CN102622551A - File safety protection method - Google Patents
File safety protection method Download PDFInfo
- Publication number
- CN102622551A CN102622551A CN2012101039654A CN201210103965A CN102622551A CN 102622551 A CN102622551 A CN 102622551A CN 2012101039654 A CN2012101039654 A CN 2012101039654A CN 201210103965 A CN201210103965 A CN 201210103965A CN 102622551 A CN102622551 A CN 102622551A
- Authority
- CN
- China
- Prior art keywords
- file
- security means
- defence
- document security
- document
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a file safety protection method comprising the steps of: opening a file while utilizing a file safety discrimination technology and extracting a file safety protection technology while storing a file so as to guarantee the opening and application safety of the file. The file safety protection method disclosed by the invention performs system scanning and application program scanning while opening the file to prevent the injection of illegal programs or unknown plug-in units; and meanwhile, the file protection technology contained in the method extracts file characteristic values while storing the file and compares the file characteristic value with a preset confidence level or a non-confidence level, necessary protection measures are taken once the file characteristic value is lower than the standard so as to effectively protect the safety of core files in enterprises.
Description
Technical field
The invention belongs to the computer information safety technique field, relate in particular to a kind of document security means of defence.
Background technology
The fast development of Along with computer technology, the infotech develop rapidly, information-based all had development at full speed in all trades and professions.For enterprises and institutions, electronic document has become the lifeblood of company.At this stage, enterprises and institutions generally comprise following these technology for the safeguard procedures of these electronic documents: 1) adopting redundancy technique, is main with file server or professional backup of memory, and file is collected; 2) adopt encryption technology, the illegal propagation of in-company file is given cut off, prevent divulging a secret of interior employee; 3) adopt the control of authority technology, prevent having a mind to or being not intended to the operation to file, the destruction that causes file of unauthorized user.More than these three kinds typical technology, all be that to be based upon file be complete, correct, and how guarantee that file is complete, information is significant, and file is safe, these all do not provide good method to go to differentiate.
Summary of the invention
The present invention provides a kind of document security means of defence, verifies comparison when being employed in File Open and preserving, and guarantees file safety in use, thereby can favorable protection be provided to integrality, the security of file.
To achieve these goals, the present invention adopts following technical scheme:
A kind of document security means of defence, wherein, said method does, when File Open, can use file security examination technology and can the extraction document safety protection technique when file is preserved, thus the safety of assurance file when opening and use.
Said file security examination technology is used for the residing system features of file is scanned and collects, and the characteristic for application program scans simultaneously.
Particularly, said system features comprises malicious plugins is opened, whether had to the characteristic of virus base, fire wall whether, whether malice link or illegal end is arranged.
Particularly, said application features comprises whether whether independent operating, application program inside comprise malice or illegal program or dynamic base etc., whether have that other programs or plug-in unit inject, information and other relevant informations of correlation circumstance when program is opened application program.、
Related file characteristic value was screened when said file security guard technology was used for file preserved, and prevented that file from comprising invalid information when preserving.
Particularly, said file characteristic value comprises file essential characteristic, file cache, whether comprises malicious code or illegal grand and whether have other programs to attempt to quote or inject file.
Further; Customized adopted comparing result confidence level of system or untrusted degree; And can but scanning result and credible acceptance that presets or non-acceptance be compared; And can take different safeguard procedures according to comparing result, said system comparison process is suitable for pattern and is divided into two kinds, is respectively credible acceptance and unacceptable degree.
Particularly, the standard of said credible acceptance gives the user corresponding authority for promptly thinking credible when the file scan result acquires a certain degree with contrast confidence level index; Outside confidence level, promptly think to be unacceptable value, will remind or forbid that automatically the user uses or operate associated documents or program.
Particularly; The standard of said unacceptable degree just thinks insincere for having only when the file scan result can not the reliability index acquires a certain degree with contrast; To remind or forbid that automatically the user uses or operate associated documents or program this moment; And promptly thinking outside the untrusted zone is acceptable value, gives user-dependent authority.
The present invention provides a kind of document security means of defence, when document is opened, carries out system scan and application scan, prevents the injection of illegal program or not clear plug-in unit; The document guard technology that this method comprised simultaneously can pass through the extraction document eigenwert when document storing; And through comparing with confidence level that presets or untrusted degree; To take the necessary protection measure to it in case be lower than standard, thereby protect the safety of the core document of enterprises effectively.
Description of drawings
Fig. 1 is the schematic flow sheet that opens file in the document security means of defence provided by the invention;
Fig. 2 is a close file schematic flow sheet in the document security means of defence provided by the invention.
Embodiment
Specify the present invention below in conjunction with accompanying drawing, it explains principle of the present invention as the part of this instructions through embodiment, other aspects of the present invention, and characteristic and advantage thereof will become very clear through this detailed description.
Like Fig. 1, shown in 2, a kind of document security means of defence, wherein, said method does, when File Open, can use file security examination technology and can the extraction document safety protection technique when file is preserved, thus the safety of assurance file when opening and use.
Said file security examination technology is used for the residing system features of file is scanned and collects, and the characteristic for application program scans simultaneously.
Particularly, said system features comprises malicious plugins is opened, whether had to the characteristic of virus base, fire wall whether, whether malice link or illegal end is arranged.
Particularly, said application features comprises whether whether independent operating, application program inside comprise malice or illegal program or dynamic base etc., whether have that other programs or plug-in unit inject, information and other relevant informations of correlation circumstance when program is opened application program.、
Related file characteristic value was screened when said file security guard technology was used for file preserved, and prevented that file from comprising invalid information when preserving.
Particularly, said file characteristic value comprises file essential characteristic, file cache, whether comprises malicious code or illegal grand and whether have other programs to attempt to quote or inject file.
Further; Customized adopted comparing result confidence level of system or untrusted degree; And can but scanning result and credible acceptance that presets or non-acceptance be compared; And can take different safeguard procedures according to comparing result, said system comparison process is suitable for pattern and is divided into two kinds, is respectively credible acceptance and unacceptable degree.
Particularly, the standard of said credible acceptance gives the user corresponding authority for promptly thinking credible when the file scan result acquires a certain degree with contrast confidence level index; Outside confidence level, promptly think to be unacceptable value, will remind or forbid that automatically the user uses or operate associated documents or program.
Particularly; The standard of said unacceptable degree just thinks insincere for having only when the file scan result can not the reliability index acquires a certain degree with contrast; To remind or forbid that automatically the user uses or operate associated documents or program this moment; And promptly thinking outside the untrusted zone is acceptable value, gives user-dependent authority.
Invention comprises following two parts:
The workflow of said method is following:
One, when File Open, basic flow process is following: open file; Gathering system information; Collect fileinfo; The condition that presets of contrast is opened, warning or close file; Start fence operation; The normal file that uses.
Two, when closing of a file, basic flow process is following: acquisition program information; Collect fileinfo;
The condition that contrast is preset; Close, report to the police or do not allow close file; Start fence operation; Close file.
The present invention provides a kind of document security means of defence, when document is opened, carries out system scan and application scan, prevents the injection of illegal program or not clear plug-in unit; The document guard technology that this method comprised simultaneously can pass through the extraction document eigenwert when document storing; And through comparing with confidence level that presets or untrusted degree; To take the necessary protection measure to it in case be lower than standard, thereby protect the safety of the core document of enterprises effectively.
The above disclosed the preferred embodiments of the present invention that are merely can not limit the present invention's interest field certainly with this, so according to the equivalent variations that claim of the present invention is done, still belong to the scope that the present invention is contained.
Claims (9)
1. a document security means of defence is characterized in that, said method does, when File Open, can use file security examination technology and can the extraction document safety protection technique when file is preserved, thus the safety of assurance file when opening and use.
2. a kind of document security means of defence as claimed in claim 1 is characterized in that, said file security examination technology is used for the residing system features of file is scanned and collects, and the characteristic for application program scans simultaneously.
3. according to claim 1 or claim 2 a kind of document security means of defence is characterized in that, said system features comprises malicious plugins is opened, whether had to the characteristic of virus base, fire wall whether, whether malice link or illegal end are arranged.
4. according to claim 1 or claim 2 a kind of document security means of defence; It is characterized in that said application features comprises whether whether independent operating, application program inside comprise malice or illegal program or dynamic base etc., whether have that other programs or plug-in unit inject, information and other relevant informations of correlation circumstance when program is opened application program.
5. a kind of document security means of defence as claimed in claim 1 is characterized in that, related file characteristic value was screened when said file security guard technology was used for file preserved, and prevents that file from comprising invalid information when preserving.
6. like claim 1 or 5 described a kind of document security means of defences, it is characterized in that said file characteristic value comprises file essential characteristic, file cache, whether comprise malicious code or illegal grand and whether have other programs to attempt to quote or inject file.
7. a kind of document security means of defence as claimed in claim 1; It is characterized in that; Customized adopted comparing result confidence level of system or untrusted degree, but and can scanning result and the credible acceptance that presets or non-acceptance be compared, and can take different safeguard procedures according to comparing result; Said system comparison process is suitable for pattern and is divided into two kinds, is respectively credible acceptance and unacceptable degree.
8. like claim 1 or 7 described a kind of document security means of defences, it is characterized in that the standard of said credible acceptance gives the user corresponding authority for promptly thinking credible when the file scan result acquires a certain degree with contrast confidence level index; Outside confidence level, promptly think to be unacceptable value, will remind or forbid that automatically the user uses or operate associated documents or program.
9. like claim 1 or 7 described a kind of document security means of defences; It is characterized in that; The standard of said unacceptable degree just thinks insincere for having only when the file scan result can not the reliability index acquires a certain degree with contrast; To remind or forbid that automatically the user uses or operate associated documents or program this moment, and promptly thinking outside the untrusted zone is acceptable value, gives user-dependent authority.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101039654A CN102622551A (en) | 2012-04-11 | 2012-04-11 | File safety protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101039654A CN102622551A (en) | 2012-04-11 | 2012-04-11 | File safety protection method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102622551A true CN102622551A (en) | 2012-08-01 |
Family
ID=46562466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012101039654A Pending CN102622551A (en) | 2012-04-11 | 2012-04-11 | File safety protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102622551A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103942293A (en) * | 2014-04-11 | 2014-07-23 | 立德高科(北京)数码科技有限责任公司 | Self-destroying protection method based on malicious invasion of file system and device thereof |
| CN105550597A (en) * | 2015-12-24 | 2016-05-04 | 北京奇虎科技有限公司 | Information scanning based terminal management method and apparatus |
| CN105635139A (en) * | 2015-12-31 | 2016-06-01 | 深圳市安之天信息技术有限公司 | Anti-overflow-attack document security operation and analysis method and system |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1352426A (en) * | 2001-11-26 | 2002-06-05 | 北京实达铭泰计算机应用技术开发有限公司 | Computer virus prevention method |
| CN1770051A (en) * | 2004-11-04 | 2006-05-10 | 华为技术有限公司 | File safety detection method |
| US20090150419A1 (en) * | 2007-12-10 | 2009-06-11 | Won Ho Kim | Apparatus and method for removing malicious code inserted into file |
| CN101615230A (en) * | 2009-08-07 | 2009-12-30 | 浪潮电子信息产业股份有限公司 | The method of a kind of file credible execution and credible protection |
| US7681237B1 (en) * | 2004-05-13 | 2010-03-16 | Symantec Corporation | Semi-synchronous scanning of modified files in real time |
| CN101866407A (en) * | 2010-06-18 | 2010-10-20 | 北京九合创胜网络科技有限公司 | Method and device for realizing security of operating system platform |
| CN101969425A (en) * | 2009-07-28 | 2011-02-09 | 新奥特(北京)视频技术有限公司 | Method for simulating to open and execute file |
-
2012
- 2012-04-11 CN CN2012101039654A patent/CN102622551A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1352426A (en) * | 2001-11-26 | 2002-06-05 | 北京实达铭泰计算机应用技术开发有限公司 | Computer virus prevention method |
| US7681237B1 (en) * | 2004-05-13 | 2010-03-16 | Symantec Corporation | Semi-synchronous scanning of modified files in real time |
| CN1770051A (en) * | 2004-11-04 | 2006-05-10 | 华为技术有限公司 | File safety detection method |
| US20090150419A1 (en) * | 2007-12-10 | 2009-06-11 | Won Ho Kim | Apparatus and method for removing malicious code inserted into file |
| CN101969425A (en) * | 2009-07-28 | 2011-02-09 | 新奥特(北京)视频技术有限公司 | Method for simulating to open and execute file |
| CN101615230A (en) * | 2009-08-07 | 2009-12-30 | 浪潮电子信息产业股份有限公司 | The method of a kind of file credible execution and credible protection |
| CN101866407A (en) * | 2010-06-18 | 2010-10-20 | 北京九合创胜网络科技有限公司 | Method and device for realizing security of operating system platform |
Non-Patent Citations (3)
| Title |
|---|
| 张立红: "电子文件保护中的几个关键性问题", 《兰台世界》, 31 October 2008 (2008-10-31) * |
| 王虹等: "浅谈提高涉密文件安全防护能力的有效措施", 《信息与电脑》, 31 January 2011 (2011-01-31) * |
| 胡中庭: "操作系统启动可信、文件系统可信和应用可信", 《硕士学位论文全文数据库》, 31 May 2007 (2007-05-31) * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103942293A (en) * | 2014-04-11 | 2014-07-23 | 立德高科(北京)数码科技有限责任公司 | Self-destroying protection method based on malicious invasion of file system and device thereof |
| CN105550597A (en) * | 2015-12-24 | 2016-05-04 | 北京奇虎科技有限公司 | Information scanning based terminal management method and apparatus |
| CN105635139A (en) * | 2015-12-31 | 2016-06-01 | 深圳市安之天信息技术有限公司 | Anti-overflow-attack document security operation and analysis method and system |
| CN105635139B (en) * | 2015-12-31 | 2019-04-05 | 深圳市安之天信息技术有限公司 | A kind of method and system of the document security operation and analysis of anti-spilled attack |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105205358B (en) | The method and detection method that a kind of identification Android APP are reinforced | |
| KR102047782B1 (en) | Method and apparatus for recognizing cyber threats using correlational analytics | |
| Likarish et al. | Obfuscated malicious javascript detection using classification techniques | |
| CN103839002A (en) | Website source code malicious link injection monitoring method and device | |
| CN103810428B (en) | Method and device for detecting macro virus | |
| KR101663013B1 (en) | Apparatus and method for detecting code injection attack | |
| WO2014048257A1 (en) | Security protection system and method | |
| KR20140092884A (en) | Security box | |
| CN107277046B (en) | Anti-coercion password control method and device based on face recognition | |
| CN103619014B (en) | The method and system for preventing application data from revealing | |
| CN112671700B (en) | Enterprise economic management information security system | |
| CN101667232A (en) | Terminal credible security system and method based on credible computing | |
| CN105930728B (en) | A kind of application checking method and device | |
| Liu et al. | PSDEM: a feasible de-obfuscation method for malicious PowerShell detection | |
| CN112257007B (en) | Enterprise financial information management system | |
| CN102622551A (en) | File safety protection method | |
| CN116561809B (en) | Destroying method for identifying security medium based on point cloud | |
| CN110677415A (en) | Network information safety protection system | |
| JP5326063B1 (en) | Malicious shellcode detection apparatus and method using debug events | |
| Hu et al. | Research on Android ransomware protection technology | |
| Asiri et al. | Investigating usable indicators against cyber-attacks in industrial control systems | |
| CN107844700A (en) | A kind of method and system of intelligent protection operating system user account | |
| CN111581636A (en) | Network security monitoring equipment | |
| CN109495482A (en) | A kind of network data information safe transmission method | |
| CN112887288B (en) | Internet-based E-commerce platform intrusion detection front-end computer scanning system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120801 |