File access control method, device and equipment based on sensitive mark

A file access, sensitive technology, applied in the field of network security, can solve the problem of low security of network files

Active Publication Date: 2020-05-19
北京浪潮数据技术有限公司
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The object of the present invention is to provide a file access control method, device, device and computer-readable storage medium based on sensitive tags, which solves the problem in the prior art that different subjects in the system can only access the resources they are authorized to access due to the inability to effectively control the system. Issues that lead to low security of network files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File access control method, device and equipment based on sensitive mark
  • File access control method, device and equipment based on sensitive mark
  • File access control method, device and equipment based on sensitive mark

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The core of the present invention is to provide a file access control method, device, device and computer-readable storage medium based on sensitive tags, which can effectively control different subjects to only access the resources they have the right to access, and ensure multi-level security access.

[0047] In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0048] Please refer tofigure 1 , figure 1 It is a flow chart of the first specific embodiment of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a file access control method, a file access control device and file access control equipment based on a sensitive mark, and a computer readable storage medium. The file accesscontrol method comprises the steps of: traversing all running processes on a system through employing a kernel driver, and extracting user information and paths of each process, so as to determine a main body sensitive mark of each process; judging whether a file is provided with a sensitive mark or not by means of the sensitive mark in extension attributes of the file when the kernel driver intercepts an access operation of the file; if the file is provided with the sensitive mark, extracting the sensitive mark of the file as a target object sensitive mark; searching a target main body sensitive mark of the access operation in main body sensitive marks of all the processes through PID of the access operation; and comparing the target subject sensitive mark with the target object sensitivemark process to determine the access permission of the access operation to the file. According to the file access control method, the file access control device, the file access control equipment andthe computer readable storage medium provided by the invention, different subjects can be effectively controlled to only access the resources which the subjects have access to, and multi-level security access is realized.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a file access control method, device, device and computer-readable storage medium based on sensitive marks. Background technique [0002] In some environments with relatively high confidentiality requirements, it is often required that some files with relatively high confidentiality can only be read and written by users or processes with the same confidentiality level, or read by users or processes with higher confidentiality levels to ensure network security. However, in the existing system, there is no strategy for uniformly setting the confidentiality level for users, processes, and files in the system, so it is impossible to effectively control different subjects in the system to only have access to the resources they have access to; it may cause users or processes with low confidentiality levels to read The phenomenon that files with high confidentiality le...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/60G06F21/62
CPCG06F21/604G06F21/6218G06F2221/2141
Inventor 崔士伟
Owner 北京浪潮数据技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap