CN103150499A - Protection method for preventing file from being leaked in encrypted form - Google Patents
Protection method for preventing file from being leaked in encrypted form Download PDFInfo
- Publication number
- CN103150499A CN103150499A CN201310072416XA CN201310072416A CN103150499A CN 103150499 A CN103150499 A CN 103150499A CN 201310072416X A CN201310072416X A CN 201310072416XA CN 201310072416 A CN201310072416 A CN 201310072416A CN 103150499 A CN103150499 A CN 103150499A
- Authority
- CN
- China
- Prior art keywords
- archives
- secret
- write
- program
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims description 37
- 238000004458 analytical method Methods 0.000 claims abstract description 49
- 238000012544 monitoring process Methods 0.000 claims abstract description 21
- 230000008569 process Effects 0.000 claims description 21
- 230000006835 compression Effects 0.000 claims description 8
- 238000007906 compression Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 230000007123 defense Effects 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 claims description 4
- 238000009434 installation Methods 0.000 claims description 2
- 241000094396 Bolitoglossa carri Species 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 6
- 238000012217 deletion Methods 0.000 description 3
- 230000037430 deletion Effects 0.000 description 3
- 230000014509 gene expression Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a solution, aiming at preventing confidential documents from being leaked to the outside in an encrypted form by users, compared with some confidential protection systems which adopt a protection mode of comprehensively controlling external transmission of the confidential documents or carry out external flow control on all documents based on a plurality of heuristic principles, the invention monitors the encryption behavior of the users from the bottom layer of the system, and adopts precautionary measures in the condition that confidential documents can be encrypted, thereby not influencing the functions and convenience of the application systems of the users and simultaneously improving the accuracy of confidential monitoring operation. The invention adopts a comprehensive analysis method based on information entropy and file comparison, and can effectively judge the format of the ciphertext file generated by most encryption algorithms.
Description
Technical field
The present invention a kind ofly prevents archives with the means of defence that encrypted form leaks, and is mainly used in secret protection (Data Leakage Prevention) system.The secret guard system is when carrying out the content analysis of archives, if user's file externally transmits through encryption again, secret guard system just can't carry out content analysis and how determine keyholed back plate these ciphertexts in theory.The present invention proposes a solution, prevent classified papers with the form of encrypting to outward leakage, belong to the core technology in secret protection field.
Background technology
The secret guard system need to carry out the content analysis of archives, to determine whether allow the user externally to transmit these archives.If externally transmit but the user first gives archives encryption, secret guard system just can't carry out to these ciphertexts the operation of content analysis in theory again.Some secret guard system adopts completely forbids the monitor mode that doubtful ciphertext archives externally transmit, but this relates to the identification of numerous ciphertext forms, application system function and convenience that also can limited subscriber.And this patent is monitored for user's encryption and compression behavior from system bottom, can prevent confidential file by the user with encrypted form to outward leakage, also be unlikely to affect user's application system function and convenience.
Other prevent that confidential file is to the conventional art of outward leakage; for example the Taiwan patent announcement numbers 343301; " in order to information safety system and the method for tracked information outflow situation "; the method that proposes is: utilize different security strategies to carry out different data guard methods; when its emphasis will outflow for the data that need only enterprises; user side just must with specific supervision server-side line; obtain to authorize and just let pass afterwards, or by server-side, data are given spreading out of false data after transcoding again.This method requires server-side can respond immediately the demand of user side, has increased the load of Intranet and has influence on speed and the quality of network service, also need to install, safeguard specific servo-drive system just can prevent confidential data to outward leakage.
Separately in Taiwan patent publication No. 200839549, in the middle of " a kind of method that archives outflow is followed the trail of ", can find has some similar technical though to this case.Yet but described scheme is to utilize the comparison method of the filename of user side identification archives, archives amount of capacity, archives fragments character string, can't follow the trail of immediately and find rapidly the relevant problems such as archives and blabber of divulging a secret in conventional art to solve.Its another purpose is to prevent that user side from using the archives that should not hold to carry out illegal behavior or the facts that confidential file outflows is occured, to reach the function of tracking, supervision and administer archive.But the behavior that this scheme externally spreads out of after also archives first not being encrypted for the user as this patent is again monitored, if the file that externally transmits of user has passed through encryption in theory, any secret guard system will be difficult to the content of these ciphertexts is analyzed operation with keyholed back plate.The present invention proposes a solution, monitor for user's encryption behavior from system bottom, can be employed program encryption at very first time control classified papers, thereby improved efficient and the application system functional surfaces of secret protection operation.
Summary of the invention
Patent purpose of the present invention is to set up and a kind ofly prevents that archives with the means of defence that encrypted form leaks, are mainly used in secret guard system.When externally transmitting ciphertext again after the user first is encrypted operation to classified papers, secret guard system just can't carry out content analysis and the keyholed back plate of these ciphertext archives in theory, the present invention proposes a solution, prevent confidential file with the form of encrypting to outward leakage, and can not limit function and the availability of application system.
The secret guard system is when carrying out secret monitoring task, and whether the content of a file that must be able to judge rightly comprises the defined secret of policy, in order to carry out suitable protection operation.But when carrying out the content analysis of archive files, if the file that the user externally transmits has passed through encryption, secret guard system just can't carry out content analysis and follow-up keyholed back plate operation to these ciphertext archives in theory.
the present invention proposes a kind of means of defence that prevents that archives from leaking with encrypted form, at first described secret method for supervising carries out the processing of application programming interface hook (API Hook) for subject thread, the API that links up with is the relevant system API of archives read-write behavior, such as API such as the ReadFile of kernel32.dll and WriteFile, inserting these hooks when application software activates monitors, after in case certain thread has read confidential file, system of the present invention namely enters the guard mode that prevents from adding the secret writing shelves, at thread described in this state all write out the action of archives all can be analyzed, whether classified papers are encrypted transcoding and write out the ciphertext archives to judge described program, if analysis result thinks that described thread executed encrypts the operation of written document, system of the present invention will be according to secret protection policy defined, warn, encrypt again, deletion, the protection operation such as check, so can prevent that application program is encrypted processing with classified papers in the very first time, thereby the monitoring difficult problem when avoiding the dense document of the follow-up external conveyer of user, for can identification numerous encrypt file forms to carry out correct protection operation, the present invention adopts a kind of comprehensive analysis method based on information entropy and archives comparison, can effectively judge the cryptograph files form that most of cryptographic algorithm produce.
A kind ofly prevent archives with the means of defence that encrypted form leaks, lie in content analysis and the end points monitoring task of secret guard system, the method for described end points monitoring task comprises the following steps:
Step a. loads the kinematic function storehouse of a monitoring secret when described secret guard system detects the user when enabling application program, and juxtaposition enters the relevant application programming interface hook of archives read-write;
Step b. is detecting described application program when reading archives when the described application programming interface hook of inserting, protect program by communication conduit announcement machine tight defense between program, carry out the content analysis operation of described archives, to judge described application program, whether the behavior that classified papers are encrypted is arranged;
The described application program of step c if non-classified papers allow it to proceed archives read-write operation, enters for classified papers and writes a grade monitor state when receiving that content analysis that described secret guard system is passed back as a result;
Steps d. described application program will be analyzed the form that all write out archives in described written document monitor state, if be judged as encryption format, order according to secret policy and protect accordingly operation.
described secret guard process, in the resident program of user machine system with a pre-installation, the policy of being responsible for secret guard system loads and carries out, content analysis, check and record operation, the application programming interface hook that described archives read-write is relevant, refer to described application programming interface hook technology, read archives for described application program, the essential operating system function library of using when writing out the archives operation, get involved and carry out extra monitoring processing therebetween, described application programming interface hook, when described application program reads archives, namely enter the monitoring flow process of relevant described hook, described monitoring flow process utilizes between program communication conduit to notify described secret guard process, ask described secret guard process to carry out the content analysis operation of target folder, and obtain analysis result, described application programming interface hook is when controlling the encryption written document, when between described program, communication conduit receives that content analysis that described secret guard system passes back as a result, if described target folder is not classified papers, continue the described archives read-write of described program, do not do any protection, if classified papers enter the described grade monitor state of writing, described application program is described when writing grade monitor state when entering, write out the form of archives with analyzing all, if judge that it is that encryption format protects operation accordingly according to described secret policy is ordered, comprise and checking, caution, the operation of encrypting again or delete files, if the archives that write out and noncryptic format, continue the described archives read-write of described program, do not do any protection,
Whether the described archives of described analysis are the method for encryption format, and the compare of analysis based on information entropy and file length the steps include:
A. check and filter that the archives that described application program is write out are the situation of former archives, in order to avoid judge the ciphertext form by accident;
B. check and filter that the archives that described application program is write out are the situation of Base64 coding, in order to avoid erroneous judgement ciphertext form;
C. calculate the entropy that has write out archive content, if entropy is considered as noncryptic format lower than a certain threshold value of presetting (decided at the higher level but not officially announced);
If d. the entropy of described archive content is higher than described threshold value, further analyze described archive content and be whether the compressed format preset (such as, compressed format commonly used), cause the situation of erroneous judgement to avoid compressed format;
If e. described archive content is not that the compressed format of presetting is carried out the compare of analysis of described archive content length again, to determine that whether the described described archive content that writes out is as encryption format.
The method that wherein compares according to described archive content length the steps include:
A. calculate length after the compression of former archive content as with reference to value;
B. carry out and the described comparison of writing out file length;
C. the ciphertext file length as described benchmark is: the specific factor scope of the length after former archive content compression, and the specific factor scope of described former archive content length, and both are ciphertext length;
If d. the described length of writing out archives meets described ciphertext file length, judge that the archives that write out are the ciphertext form, otherwise be non-ciphertext form.
The means of defence that prevents that archives from leaking with encrypted form provided by the present invention mutually relatively the time, has more following advantage with aforementioned case and other conventional arts quoted as proof:
1. the means of defence that prevents that archives from leaking with encrypted form of the present invention, application program protects the very first time that classified papers are encrypted processing from operation, thus the monitoring difficult problem when avoiding subsequent user externally to transmit confidential document.
2. the means of defence that prevents that archives from leaking with encrypted form of the present invention, application system function and convenience that can limited subscriber.
3. the means of defence that prevents that archives from leaking with encrypted form of the present invention, adopt a kind of comprehensive analysis method based on information entropy and archives comparison, can effectively judge the cryptograph files form that most of cryptographic algorithm produce.
Description of drawings
Fig. 1 is the system architecture diagram that the present invention prevents the means of defence embodiment that archives leak with encrypted form;
Fig. 2 is the encrypted application monitoring process flow diagram that the present invention prevents the means of defence embodiment that archives leak with encrypted form;
Fig. 3 is the ciphertext format analysis process flow diagram that the present invention prevents the means of defence embodiment that archives leak with encrypted form;
Description of reference numerals
110 users;
120 classified papers;
130 encrypted application;
140 archives;
150 computer systems;
160 kinematic function storehouses;
170 secret administrative centers;
180 secret guard system programs;
200~260 encrypted application monitoring flow processs;
300~380 ciphertext format analysis flow processs.
Embodiment
please refer to Fig. 1, prevent the system architecture diagram of the means of defence embodiment that archives leak with encrypted form for the present invention, by in figure as can be known, user 110 is when operation computer system 150, the encrypted application 130 of enabling can read classified papers 120 and carry out the operation of transcoding and encrypting again, when starting, encrypted application 130 can first load secret monitoring kinematic function of the present invention storehouse 160, load mode can utilize mechanism that operating system provides or by the startup of secret guard system program 180 all programs of persistent surveillance and inserted by long-range, when encrypted application 130 reads a certain classified papers 120, be preset in the API hook that the kinematic function storehouse 160 of encrypted application 130 is monitored, namely utilize the mode announcement machine tight defense protecting system program 180 of communication between program (Inter Process Communication), carry out the content analysis of described archives, so that encrypted application 130 judges whether to read the archives that contain secret content and must enter the protection state that adds the secret writing shelves, if encrypted application 130 has been write out some archives 140 in this protection state, this moment, application program 130 can analyze immediately whether the described archives that write out 140 are encrypted file, if through being judged as encrypted file according to the described archives 140 of deletion shown in secret protection policy, or encrypt again, isolation, the protection operation such as check, secret guard system program 180 is uploaded to this logout secret administrative center 170 server-sides and carries out auditing management website.
please refer to Fig. 2, prevent the encrypted application monitoring process flow diagram of the means of defence embodiment that archives leak with encrypted form for the present invention, when detecting, system enters detecting and the treatment scheme of analyzing when encrypted application starts 200, at first the hook that carries out the relevant API of archives read-write operation arranges 210, to monitor its follow-up secret writing shelves corelation behaviour that adds, when described thread has read a certain archives 220, read the relevant API hook of shelves, the ReadFile of Kernel32.dll for example, can carry out the content analysis 230 of described archives with the method announcement machine tight defense program of protecting of signature pipeline (Named Pipe) immediately, whether the result that judges described analysis file is to encrypt 231, if the result of described analysis file is without secret content, need not be encrypted the protection of written document, application program can continue to complete the operation 270 of its archives read-write, if it is classified papers that analysis result represents the archives that read, need carry out the monitoring 240 of this application program written document operation, if next described application program has any behavior 250 of writing out archives, write the relevant API hook of shelves, for example the WriteFile of Kernel32.dll and CloseHandle can first find archives and whether pathname is the analysis of generic-document form 251 or encrypted file 252 again, if the archives that analysis result 251 expressions have been write out are the generic-document form, can continue to complete the operation 270 of its archives read-write, if be not generic-document form 252, whether be the analysis 252 of encrypted file, warn according to shown in secret protection policy again, encrypt again, check or the correlative protection operation 260 such as deletion.Not need not to protect if the result of described analysis file 251 is not the ciphertext form, application program can continue to complete the operation 270 of its archives read-write.
please refer to Fig. 3, prevent the ciphertext format analysis process flow diagram of the means of defence embodiment that archives leak with encrypted form for the present invention, at first read the archive content 300 that has write out, then carry out the mutual comparison 310 of content with former archives, judge whether identical 311, if identical i.e. expression is not ciphertext form and pass False value 380 back through both contents after comparison, and the analysis process of end ciphertext form, otherwise judge again whether archive content is Base64 coded format 312, if Base64 coded format, carry out decoding operation 320, and then get back to above-mentioned archive content and compare flow process 310, if not Base64 coded format, computational data content entropy (Entropy) value 330, entropy is a kind of based on the mathematical measure of information theory (Information Theory) about uncertain (Uncertainty), as follows:
its representation unit is generally bits/byte, minimum value levels off to 0, maximal value levels off to 8, the present invention is applied to him the judgement of cryptograph files form, generally speaking, represent that the coded combination of described archive content is quite random if the entropy that calculates is higher, and be difficult to further compress described archive content, most ciphertext archives, the forms such as the archives that compressed or multimedia video file, it is all the archive content with high entropy, judge that whether entropy is greater than threshold value 331, if the entropy of the described archive content of result of calculation is less than threshold value decided at the higher level but not officially announced, for example less than 7.0, pass the analysis process that False value 380 finishes the ciphertext form back, otherwise, if the entropy of described archive content is greater than threshold value decided at the higher level but not officially announced, whether carry out archive content is the analysis 332 of Normal squeezing form, refer to ZIP at this so-called Normal squeezing form, GZIP, RAR, ARJ, the compressing file form that LZH etc. are common, further analyze the form 333 that whether belongs to compress-encrypt when judging that described archive content is compressed format, analysis result is if not the compress-encrypt form is passed False value 360 back, otherwise namely pass the True value back and finish ciphertext format analysis flow process 370, if judge that before described archive content is not general compressed format, proceed the comparison with former archive content, calculate reduction length 340 here, utilize the comparison 350 of file length to judge that take further whether the described archive content that writes out is as ciphertext form 351, this is based on the ciphertext file length that general cryptographic algorithm produces, usually can be equal to or slightly greater than original plaintext file length Lo, but because many encipherors can be integrated the function of compression, it is little causing the anti-more former file length of ciphertext file length, so the length L c of this method after also need calculating former archive content operative norm ZIP compression herein is as reference value 340, ciphertext as judgment standard may may be defined as by length L e: 0.8 of length L c times of 1.3 times of left and right to Lc after the compression of described former archive content, and 1.1 times of left and right of former file length Lo to Lo, possible ciphertext length L e both.When the archive content length of writing out not is above-mentioned two kinds of possible ciphertext length, pass False value 380 process ends back, if can be considered the ciphertext form, ciphertext length passes the flow process that True value 370 finishes the ciphertext format analysis back.
The above embodiment has only expressed several embodiment of the present invention, and it describes comparatively concrete and detailed, but can not therefore be interpreted as the restriction to the scope of the claims of the present invention.Should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be as the criterion with claims.
Claims (8)
1. one kind prevents that archives from the means of defence that encrypted form leaks, is characterized in that, lies in content analysis and the end points monitoring task of secret guard system, and the method for described end points monitoring task comprises the following steps:
Step a. loads the kinematic function storehouse of a monitoring secret when described secret guard system detects the user when enabling application program, and juxtaposition enters the relevant application programming interface hook of archives read-write;
Step b. is detecting described application program when reading archives when the described application programming interface hook of inserting, protect program by communication conduit announcement machine tight defense between program, carry out the content analysis operation of described archives, to judge described application program, whether the behavior that classified papers are encrypted is arranged;
The described application program of step c is when receiving that content analysis that described secret guard system is passed back as a result, if non-classified papers allow it to proceed archives read-write operation, for classified papers, enters and writes a grade monitor state;
Steps d. described application program will analyze in described writing in grade monitor state the form that all write out archives, protect accordingly operation according to secret policy is ordered if be judged as encryption format.
2. the means of defence that prevents that archives from leaking with encrypted form according to claim 1, it is characterized in that, described secret guard process, be with a pre-installation in the resident program of user machine system, be used for secret guard system policy loading and execution, content analysis, check and record operation.
3. the means of defence that prevents that archives from leaking with encrypted form according to claim 1, it is characterized in that, the application programming interface hook that described archives read-write is relevant, refer to described application programming interface hook technology, for the operating system function library that described application program reads archives, must use when writing out the archives operation, get involved and carry out extra monitoring processing therebetween.
4. the means of defence that prevents that archives from leaking with encrypted form according to claim 1, it is characterized in that, described application programming interface hook, when described application program reads archives, namely enter the monitoring flow process of relevant described hook, described monitoring flow process utilizes between program communication conduit to notify described secret guard process, asks described secret guard process to carry out the content analysis operation of target folder, and obtains analysis result.
5. the means of defence that prevents that archives from leaking with encrypted form according to claim 1, it is characterized in that, described application programming interface hook is when control adds the secret writing shelves, when between described program, communication conduit receives that content analysis that described secret guard system passes back as a result, if described target folder is not classified papers, continue the described archives read-write of described program, do not do any protection, if classified papers enter the described grade monitor state of writing.
6. the means of defence that prevents that archives from leaking with encrypted form according to claim 5, it is characterized in that, described application program is described when writing grade monitor state when entering, write out the form of archives with analyzing all, if judge that it is encryption format, order according to described secret policy and protect accordingly operation, comprise the operation of checking, warn, encrypt again or delete files, if the archives that write out and noncryptic format continue the described archives read-write of described program, do not do any protection.
7. according to claim 6ly prevent that archives from the means of defence that encrypted form leaks, is characterized in that, whether the described archives of described analysis are the method for encryption format, and the compare of analysis based on information entropy and file length the steps include:
Step a. checks and filters that archives that described application program is write out are the situation of former archives;
Step b. checks and filters that the archives that described application program is write out are the situation of Base64 coding;
Step c is calculated the entropy that has write out archive content, if entropy is considered as noncryptic format lower than a certain default threshold value;
Steps d. if the entropy of described archive content is higher than described threshold value, and whether further analyze described archive content is the compressed format of presetting;
If the described archive content of step e. is not the compressed format of presetting, carry out again the compare of analysis of described archive content length, to determine that whether the described described archive content that writes out is as encryption format.
8. according to claim 7ly prevent that archives from the means of defence that encrypted form leaks, is characterized in that, the method that wherein compares according to described archive content length the steps include:
The length that step a. calculates after former archive content compression is worth as reference;
Step b. carries out and the described comparison of writing out file length;
Step c as the ciphertext file length of described benchmark is: the specific factor scope of the length after former archive content compression, and the specific factor scope of described former archive content length, and both are ciphertext length;
Steps d. if the described length of writing out archives meets described ciphertext file length, judges that the archives that write out are the ciphertext form, otherwise is non-ciphertext form.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW101150378 | 2012-12-27 | ||
| TW101150378A TWI488066B (en) | 2012-12-27 | 2012-12-27 | System and method to prevent confidential documents from being encrypted and delivered out |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103150499A true CN103150499A (en) | 2013-06-12 |
Family
ID=48548572
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310072416XA Pending CN103150499A (en) | 2012-12-27 | 2013-03-07 | Protection method for preventing file from being leaked in encrypted form |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103150499A (en) |
| TW (1) | TWI488066B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106156651A (en) * | 2016-04-13 | 2016-11-23 | 上海旗帜信息技术有限公司 | The system and method judging enterprise's confidential electronic data based on cloud computing technology |
| CN106548083A (en) * | 2016-11-25 | 2017-03-29 | 维沃移动通信有限公司 | A kind of note encryption method and terminal |
| WO2019000737A1 (en) * | 2017-06-30 | 2019-01-03 | 武汉斗鱼网络科技有限公司 | File decryption method and device, computer readable storage medium and apparatus |
| WO2019000736A1 (en) * | 2017-06-30 | 2019-01-03 | 武汉斗鱼网络科技有限公司 | File encryption method and device, computer readable storage medium and apparatus |
| CN112287067A (en) * | 2020-10-29 | 2021-01-29 | 国家电网有限公司信息通信分公司 | Sensitive event visualization application implementation method, system and terminal based on semantic analysis |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI608379B (en) * | 2015-12-31 | 2017-12-11 | 玉山商業銀行股份有限公司 | Information management method, host device and system for data protection in accessing process |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101101622A (en) * | 2007-07-10 | 2008-01-09 | 北京鼎信高科信息技术有限公司 | Method for constructing transparent coding environment |
| CN101960465A (en) * | 2008-03-03 | 2011-01-26 | 日本电气株式会社 | Classified information leakage prevention system and classified information leakage prevention method |
| EP2521034A1 (en) * | 2010-05-21 | 2012-11-07 | ZTE Corporation | Managing method, device and terminal for application program |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6993603B2 (en) * | 2002-12-09 | 2006-01-31 | Microsoft Corporation | Managed file system filter model and architecture |
| US20060190723A1 (en) * | 2005-02-18 | 2006-08-24 | Jp Morgan Chase Bank | Payload layer security for file transfer |
| CN100385367C (en) * | 2005-08-05 | 2008-04-30 | 四零四科技股份有限公司 | Encryption method for program |
| CN1917676A (en) * | 2005-08-19 | 2007-02-21 | 佛山市顺德区顺达电脑厂有限公司 | Encryption method for hinding data from specific source |
| CN101957893B (en) * | 2009-07-15 | 2013-02-20 | 精品科技股份有限公司 | File permission management system |
-
2012
- 2012-12-27 TW TW101150378A patent/TWI488066B/en not_active IP Right Cessation
-
2013
- 2013-03-07 CN CN201310072416XA patent/CN103150499A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101101622A (en) * | 2007-07-10 | 2008-01-09 | 北京鼎信高科信息技术有限公司 | Method for constructing transparent coding environment |
| CN101960465A (en) * | 2008-03-03 | 2011-01-26 | 日本电气株式会社 | Classified information leakage prevention system and classified information leakage prevention method |
| EP2521034A1 (en) * | 2010-05-21 | 2012-11-07 | ZTE Corporation | Managing method, device and terminal for application program |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106156651A (en) * | 2016-04-13 | 2016-11-23 | 上海旗帜信息技术有限公司 | The system and method judging enterprise's confidential electronic data based on cloud computing technology |
| CN106548083A (en) * | 2016-11-25 | 2017-03-29 | 维沃移动通信有限公司 | A kind of note encryption method and terminal |
| CN106548083B (en) * | 2016-11-25 | 2019-10-15 | 维沃移动通信有限公司 | A kind of note encryption method and terminal |
| WO2019000737A1 (en) * | 2017-06-30 | 2019-01-03 | 武汉斗鱼网络科技有限公司 | File decryption method and device, computer readable storage medium and apparatus |
| WO2019000736A1 (en) * | 2017-06-30 | 2019-01-03 | 武汉斗鱼网络科技有限公司 | File encryption method and device, computer readable storage medium and apparatus |
| CN112287067A (en) * | 2020-10-29 | 2021-01-29 | 国家电网有限公司信息通信分公司 | Sensitive event visualization application implementation method, system and terminal based on semantic analysis |
Also Published As
| Publication number | Publication date |
|---|---|
| TWI488066B (en) | 2015-06-11 |
| TW201426393A (en) | 2014-07-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101430752B (en) | Sensitive data switching control module and method for computer and movable memory device | |
| CN103150499A (en) | Protection method for preventing file from being leaked in encrypted form | |
| US8438630B1 (en) | Data loss prevention system employing encryption detection | |
| US9027123B2 (en) | Data dependence analyzer, information processor, data dependence analysis method and program | |
| CN112637166A (en) | Data transmission method, device, terminal and storage medium | |
| CN102006186B (en) | System for monitoring illegal external connection of intranet equipment and method thereof | |
| CN101923678A (en) | Data security protection method of enterprise management software | |
| CN105635131B (en) | Transmit data method, device and server | |
| US12088583B2 (en) | Permissions for backup-related operations | |
| CN105740725A (en) | File protection method and system | |
| EP2835978A2 (en) | System and method of motion detection on encrypted or scrambled video data streams | |
| CN110543761A (en) | big data analysis method applied to information security field | |
| CN111193740A (en) | Encryption method, device, decryption method, computer device and storage medium | |
| Kotov et al. | Understanding crypto-ransomware | |
| US9154506B1 (en) | System and method for secure data generation and transmission | |
| US12124595B2 (en) | Detecting unauthorized encryptions in data storage systems | |
| CN103745166A (en) | Method and device for inspecting file attribute value | |
| CN114528602B (en) | Security chip operation method and device based on attack detection behavior | |
| CN204680024U (en) | Computer security based on dynamic human face recognition technology is taken precautions against and early warning system | |
| CN103902922A (en) | Method and system for preventing file from being stolen | |
| CN202050425U (en) | Illegal external connection monitoring system for internal network equipment | |
| US9450965B2 (en) | Mobile device, program, and control method | |
| WO2020100061A1 (en) | Method and device for monitoring data output by a server | |
| KR101899774B1 (en) | Data processing method against Randsomeware, computer program therefor and a computer-readable recording meduim on which the program is recorded | |
| CN116595573A (en) | Data security reinforcement method and device for traffic management information system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130612 |