF(h 0 ), to get software whitelist variation L′ 1 = {}; Finally, L' 1 Recorded in the local log and sent to the client U 1 .

[0052] S3, client U 1 Receive software whitelist change amount L′ 1 , add it to the local software whitelist L 1 in; the user can then use the client U 1 Use the software sample1.exe.

Embodiment 3

[0054] User application on client U 2 Remove a software from the local software whitelist.

[0055] S1, client U 2 Submit the feature value 673e...acd3 of the software sample2.exe that needs to be removed from the local software whitelist to the server machine.

[0056] S2. After the server receives the application and the characteristic value 673e...acd3 of the software sample2.exe, it obtains the corresponding software whitelist variation L′ by querying the log 2 ={}, then L' 2 send to client U 2 .

[0057] S3, client U 2 received L' 2 After that, it will belong to L' at the same time 2 and local software whitelist L 2 The software whitelist element values ​​from L 2 Delete in (namely ); then the software sample2.exe cannot be installed on the client computer U 2used on.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A system and method for unified control of software operation based on a whitelist mechanism belong to the technical field of information security. The present invention includes initialization of the whitelist of the client computer and activation of the software verification function; and the user applies for adding new software on the client computer to enter the local software whitelist, and the client computer prepares the software entity to be added to the whitelist, and then sends the software entity and its type to the server The change amount of the software whitelist is calculated by the server computer according to the software type, and the client receives it and adds it to the local software whitelist, after which the new software can be installed and used; and the user applies to remove a certain software from the local software whitelist on the client computer Remove, calculate the feature value of the software to be removed from the local software whitelist and send it to the server. The server uses the feature value to query the whitelist change corresponding to the software in the local log and sends it to the client. If the elements in the variable of the software white list are removed from the local software white list, the software will be prohibited from being executed and used.

Description

technical field [0001] The invention relates to a system and method for unified control of software operation based on a white list mechanism, and belongs to the technical field of information security. Background technique [0002] With the development of network attack technology, the number and types of computer malware, viruses, and Trojan horses are increasing year by year, and gradually spread to industrial control networks, posing a huge threat to information security. For most enterprise industrial control computer equipment, due to its relative isolation from the Internet, relatively lagging software and hardware updates, and generally only running certain software, security measures such as installing anti-virus software and host firewalls cannot well adapt to the performance of industrial control computer equipment. Current status and business needs. [0003] The software whitelist mechanism is a good security protection method. The software whitelist mechanism c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06F21/56H04L9/40H04L67/01
CPCG06F21/55G06F21/566H04L63/101H04L63/20H04L67/01
Inventor 陈漠杨隽闫陈静孟小娟薛琼贾之楠张伟
Owner 中国航天系统科学与工程研究院