CN105631310A - Efficient trusted process authentication scheme - Google Patents
Efficient trusted process authentication scheme Download PDFInfo
- Publication number
- CN105631310A CN105631310A CN201410595808.9A CN201410595808A CN105631310A CN 105631310 A CN105631310 A CN 105631310A CN 201410595808 A CN201410595808 A CN 201410595808A CN 105631310 A CN105631310 A CN 105631310A
- Authority
- CN
- China
- Prior art keywords
- trusted process
- trusted
- pid
- value
- policy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an efficient trusted process authentication method. Through adoption of the method, the trusted process authentication efficiency can be improved safely and effectively. The method is realized through the following technical scheme of intercepting a started process in a kernel driver and calculating the MD5 (Message Digest Algorithm) value of an executable file corresponding to the process; comparing the MD5 value with the MD5 value of a trusted process appointed by a manager in a server; storing the PID (Process Identifier) of the process in a trusted process link table after the comparison is successful; and then in the read and write processes of the process, querying whether the PID of the process is in the trusted process link table or not so as to judge whether the process is the trusted process or not.
Description
Technical field
The present invention relates to field of information security technology. It is mainly used in the transparent encrypting and deciphering system of document the certification of secret process, it is a kind of based on MD5(MessageDigestAlgorithm) algorithm reliability and process PID(ProcessIdentifier) certificate scheme of uniqueness, under the premise ensureing certification safety, to improve the operational efficiency of system.
Background technology
E-Government, commercial affairs, social public service activity electronization be irreversible trend; these operational actioies relate to a large amount of security files; the high intensity to security files can be completed based on the anti-disclosure system of filtration drive technology to protect; but how efficient identification and certification concerning security matters process; and the document operated by process is encrypted protection, become the key issue being presently required solution. For this problem, MD5 algorithm is as the checkschema of a kind of process integrity, it is widely used in the trusted process certification of various anti-disclosure system, but in actual authentication process, the method is inefficient, and therefore, the scheme of present invention design combines MD5 algorithm and process PID, achieve the reliability of trusted process certification, and improve authentication efficiency.
Summary of the invention
The present invention, by calculating the PID of contrast process MD5 value and process context, to complete trusted process certification, has both ensured the safety of system, has also improved running efficiency of system. For reaching above-mentioned purpose, the inventive method step is as follows:
The management personnel of system O&M arrange the MD5 value of trusted process in anti-disclosure system server background, and MD5 value is stored in the data base of server (being namely policy library) by system.
During encrypting and deciphering system client terminal start-up, by network attached server, data in policy library are delivered in client the memory headroom that is stored in, form a tactful chained list.
When client operating system has process initiation, in driving (i.e. operating system kernel), intercept this operation, calculate the MD5 value of this process, and search this MD5 value at strategy chained list.
Search in the trusted process PID chained list after successfully, PID corresponding for process being saved in internal memory; Search and unsuccessfully then abandon follow-up all operations.
During process read-write, obtaining the PID of process, search whether there is this PID in trusted process PID chained list, searching is then successfully trusted process, failed then be untrusted process, abandons follow-up all operations.
When process is closed, obtain the PID of process, and search this PID in trusted process PID chained list, search successfully, then delete this PID node.
For the embodiment of native system, client refers mainly to PC, server major control process strategy, in order to further describe the technical scheme of the present embodiment, below in conjunction with accompanying drawing 1 and accompanying drawing 2, method of work and the flow process of system is illustrated:
As shown in Figure 1, it is necessary to server 10, comprising policy library module 101 in server 10, module 101 is the Database Systems with data storage capacities. System operation management person arranges the MD5 value of trusted process at server end, and is stored in 101 modules.
Module 20 is client, alternately and communicates with kernel-driven 30 with server 10, and wherein 201 modules are used for login service device, fetch the policy library in server, and are delivered to by policy library in kernel-driven module.
Module 30 is a Kernel Driver, and whether module 301 therein preserves the policy library come from module 201 transmission, be trusted process for verifying the process of startup. Module 302 preserves the process PID by 301 checkings, for trusted process checking during process read-write in encrypting and deciphering system. Module 303 is the algoritic module of trusted process certification.
For further describing the technical scheme of the present embodiment, illustrate below in conjunction with the Fig. 2 method of work to system and flow process:
Step S101, being specified trusted process by manager at first, this trusted process is just provided with the authority to file encryption Yu deciphering later.
Step S102, the trusted process specified with MD5 algorithm management of computing person, this value, as the standard determining whether trusted process later, is deposited in the policy library of server by this calculated value simultaneously.
Step S103, when process initiation in computer, driver calculates this process image file MD5 value, and with the MD5 value comparison one by one that preserves in server policy storehouse, judge that whether this process is for trusted process with this. Contrast successfully then for trusted process. It it is otherwise untrusted process.
In step S104, step 3, process is trusted process, then obtain the PID(ProcessIdentifier that this process is corresponding), PID is stored in trusted process PID chained list simultaneously.
Step S105, when process reading and writing of files in computer, obtain the pid value of this process.
Step S106, by step S105 pid value and the trusted process PID chained list obtained contrast, whether the PID to determine this process is arranged in this chained list, if searching successfully, this process is trusted process.
Step S107, verified by step S106 after, trusted process just can normal encryption and decryption data.
Step S108, when computer there being process close, again obtain the PID by closedown process, in trusted process PID chained list, inquiring about whether there is this PID simultaneously, if searching successfully, then deleting this PID.
Accompanying drawing explanation
Fig. 1 is present system falsework composition
Fig. 2 is present system workflow diagram.
Claims (6)
1. a trusted process certificate scheme, it is characterised in that include policy development and the policy library module of preservation, trusted process PID linked list maintenance module and trusted process determination module.
2. wherein, described policy library module, for formulating and preserve the title and MD5 value specifying trusted process, and provide query function for client.
3. trusted process PID linked list maintenance module described in, for preserving the process PID by trusted process certification, trusted process during for file read-write judges inquiry.
4. trusted process determination module described in, trusted process certification during for process reading and writing of files.
5. policy library module according to claim 1, it specifically includes: policy development unit: be used for work of generating strategy, and the MD5 value completing trusted process calculates, the typing of trusted process title.
6. Policy storage unit: for preserving the trusted process MD5 value of formulation, trusted process title etc., for client query function.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410595808.9A CN105631310A (en) | 2014-10-30 | 2014-10-30 | Efficient trusted process authentication scheme |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410595808.9A CN105631310A (en) | 2014-10-30 | 2014-10-30 | Efficient trusted process authentication scheme |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105631310A true CN105631310A (en) | 2016-06-01 |
Family
ID=56046235
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410595808.9A Pending CN105631310A (en) | 2014-10-30 | 2014-10-30 | Efficient trusted process authentication scheme |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105631310A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
CN110135151A (en) * | 2019-05-23 | 2019-08-16 | 北京计算机技术及应用研究所 | The trust computing for intercepting and matching is called to realize system and method with system based on LSM |
CN111177799A (en) * | 2019-12-31 | 2020-05-19 | 奇安信科技集团股份有限公司 | Security protection method, system, computer device and computer-readable storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102855129A (en) * | 2011-06-29 | 2013-01-02 | 奇智软件(北京)有限公司 | Method and system for automatically creating isolated processes |
CN102855430A (en) * | 2012-08-23 | 2013-01-02 | 福建升腾资讯有限公司 | Process blacklist and whitelist control method based on Windows system |
-
2014
- 2014-10-30 CN CN201410595808.9A patent/CN105631310A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102855129A (en) * | 2011-06-29 | 2013-01-02 | 奇智软件(北京)有限公司 | Method and system for automatically creating isolated processes |
CN102855430A (en) * | 2012-08-23 | 2013-01-02 | 福建升腾资讯有限公司 | Process blacklist and whitelist control method based on Windows system |
Non-Patent Citations (1)
Title |
---|
朱刚等: "基于高效可信进程认证的文档加解密***", 《警察技术》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
CN110135151A (en) * | 2019-05-23 | 2019-08-16 | 北京计算机技术及应用研究所 | The trust computing for intercepting and matching is called to realize system and method with system based on LSM |
CN111177799A (en) * | 2019-12-31 | 2020-05-19 | 奇安信科技集团股份有限公司 | Security protection method, system, computer device and computer-readable storage medium |
CN111177799B (en) * | 2019-12-31 | 2022-07-05 | 奇安信科技集团股份有限公司 | Security protection method, system, computer device and computer-readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11362815B2 (en) | Trusted data transmission methods, apparatuses, and devices | |
US7987496B2 (en) | Automatic application of information protection policies | |
US7606795B2 (en) | System and method for verifying the integrity and completeness of records | |
CN107948152B (en) | Information storage method, information acquisition method, information storage device, information acquisition device and information acquisition equipment | |
US20150012748A1 (en) | Method And System For Protecting Data | |
CN202795383U (en) | Device and system for protecting data | |
CN110889130B (en) | Database-based fine-grained data encryption method, system and device | |
WO2021012548A1 (en) | Blockchain-based data processing method and system, and electronic apparatus and storage medium | |
US9288054B2 (en) | Method and apparatus for authenticating and managing application using trusted platform module | |
TW202036347A (en) | Method and apparatus for data storage and verification | |
CN102663317B (en) | Business paper and critical data circulation process security hardening system | |
US20240061790A1 (en) | Locally-stored remote block data integrity | |
GB2520056A (en) | Digital data retention management | |
CN106533694B (en) | The realization method and system of Openstack token access protection mechanism | |
CN113420049B (en) | Data circulation method, device, electronic equipment and storage medium | |
CN103745166A (en) | Method and device for inspecting file attribute value | |
CN110543775B (en) | Data security protection method and system based on super-fusion concept | |
CN105631310A (en) | Efficient trusted process authentication scheme | |
CN114942729A (en) | Data safety storage and reading method for computer system | |
KR101247564B1 (en) | Method of protecting data from malicious modification in data base system | |
US9454660B2 (en) | Security verification device and a security verification method | |
CN117390114A (en) | Battery passport storage method, device and storage medium based on blockchain | |
US20200304291A1 (en) | Information management system and method for the same | |
CN110008724A (en) | Solid-state hard disk controller method for secure loading, device and storage medium | |
CN113159952B (en) | Method, system, device and storage medium for storing digital assets based on blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160601 |
|
WD01 | Invention patent application deemed withdrawn after publication |