Command processing method and device for host, electronic equipment and storage medium

A command processing and host technology, which is applied in the field of network isolation and computer network, can solve the problems of easy leakage of internal data, etc., and achieve the effect of preventing data leakage, ensuring data security, and improving security

Active Publication Date: 2020-04-14
BEIJING BAIDU NETCOM SCI & TECH CO LTD
View PDF18 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The existing network isolation scheme has the problem that internal data is easily leaked when these ho

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Command processing method and device for host, electronic equipment and storage medium
  • Command processing method and device for host, electronic equipment and storage medium
  • Command processing method and device for host, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0059] Example 1. The preset condition includes: the received external command belongs to a predetermined type of shell command; the predetermined processing includes: determining not to process the external command.

[0060] In this example, for shell commands, whether to process them is determined according to their type. The processing of a shell command starts the shell command interpreter. For example, after the csh command is executed, csh will be started, so that subsequent external commands will be switched to csh for processing. In order to avoid this situation, the shell command type corresponding to the shell command interpreter that does not have a preset list configured can be pre-recorded as a predetermined type. The predetermined type of shell command will start the corresponding shell command interpreter, and then refuse to process the predetermined type of shell command, thereby preventing other command interpretation components from switching to process subs...

example 2

[0061] Example 2. The preset condition includes: the external command belongs to the compilation and construction command; the predetermined processing includes: determining not to process the external command.

[0062] The compilation and construction command may be, for example, a compilation and construction command in C language or C++ language such as gcc and make. Using the compile and build command, you can build a shell command interpreter. If the built shell command interpreter is not in the preset list, it can be executed. Since the shell command interpreter itself is also a shell command, executing the shell command can also switch the command interpretation component used in the host to the shell command interpreter built by compiling and building commands, causing subsequent external commands to switch to the built shell command interpreter. For example, if a shell command interpreter is built using the compile and build command and named "zsh1", since "zsh1" do...

example 3

[0064] Example 3, the preset condition includes: the script of the external command includes a release symbol, and the command interpretation component specified by the script of the external command is not the first type of command interpretation component; the predetermined processing includes: interpreting the command specified by the script of the external command The component switches to the first type of command interpretation component.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a command processing method and device for a host, electronic equipment and a storage medium, and relates to the technical field of network isolation. According to the specificimplementation scheme, a host comprises at least one first-class command interpretation component, wherein the first-class command interpretation component is configured to comprise a preset list. The command processing method for the host comprises the steps that after the host receives an external command, the first-class command interpretation component processes the received external commandto determine whether the external command exists in the preset list or not; and if it is determined that the external command exists in the preset list, it is determined that the external command is not executed; and under the condition that the received external command meets the preset condition, corresponding preset processing is executed on the external command, so that the received external command cannot be switched to other command interpretation components in the host. By utilizing the embodiment of the invention, the security of information interaction can be improved.

Description

technical field [0001] This application relates to the field of computer networks, in particular to the field of network isolation technology. Background technique [0002] With the construction of computer networks and popularization of applications, according to different information security requirements, a complex network structure has been formed in which a variety of networks with different levels of secrecy coexist. Based on the consideration of network data security, the hosts in the high-density network are not allowed to be exposed to the external environment, nor are they allowed to be connected to the low-density network. However, in daily work, there is often a need for hosts in high-density networks to interact with the outside world. In the existing network isolation scheme, when these hosts interact with the outside, there is a problem that internal data is easily leaked. There are data security risks in the process of information exchange. Contents of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/30G06F9/54G06F21/60
CPCG06F9/30003G06F9/54G06F21/606
Inventor 冯智张宇张森
Owner BEIJING BAIDU NETCOM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap