البحث في مجموعات البراءات الدولية والوطنية
بعض محتويات هذا الطلب غير متوفر حاليا.
إذا استمر الوضع، يرجى الاتصال بنا علىتعليق وبيانات الاتصال
1. (CN102194079) File access filtering method

المكتب : الصين
رقم الطلب: 201110066687.5 تاريخ الطلب: 18.03.2011
رقم النشر: 102194079 تاريخ النشر: 21.09.2011
رقم التسليم: 102194079 تاريخ التسليم: 11.09.2013
نوع النشر: B
التصنيف الدولي للبراءات:
G06F 21/57
Description not available in lang ar
مودعي الطلبات: Beijing StrongUnion Technology Co., Ltd.
北京思创银联科技股份有限公司
المخترعون: Yu Xiaojun
于晓军
Wan Xuesong
万雪松
Zhao Chenqing
赵辰清
الوكلاء: wang ying
北京路浩知识产权代理有限公司 11002
بيانات الأولوية:
الاسم: (EN) File access filtering method
(ZH) 文件访问过滤方法
الملخص: front page image
(EN) The invention discloses a file access filtering method which belongs to the technical field of network safety. The file access filtering method comprises the following steps: S1) processing an IRP (input/output request package) request category and a request of withdrawing from drive, and mounting a corresponding dispatch function; S2) processing calling of a user layer, and emitting a calling command to an inner nuclear layer; S3) getting an afferent Handle through a parameter when calling a Windows inner nuclear function in user-defined functions, and inquiring whether a path corresponding to the Handle is a file folder path or not by calling the inner nuclear function of a system, if the path is the file holder path and does not contain a magnetic disk drive, not performing contrast, if the path is a file path, comparing in a white list; and S4) notifying an application program of the user layer of retrieving illegal access file information recorded in a BackList through a shared event created between the user layer and the inner nuclear layer, and using the application program of the user layer to write the illegal access file information into a log file. By adopting the file access filtering method, a user can conveniently further adopt measures for protecting personal files.
(ZH)

本发明公开了一种文件访问过滤方法,属于网络安全技术领域,包括以下步骤:S1、处理IRP请求类别和退出驱动请求,并安装相对应的派遣函数;S2、处理用户层的调用,并向内核层发出调用命令;S3、在所述自定义函数中调用所述Windows内核函数时通过参数拿到传入的句柄Handle,通过调用系统的内核函数查询该Handle对应的路径是否是文件夹路径;如果是文件夹路径,并且不包含磁盘盘符,则不进行对比;如果是文件路径,则在所述白名单中进行比较;S4、通过用户层和内核层之间创建的共享事件,通知用户层的应用程序取回BackList中记录的非法访问文件信息,用户层应用程序把该非法访问文件信息写入到日志文件中。本发明能够方便用户进一步采取措施保护个人文件。