本文已被:浏览 1711次 下载 3695次
Received:July 31, 2009 Revised:September 16, 2009
Received:July 31, 2009 Revised:September 16, 2009
中文摘要: 详细阐述了文件运动轨迹追踪技术的实现方法,并提供基于该技术的文件运动轨迹追踪系统的解决方案。利用Windows文件系统过滤驱动对文件透明加密,并追踪文件运动轨迹。追踪文件离开工作安全域后,无法使用;在工作安全域内,只允许满足安全策略的进程操作追踪文件,其他进程则拒绝访问。对追踪文件的任何操作,文件运动轨迹追踪系统均记录日志并上传至服务器,既保证实时监控文件流向,杜绝危险性的操作,又便于以后对操作信息进行统计分析和审计。
Abstract:In this article, the implementation of tracing file trajectory is described in details. The solution of the tracing system based on tracing file trajectory is also provided. Taking advantages of transparent encrypt, which is based on the windows file system filter driver, the file trajectory is tracing as follows: the file is unable to be accessed once the tracing file is taken out of the working security domain. Only when the file in the security domain and the process is secure at the same time, it can be accessed by the handler. The tracing system will record all information about the operations on the file, besides log of the submission to the server. According to the processes above, the file trajectory is tracing on time, and hence can put an end to the dangerous operations. It is convenient to analyze and audit the results.
文章编号: 中图分类号: 文献标志码:
基金项目:
| Author Name | Affiliation |
| WANG Wen-Yu | 中国科学院 研究生院 北京 100049 |
| Author Name | Affiliation |
| WANG Wen-Yu | 中国科学院 研究生院 北京 100049 |
引用文本:
王文宇.文件运动轨迹追踪技术的研究及实现.计算机系统应用,2010,19(4):127-132
WANG Wen-Yu.Design and Implementation of Tracing File Trajectory.COMPUTER SYSTEMS APPLICATIONS,2010,19(4):127-132
王文宇.文件运动轨迹追踪技术的研究及实现.计算机系统应用,2010,19(4):127-132
WANG Wen-Yu.Design and Implementation of Tracing File Trajectory.COMPUTER SYSTEMS APPLICATIONS,2010,19(4):127-132
