CN102902914B - Method and device for achieving terminal tracelessness - Google Patents
Method and device for achieving terminal tracelessness Download PDFInfo
- Publication number
- CN102902914B CN102902914B CN201210324840.4A CN201210324840A CN102902914B CN 102902914 B CN102902914 B CN 102902914B CN 201210324840 A CN201210324840 A CN 201210324840A CN 102902914 B CN102902914 B CN 102902914B
- Authority
- CN
- China
- Prior art keywords
- file
- memory
- accessing operation
- disk
- mapped disk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method and a device for achieving a traceless terminal. The method comprises the steps of receiving access requests for corresponding files stored in a server; downloading files into a local memory mapping disc and conducting encryption processing; and performing access operation on files in the memory mapping disc, wherein the memory mapping disc is obtained by mounting of a file system device which is virtualized in the local memory space. According to the method and the device, files are accessed through the memory mapping disc, so that the terminal tracelessness can be achieved.
Description
Technical field
The present invention relates to field of computer technology, more particularly, relate to and a kind ofly realize the seamless method of terminal and device.
Background technology
Along with the development of infotech, increasing enterprises and institutions handle official business with electrical file form.Electronic document become enterprises and institutions' valuable source especially secret, secret papers maintenance form.In order to effectively prevent the vital document such as secret, secret from divulging a secret, many enterprises and institutions take the form of centralized management or storage in management to the vital document such as secret, secret.But, often need in office process to use the vital document such as secret, secret.Therefore, in the system of document centralized management or storage, need to realize the seamless function of terminal in the vital document use procedure such as secret, secret.
At present, seamless related technology has sandbox technology with terminal.The main implementation method realizing the seamless function of terminal in sandbox technology is: by the generation relevant to shielded program with revise file redirection in the region of specifying; this region of specifying can be file form or document form, is encrypted being written to this area data of specifying simultaneously.
In sandbox technology, exist in local disk for the data after being redirected with the form of file or file, user can see, and by the mode copied, the data of file or document form can be taken away, disabled user can also obtain the data in file or folder by means such as Brute Forces; In addition; be redirected the deletion mode of data mainly: initiatively go to delete the data content be redirected by program; generally just the data be redirected are deleted when sandbox instrument exits or shielded program exits; may because data file be occupied or lock and cannot successfully delete when the deletion of redirected data; and file erase in local disk not thoroughly time; can some data restoration methods be passed through, related data is reduced.
Visible, it is seamless that prior art cannot really realize terminal.
Summary of the invention
In view of this, the embodiment of the present invention provides a kind of and realizes the seamless method of terminal and device, realizes the access to file, reach the object that terminal is seamless by memory-mapped disk.
The embodiment of the present invention provides a kind of and realizes the seamless method of terminal, comprising:
Receive the request of access to the corresponding document deposited in server;
By described file download to local memory-mapped disk, and be encrypted;
In described memory-mapped disk, accessing operation is performed to described file;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom.
Preferably, describedly in described memory-mapped disk, accessing operation is performed to described file, comprising:
Whether the process judging described accessing operation is trusted process;
If so, then described process is allowed to perform described accessing operation; Otherwise, forbid that described process performs described accessing operation.
Preferably, whether the described process judging described accessing operation is trusted process, comprising:
Obtain the Process identifier of described accessing operation;
The executable file of described process is obtained according to described Process identifier;
Judge whether the file characteristic value of described executable file is present in preset trusted process list, if so, then described process is trusted process; Otherwise described process is untrusted process.
Preferably, if trusted process performs described accessing operation, then also comprise:
The temporary file of the file created in described trusted process accessing operation process and generation is encrypted, and is stored in described memory-mapped disk.
Preferably, described access comprises: read described file, to described file or to described memory-mapped disk write data.
Realize the device that terminal is seamless, comprising:
Request receiving module, for receiving the request of access to the corresponding document deposited in server;
Download module, for by described file download to local memory-mapped disk, and to be encrypted;
Access modules, for performing accessing operation to described file in described memory-mapped disk;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom.
Preferably, described access control module comprises:
Judge submodule, for judging whether the process of described accessing operation is trusted process; If so, then trigger first to bear fruit module; Otherwise, trigger second and to bear fruit module;
Described first bears fruit module, performs described accessing operation for allowing described process;
Described second bears fruit module, for forbidding that described process performs described accessing operation.
Preferably, described judgement submodule, comprising:
First acquiring unit, for obtaining the Process identifier of described accessing operation;
Second acquisition unit, for obtaining the executable file of described process according to described Process identifier;
Judging unit, for judging whether the file characteristic value of described executable file is present in preset trusted process list, if so, then triggers first module; Otherwise, trigger second unit;
Described first module, for determining that described process is trusted process;
Described second unit is untrusted process for described process.
Preferably, also comprise:
Memory module, for being encrypted by the temporary file of the file created in described trusted process accessing operation process and generation, and is stored in described memory-mapped disk.
Preferably, described access comprises: read described file, to described file or to described memory-mapped disk write data.
In the embodiment of the present invention, the space of certain space as memory-mapped disk is distributed in local internal memory, when the file needing to deposit in server performs access, first corresponding document is downloaded in memory-mapped disk, then in memory-mapped disk, perform the accessing operation to this file, any intermediate data file can not be produced in local disk, for memory-mapped disk, operating system shutdown or when restarting system, memory-mapped disk can disappear along with the reset of memory headroom, therefore, the file data deposited in memory-mapped disk also can disappear along with the disappearance of memory-mapped disk, thus it is seamless to realize terminal.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
What Fig. 1 provided for the embodiment of the present invention a kind ofly realizes the seamless method flow schematic diagram of terminal;
The schematic diagram of the carry memory-mapped disk that Fig. 2 provides for the embodiment of the present invention;
The realization flow schematic diagram described file being performed to accessing operation in described memory-mapped disk that Fig. 3 provides for the embodiment of the present invention;
Fig. 4 is the realization flow schematic diagram of step 301 in Fig. 3;
What Fig. 5 provided for the embodiment of the present invention a kind ofly realizes the seamless apparatus structure schematic diagram of terminal;
Fig. 6 realizes the seamless apparatus structure schematic diagram of terminal for the another kind that the embodiment of the present invention provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
In the embodiment of the present invention, terminal is seamless is exactly open in client in the file processes on server, can not leave all or part of file content of this file on the client.Usually, in order to reach the seamless function of terminal, 2 points below demand fulfillment:
1, it is seamless when server file downloads to local cache;
2, the ephemeral data that the process opened file produces is seamless.
First, be described a kind of method realizing terminal seamless provided by the invention, as shown in Figure 1, described method comprises:
Step 101, receive request of access to the corresponding document deposited in server;
In this step, request of access can be by IE(Internet Explorer, internet browser) to initiate, request of access points to the server at storage system place in document sets; Also can be initiated by the client connecting storage system place server in document sets;
Step 102, by described file download to local memory-mapped disk, and to be encrypted;
In this step, after determining accessed file, directly concrete accessing operation is not performed to this file, but this file is downloaded to local memory-mapped disk;
Step 103, in described memory-mapped disk, accessing operation is performed to described file;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom.
In the embodiment of the present invention, utilize internal memory automatically reset characteristic at once under internal memory power-off or system off state, realize opening the seamless function of network file terminal.First, inside there is paging and without under the state of paging, to be directly used in storage file technically, and can not procedure identification be employed, therefore, need to use " memory virtual magnetic disc " in internal memory, to distribute certain space virtual become file system volume equipment, and by virtual file system mounted be memory-mapped disk.
As shown in Figure 2, be the schematic diagram of carry memory-mapped disk.Particularly, distribute the space of certain space as memory-mapped disk from internal memory, initialization is carried out in space and builds virtual file system, the symbol creating disk connects, by virtual file system mounted be memory-mapped disk.During concrete enforcement, can be allocated in advance the space size of memory-mapped disk according to the strategy in registration table by memory-mapped disk driver when system boot, optional manner comprises: memory-mapped disk accounts for the number percent of memory headroom or arranges concrete size, and when client-side program starts, inform the local disk magnetic symbol needing to carry out carry.
In the embodiment of the present invention, the space of certain space as memory-mapped disk is distributed in local internal memory, when the file needing to deposit in server performs access, first corresponding document is downloaded in memory-mapped disk, then in memory-mapped disk, perform the accessing operation to this file, any intermediate data file can not be produced in local disk, for memory-mapped disk, operating system shutdown or when restarting system, memory-mapped disk can disappear along with the reset of memory headroom, therefore, the file data deposited in memory-mapped disk also all can disappear along with the disappearance of memory-mapped disk, thus it is seamless to realize terminal.
Network file is left in memory-mapped disk, avoid cache file in local disk, the situation of divulging a secret that local disk buffer network data file produces can be solved.In addition, equal to read and write data from internal memory from the efficiency of memory-mapped disk read-write data, from the efficiency far of memory read-write data higher than the efficiency read and write data from local disk, therefore, carry out by memory-mapped disk system the read or write speed that cache file can improve file greatly.
For the ease of the understanding to technical solution of the present invention, below by concrete example, explanation is described in detail to overall plan.
In the embodiment of the present invention, as shown in Figure 3, can comprise the following steps the implementation of described file execution accessing operation in described memory-mapped disk:
Whether step 301, the process judging described accessing operation are trusted process; If so, then step 302 is continued; Otherwise, continue step 303;
Step 302, described process is allowed to perform described accessing operation;
Step 303, forbid that described process performs described accessing operation.
In this embodiment, because memory-mapped disk is visible to user under " my computer ", user can directly conduct interviews to the data file in internal memory Map Disk.In order to improve the security of access, in above-described embodiment, need the access control realizing internal memory Map Disk by kernel level file access control mode, herein, kernel refers to the driving layer of operating system.Be specially: concrete access process is authorized, believable process can read data, incredible process can not read data, with reach illegal program or hacker in system boot or shutdown, even obtain hard disk, all cannot steal the object of data from memory-mapped disk.
In above-described embodiment, as shown in Figure 4, judge described in step 301 whether the process of described accessing operation is trusted process, can comprise the following steps:
Step 401, obtain the Process identifier of described accessing operation;
Step 402, obtain the executable file of described process according to described Process identifier;
Step 403, judge whether the file characteristic value of described executable file is present in preset trusted process list, if so, then continue step 404; Otherwise, continue step 405;
Step 404, determine that described process is trusted process;
Step 405, determine that described process is untrusted process.
This embodiment illustrates the judgment mode how carrying out whether trusted process.Particularly, data access in memory-mapped disk controls to use kernel level to control, when process triggers reads request of data in dish, i.e. kernel file operation Fast I/O(Fast Input/Output, quick I/O) ask and IRP(I/ORequest Package, input output request bag), PID(Process identifier according to the process of this request), the application program executable file of acquisition process, judge the program file eigenwert of executable file, that is: the HASH value of executable file, if file characteristic value is in trusted process list, represent that this program is believable, processing mode be to the read data of this program give let pass and to the decrypt data read, if file characteristic value is not in trusted process list, represent that this program is incredible, processing mode forbids that this program reads the data in memory-mapped disk.Wherein, trusted process list can pre-set in the server, to be obtained and pass to the driver of memory-mapped disk by application program from server.
In another preferred embodiment of the invention, when trusted process performs accessing operation to internal memory Map Disk, the temporary file of the file created in described trusted process accessing operation process and generation is encrypted, and is stored in described memory-mapped disk.
In this embodiment, after file in memory-mapped disk is opened for trusted process, need to carry out anti-control of divulging a secret to trusted process, prevent from separately depositing file to outside memory-mapped disk by trusted process, here " process redirecting technique " is used to reach this function, by unloadings such as the file of process creation or the temporary files that produces to already present file write supplemental data in memory-mapped disk, thus do not produce any intermediate data file in local disk.
During concrete enforcement, can binding file filtration drive equipment on the file system volume equipment in kernel, utilize the data access of this filter Driver on FSD equipment to file system volume equipment judge and monitor.It should be noted that, this filter Driver on FSD equipment is a driving arrangement in the driver of the corresponding exploitation of memory-mapped disk, and its effect implements interception to physical disk file and filters.
In addition, in kernel, file filter is carried out, if the PID of process is the PID of trusted process and file operation creates file and to file write data, then this file operation forwarded in memory-mapped disk.When file operation being forwarded to memory-mapped disk, if judge that original exists, need the correspondence position first original copied in memory-mapped disk.This is because, in order to realize seamless directly to file write data already present in local disk, but can not needs the file copy in local disk in memory-mapped disk, then write data in this file in internal memory Map Disk.
It should be noted that, in above-described embodiment, the file be written in memory-mapped disk becomes encrypt file automatically, and the file of write comprises the file be downloaded to from server memory-mapped disk, and to the data file of internal memory Map Disk file write.Concrete cipher mode can be: when processing file operation distribution function in memory-mapped disk drive, distribute in function process be encrypted by corresponding contents at write.And user opens the file in memory-mapped disk by some mode, can check file, edit and preservation etc., be transparent concerning user.This is because, in the present embodiment, during the file of trusted process in rdma read Map Disk, corresponding document can be deciphered automatically, and the file data generated when performing write operation to file can be encrypted automatically.Be understandable that, this encryption and decryption mode essence is a kind of transparent encryption and decryption technology.Trusted process uses transparent encryption and decryption technology to carry out encryption and decryption to file in memory-mapped disk during reading and writing of files, can not affect the use habit of user.
Correspondingly above-mentionedly realize the seamless embodiment of the method for terminal, present invention also offers and a kind ofly realize the seamless device of terminal, as shown in Figure 5, described device specifically can comprise:
Request receiving module 501, for receiving the request of access to the corresponding document deposited in server;
Download module 502, for by described file download to local memory-mapped disk, and to be encrypted;
Access modules 503, for performing accessing operation to described file in described memory-mapped disk;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom.
Described access comprises: read described file, to described file or to described memory-mapped disk write data.
In the embodiment of the present invention, the space of certain space as memory-mapped disk is distributed in local internal memory, when the file needing to deposit in server performs access, first corresponding document is downloaded in memory-mapped disk, then in memory-mapped disk, perform the accessing operation to this file, any intermediate data file can not be produced in local disk, for memory-mapped disk, operating system shutdown or when restarting system, memory-mapped disk can disappear along with the reset of memory headroom, therefore, the file data deposited in memory-mapped disk also all can disappear along with the disappearance of memory-mapped disk, thus it is seamless to realize terminal.
During concrete enforcement, described access control module can comprise:
Judge submodule, for judging whether the process of described accessing operation is trusted process; If so, then trigger first to bear fruit module; Otherwise, trigger second and to bear fruit module;
Described first bears fruit module, performs described accessing operation for allowing described process;
Described second bears fruit module, for forbidding that described process performs described accessing operation.
In this embodiment, because memory-mapped disk is visible to user under " my computer ", user can directly conduct interviews to the data file in internal memory Map Disk.In order to improve the security of access, in above-described embodiment access control module, need the access control realizing internal memory Map Disk by kernel level file access control mode, herein, kernel refers to the driving layer of operating system.Be specially: concrete access process is authorized, believable process can read data, incredible process can not read data, with reach illegal program or hacker in system boot or shutdown, even obtain hard disk, all cannot steal the object of data from memory-mapped disk.
Further, described judgement submodule, can comprise:
First acquiring unit, for obtaining the Process identifier of described accessing operation;
Second acquisition unit, for obtaining the executable file of described process according to described Process identifier;
Judging unit, for judging whether the file characteristic value of described executable file is present in preset trusted process list, if so, then triggers first module; Otherwise, trigger second unit;
Described first module, for determining that described process is trusted process;
Described second unit is untrusted process for described process.
Visible, in this embodiment, data access in memory-mapped disk controls to use kernel level to control, when process triggers reads request of data in dish, described judgement submodule is according to the PID of the process of this request, the application program executable file of acquisition process, judge the program file eigenwert of executable file, that is: the HASH value of executable file, if file characteristic value is in trusted process list, represent that this program is believable, processing mode be to the read data of this program give let pass and to the decrypt data read; If file characteristic value is not in trusted process list, represent that this program is incredible, processing mode forbids that this program reads the data in memory-mapped disk.Wherein, trusted process list can pre-set in the server, to be obtained and pass to the driver of memory-mapped disk by application program from server.
In another preferred embodiment of the invention, as shown in Figure 6, the above-mentioned seamless device of terminal that realizes can also comprise:
Memory module 504, for being encrypted by the temporary file of the file created in described trusted process accessing operation process and generation, and is stored in described memory-mapped disk.
In this embodiment, after file in memory-mapped disk is opened for trusted process, need to carry out anti-control of divulging a secret to trusted process, prevent from separately depositing file to outside memory-mapped disk by trusted process, here " process redirecting technique " is used to reach this function, by this memory module, by unloadings such as the file of process creation or the temporary files that produces to already present file write supplemental data in memory-mapped disk, thus do not produce any intermediate data file in local disk.
For device embodiment, because it is substantially corresponding to embodiment of the method, so describe fairly simple, relevant part illustrates see the part of embodiment of the method.Device embodiment described above is only schematic, the wherein said unit illustrated as separating component or can may not be and physically separates, parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed in multiple network element.Some or all of module wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.Those of ordinary skill in the art, when not paying creative work, are namely appreciated that and implement.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
To the above-mentioned explanation of the disclosed embodiments, professional and technical personnel in the field are realized or uses the present invention.To be apparent for those skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein when not departing from the spirit or scope of the embodiment of the present invention, can realize in other embodiments.Therefore, the embodiment of the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (10)
1. realize the method that terminal is seamless, it is characterized in that, comprising:
Receive the request of access to the corresponding document deposited in server;
By described file download to local memory-mapped disk, and be encrypted;
In described memory-mapped disk, accessing operation is performed to described file;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom; Particularly, distribute the space of certain space as memory-mapped disk from internal memory, initialization is carried out in space and builds virtual file system, the symbol creating disk connects, by virtual file system mounted be memory-mapped disk.
2. according to claim 1ly realize the seamless method of terminal, it is characterized in that, describedly in described memory-mapped disk, accessing operation is performed to described file, comprising:
Whether the process judging described accessing operation is trusted process;
If so, then described process is allowed to perform described accessing operation; Otherwise, forbid that described process performs described accessing operation.
3. according to claim 2ly realize the seamless method of terminal, it is characterized in that, whether the described process judging described accessing operation is trusted process, comprising:
Obtain the Process identifier of described accessing operation;
The executable file of described process is obtained according to described Process identifier;
Judge whether the file characteristic value of described executable file is present in preset trusted process list, if so, then described process is trusted process; Otherwise described process is untrusted process.
4. according to claim 2ly realize the seamless method of terminal, it is characterized in that, if trusted process performs described accessing operation, then also comprise:
The temporary file of the file created in described trusted process accessing operation process and generation is encrypted, and is stored in described memory-mapped disk.
5. according to claim 1ly realize the seamless method of terminal, it is characterized in that, described access comprises: read described file, to described file or to described memory-mapped disk write data.
6. realize the device that terminal is seamless, it is characterized in that, comprising:
Request receiving module, for receiving the request of access to the corresponding document deposited in server;
Download module, for by described file download to local memory-mapped disk, and to be encrypted;
Access modules, for performing accessing operation to described file in described memory-mapped disk;
Wherein, described memory-mapped disk is obtained by the file system device carry fictionalized in local memory headroom; Particularly, distribute the space of certain space as memory-mapped disk from internal memory, initialization is carried out in space and builds virtual file system, the symbol creating disk connects, by virtual file system mounted be memory-mapped disk.
7. according to claim 6ly realize the seamless device of terminal, it is characterized in that, described access control module comprises:
Judge submodule, for judging whether the process of described accessing operation is trusted process; If so, then trigger first to bear fruit module; Otherwise, trigger second and to bear fruit module;
Described first bears fruit module, performs described accessing operation for allowing described process;
Described second bears fruit module, for forbidding that described process performs described accessing operation.
8. according to claim 7ly realize the seamless device of terminal, it is characterized in that, described judgement submodule, comprising:
First acquiring unit, for obtaining the Process identifier of described accessing operation;
Second acquisition unit, for obtaining the executable file of described process according to described Process identifier;
Judging unit, for judging whether the file characteristic value of described executable file is present in preset trusted process list, if so, then triggers first module; Otherwise, trigger second unit;
Described first module, for determining that described process is trusted process;
Described second unit is untrusted process for described process.
9. according to claim 7ly realize the seamless device of terminal, it is characterized in that, also comprise:
Memory module, for being encrypted by the temporary file of the file created in described trusted process accessing operation process and generation, and is stored in described memory-mapped disk.
10. according to claim 6ly realize the seamless device of terminal, it is characterized in that, described access comprises: read described file, to described file or to described memory-mapped disk write data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210324840.4A CN102902914B (en) | 2012-09-05 | 2012-09-05 | Method and device for achieving terminal tracelessness |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210324840.4A CN102902914B (en) | 2012-09-05 | 2012-09-05 | Method and device for achieving terminal tracelessness |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102902914A CN102902914A (en) | 2013-01-30 |
| CN102902914B true CN102902914B (en) | 2015-06-03 |
Family
ID=47575141
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210324840.4A Active CN102902914B (en) | 2012-09-05 | 2012-09-05 | Method and device for achieving terminal tracelessness |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102902914B (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106874782B (en) * | 2015-12-11 | 2021-01-29 | 北京奇虎科技有限公司 | Traceless use method of mobile terminal and mobile terminal |
| CN106611138B (en) * | 2016-12-12 | 2020-03-31 | 北京鼎普科技股份有限公司 | GHOST file security check method and device |
| CN106612280B (en) * | 2016-12-26 | 2019-10-22 | 北京鼎普科技股份有限公司 | A kind of method and system of terminal device virtual management |
| US10936728B2 (en) | 2017-02-23 | 2021-03-02 | Red Hat, Inc. | Non-persistent mode for network connection |
| US11025621B2 (en) | 2017-02-24 | 2021-06-01 | Red Hat, Inc. | Enhancing privacy of network connections |
| CN108762821B (en) * | 2017-04-18 | 2023-04-25 | 海马云(天津)信息技术有限公司 | Device and method for running application of electronic equipment and electronic equipment |
| CN110020533B (en) * | 2018-01-08 | 2021-02-09 | 福建天泉教育科技有限公司 | Safety protection method for VR resources and terminal |
| CN109558375B (en) * | 2018-12-05 | 2021-03-16 | 武汉斗鱼网络科技有限公司 | Optimized file storage method, storage medium, equipment and system |
| CN109918907B (en) * | 2019-01-30 | 2021-05-25 | 国家计算机网络与信息安全管理中心 | Method, controller and medium for obtaining evidence of malicious codes in process memory of Linux platform |
| CN110134339A (en) * | 2019-05-22 | 2019-08-16 | 北京明朝万达科技股份有限公司 | A kind of data guard method and system based on file virtual disk |
| CN110232261B (en) * | 2019-06-03 | 2021-05-11 | 浙江大华技术股份有限公司 | Operation method of package file, file processing device and device with storage function |
| CN110457870A (en) * | 2019-08-01 | 2019-11-15 | 浙江大华技术股份有限公司 | Processing method and processing device, embedded device and the storage medium of executable file |
| CN110837648A (en) * | 2019-10-23 | 2020-02-25 | 云深互联(北京)科技有限公司 | Document processing method, device and equipment |
| CN113782158A (en) * | 2021-08-13 | 2021-12-10 | 广州市挖米科技有限责任公司 | SAAS image data high-speed transmission and imaging method and device |
| CN113946873B (en) * | 2021-12-21 | 2022-05-06 | 天津联想协同科技有限公司 | Off-disk file tracing method and device, terminal and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102214127A (en) * | 2010-11-15 | 2011-10-12 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| CN102222189A (en) * | 2011-06-13 | 2011-10-19 | 上海置水软件技术有限公司 | Method for protecting operating system |
| CN102467566A (en) * | 2010-11-19 | 2012-05-23 | 奇智软件(北京)有限公司 | Method and system for browsing web pages without traces |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100036884A1 (en) * | 2008-08-08 | 2010-02-11 | Brown Robert G | Correlation engine for generating anonymous correlations between publication-restricted data and personal attribute data |
-
2012
- 2012-09-05 CN CN201210324840.4A patent/CN102902914B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102214127A (en) * | 2010-11-15 | 2011-10-12 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| CN102467566A (en) * | 2010-11-19 | 2012-05-23 | 奇智软件(北京)有限公司 | Method and system for browsing web pages without traces |
| CN102222189A (en) * | 2011-06-13 | 2011-10-19 | 上海置水软件技术有限公司 | Method for protecting operating system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102902914A (en) | 2013-01-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102902914B (en) | Method and device for achieving terminal tracelessness | |
| EP3420492B1 (en) | Idps access-controlled and encrypted file system design | |
| US9473297B2 (en) | Achieving storage efficiency in presence of end-to-end encryption using downstream decrypters | |
| CN101853363B (en) | File protection method and system | |
| US10452857B2 (en) | Systems and methods for providing file level security | |
| US8302178B2 (en) | System and method for a dynamic policies enforced file system for a data storage device | |
| CN103259762B (en) | A kind of file encryption based on cloud storage, decryption method and system | |
| US20110314534A1 (en) | Secured Execution Environments and Methods | |
| CN107301544A (en) | A kind of safe Wallet System of block chain | |
| US8874625B2 (en) | Method, apparatus and system for accessing remote files | |
| CN103825953A (en) | User mode encrypt file system | |
| TW200830830A (en) | Hard disc streaming cryptographic operations with embedded authentication | |
| CN104156672B (en) | data encryption protection method and system based on LINUX | |
| CN101847184A (en) | Method for encrypting files by adopting encryption sandbox | |
| CN106971120A (en) | A kind of method, device and computing device for realizing file protection | |
| US9075999B2 (en) | Memory device and method for adaptive protection of content | |
| CN104462998B (en) | Cloud storage encryption system and its implementation based on domestic commercial cipher algorithm | |
| CA3083722A1 (en) | Re-encrypting data on a hash chain | |
| CN102693399A (en) | System and method for on-line separation and recovery of electronic documents | |
| CN113536369A (en) | Electronic file real-time transparent storage encryption and decryption method and system and related products | |
| CN108229190A (en) | Control method, device, program, storage medium and the electronic equipment of transparent encryption and decryption | |
| CN103425938A (en) | Folder encryption method and device for Unix-like operating system | |
| CN103379133A (en) | Safe and reliable cloud storage system | |
| US20200296100A1 (en) | Methods and systems for contiguous utilization of individual end-user-based cloud-storage subscriptions | |
| CN115455440A (en) | Transparent encryption method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210309 Address after: Room 205, building 22, 785 Hutai Road, Jing'an District, Shanghai Patentee after: Shanghai Rongan Technology Co.,Ltd. Address before: 4f, area B, Fujian Overseas Students Pioneer Park, 108 Jiangbin East Avenue, Mawei District, Fuzhou City, Fujian Province, 350015 Patentee before: FUJIAN ETIM INFORMATION & TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |