CN117009957A - Clipboard data safety isolation method based on linux or credit terminal environment - Google Patents
Clipboard data safety isolation method based on linux or credit terminal environment Download PDFInfo
- Publication number
- CN117009957A CN117009957A CN202310970280.8A CN202310970280A CN117009957A CN 117009957 A CN117009957 A CN 117009957A CN 202310970280 A CN202310970280 A CN 202310970280A CN 117009957 A CN117009957 A CN 117009957A
- Authority
- CN
- China
- Prior art keywords
- data
- clipboard
- sandbox
- linux
- protected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000002955 isolation Methods 0.000 title claims abstract description 14
- 238000000034 method Methods 0.000 claims abstract description 103
- 244000035744 Hura crepitans Species 0.000 claims abstract description 91
- 230000008569 process Effects 0.000 claims abstract description 67
- 238000005516 engineering process Methods 0.000 claims description 23
- 230000007246 mechanism Effects 0.000 description 9
- 230000002155 anti-virotic effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000002265 prevention Effects 0.000 description 3
- 239000000243 solution Substances 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000008260 defense mechanism Effects 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 238000005192 partition Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 230000001066 destructive effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000002194 synthesizing effect Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 230000014616 translation Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/543—User-generated data transfer, e.g. clipboards, dynamic data exchange [DDE], object linking and embedding [OLE]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a clipboard data security isolation method based on a linux or information creation terminal environment, which comprises a first process, a clipboard platform and a second process, wherein the specific implementation steps of the first process comprise: the method comprises the steps of detecting copy information and temporarily storing the copy information on a clipboard of a terminal; judging whether the copied data is in a sandbox or not; if the copied data is in a sandbox, then: encrypting the data; a protected identification is appended to the data. The method has the advantages that by modifying the clipboard protocol of linux, when data is copied in a safe working space, the data is encrypted, a secret mark is carried in a data object, and when the data is pasted, whether the data is the object in the safe working space is judged, so that whether the clipboard is intercepted for pasting is determined, and the method has the following advantages: under the standard x11 or waiand protocol framework, the clipboard application library is modified, so that the clipboard application library is highly compatible, and can not be upgraded on the same operating system as long as the protocol is not overturned.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a clipboard data security isolation method based on a linux or information creation terminal environment.
Background
The clipboard technology is born on windows platform, and is popular with wide users because of convenience and easiness in use. Originally clipboard technology was used for text data copying between different applications on a stand-alone machine. With the development of technology, the clipboard technology is expanded to support various formats including html, mime, pictures, files, url and the like, and transmission channels which span equipment such as a remote desktop, a host-virtual machine, a cloud disk and the like are also increased, so that in the traditional terminal safety space (sandbox) technology, clipboard isolation is also an important means for preventing terminal data from losing;
under the created environment, domestic terminal operating system (UOS, kylin OS and the like) software lacks an effective terminal data security technology, and the prior terminal data isolation technology based on windows or macOS is basically injected into a process by a Hook method, so that data or network access behaviors or processes are modified, and the clipboard data interception technology realized by the Hook scheme has the following problems:
1. the hook needs to inject the same code into each process needing to be injected, such as intercepting the data copy of the clipboard, and needs to inject the intercepted code into all processes needing to use the clipboard, so that a large amount of cpu and memory resources are consumed, the response of the system is delayed, and the user feels stuck when using the system.
2. Many of the hard coding techniques used in the hook mount (hook) the intercepted code to an offset location specified in the memory of the runtime library or the execution file, and once the application or library is upgraded, the offset location changes, which may not only cause the hook to fail, but even cause the operating system to crash, resulting in loss of the running data.
3. The self defense mechanism of the operating system can limit the call authority of the hook, and if the defense mechanism of the operating system is triggered, the phenomena such as blue screen and the like can occur.
4. The Hook technology also becomes the key monitoring field of the anti-virus software, and part of Hook call can trigger false alarm of the anti-virus software, so that the system cannot normally operate.
5. Some applications have their own anti-hook mechanism, resulting in unsuccessful hook mounts.
Disclosure of Invention
In view of the above problems in the prior art, the main objective of the present invention is to provide a clipboard data security isolation method based on linux or a signal-wound terminal environment, so as to solve the problems in the prior art.
The technical scheme of the invention is as follows: the clipboard data safety isolation method based on the linux or information creation terminal environment comprises a first process, a clipboard platform and a second process, wherein the specific implementation steps of the first process comprise:
the method comprises the steps of detecting copy information and temporarily storing the copy information on a clipboard of a terminal;
judging whether the copied data is in a sandbox or not;
if the copied data is in a sandbox, then:
encrypting the data;
attaching a protected identifier to the data;
and informing the server that a clipboard copying event exists.
As a preferred embodiment, the clipboard platform includes a server recording clipboard related information and the server receiving a paste request, if the copied data is not in the sandbox, directly notifying the server that there is a clipboard copying event, on the one hand, making the server record the clipboard related information on the clipboard platform;
on the other hand, continuing the first process to wait for a clipboard paste event;
data is sent to the second process.
As a preferred embodiment, the specific implementation steps of the second process include:
sticking a clipboard;
after the clipboard is pasted, on one hand, a pasting request is received at a server side of the clipboard platform, and a signal is transmitted to a clipboard pasting event waiting for the clipboard;
on the other hand, the second process directly receives the data sent by the first process;
judging whether the copy data is protected by a sandbox;
if the copy data is not protected by the sandbox, the copy data is directly pasted to the process.
In a preferred embodiment, if the copy data is protected by the sandbox, it is further determined whether the pasting process is in the sandbox, if the process is in the sandbox, the data is decrypted, and the data is pasted to the process after the data is decrypted.
As a preferred embodiment, if the paste process is not in a sandbox, then paste data is refused to be local.
As a preferred implementation manner, the specific operation method for judging whether the copied data is in the sandbox is as follows:
viewing environment variables of a process: the environment variable of the process can contain information of the sandbox, and whether the copied data is in the sandbox is determined by checking the environment variable of the process;
viewing the file path: if the path of the copied data is in the sandbox, determining whether the path of the file is in the sandbox by looking at the path of the file;
using a sandbox management tool: some operating systems provide sandbox management tools by which to see if the copied data is within the sandbox.
As a preferred embodiment, the specific operation method for encrypting the data is as follows:
the encryption method provided by the sandbox environment, particularly the container technology of Linux, provides an isolated environment or encryption function based on DM-CRYPT and LUKS, and encrypts data.
As a preferred implementation manner, the specific operation method for attaching the protected identifier to the data is as follows:
using the extended attributes: both Linux and the environment of the originating terminal support the use of extended attributes to mark files or directories, and extended attributes to attach protected identities so that the data can be identified and protected in subsequent operations;
using an encryption tag: the data can be encrypted, and the protected identifier can be added to the encrypted data, so that the original data can be seen only after decryption, and a specific protection operation can be performed according to the protected identifier.
In a preferred embodiment, the specific operation method for determining whether the copy data is protected by the sandbox is to check the data path to determine whether the copy data is protected by the sandbox if the path of the copy data is in the sandbox.
As a preferred embodiment, the specific operation steps of determining whether the copy data is protected by the sandbox by checking the data path are as follows:
using the ls command to check the path and file name of the data;
determining whether the path is in the sandbox by checking the path of the file, acquiring the current working directory by using the pwd command, and comparing with the path of the file;
if the file path is within the sandbox, it may be determined that the data is protected by the sandbox, and if the file path is not within the sandbox, the data is not protected by the sandbox.
Compared with the prior art, the invention has the advantages and positive effects that,
according to the invention, by modifying the clipboard protocol of linux, when data is copied in a safe working space, the data is encrypted, a secret identifier is carried in a data object, and when the data is pasted, whether the data is the object in the safe working space is judged, so that whether the clipboard is intercepted for pasting is determined, and the method has the following beneficial effects:
1. under the standard x11 or wayland protocol framework, the clipboard application library is modified, the compatibility is strong, and the library can not be upgraded as long as the protocol is not overturned and upgraded on the same operating system;
2. without injection into any process, cpu or memory consumption is almost negligible;
3. the method does not need a hook technology, is a clipboard data isolation technology which is not invasive to application programs, is small in system invasion and cannot be misjudged by a protection mechanism of an operating system or anti-virus software;
4. the clipboard data transmission of all applications can be intercepted without special treatment on the applications with the hook prevention mechanism;
5. the application program version is promoted and degraded, and the interception effect of the clipboard is not affected.
Drawings
Fig. 1 is a schematic block diagram of a clipboard data security isolation method based on a linux or information creation terminal environment.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the invention, as presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention.
The invention will be further described with reference to the drawings and the specific embodiments
Examples
As shown in fig. 1, the clipboard data security isolation method based on linux or information creation terminal environment includes a first process, a clipboard platform and a second process, the clipboard platform includes a server side recording clipboard related information and the server side receiving a paste request, and the specific implementation steps of the first process include:
s1: the method comprises the steps of detecting copy information and temporarily storing the copy information on a clipboard of a terminal;
s2: judging whether the copied data is in the sandbox or not, wherein the specific operation method is to check the path of the file, and if the path of the copied data is in the sandbox, determining whether the copied data is in the sandbox or not by checking the path of the file;
the sandbox is a security mechanism in the field of computer security, and is used for providing an isolated environment for running programs, and is usually used for providing experiments for programs which are unreliable in sources, have destructive power or cannot judge program intention;
if the copied data is in the sandbox, the following operations are performed:
s3: encrypting data by an encryption method provided by a sandbox environment, particularly providing an isolated environment or an encryption function based on DM-CRYPT and LUKS by a container technology of Linux;
wherein dm-crypt is the device mapper encryption target of the Linux kernel, and is from Wikipedia: dm-crypt, which is a transparent block device encryption subsystem in the Linux kernel, which is implemented as a device mapper target and can be stacked on top of other device mapper translations, so that it can encrypt the entire disk, partition, software RAID volume, logical volume, and file, which is shown as a block device, usable to mount a file system, swap partition, or LVM physical volume;
the LUKS is an encryption technology for protecting data security, is one of the most commonly used encryption technologies in a Linux system, and the principle of the LUKS is that the data is stored on a disk after being encrypted, and the data can be accessed only through correct decryption, and the encryption technology can protect the data of a user from being acquired by an unauthorized visitor, so that the privacy and the security of the user are protected;
s4: the protected identifier is added on the data, the data can be encrypted by using the encryption tag, and the protected identifier is added in the encrypted data, so that the original data can be seen only after decryption, and specific protection operation can be carried out according to the protected identifier;
s5: informing a server side that a clipboard copying event exists;
if the copied data is not in the sandbox, S5 is not directly executed through S3 and S4, and the server is notified that a clipboard copying event exists, on the one hand, the server is enabled to record clipboard related information on the clipboard platform;
on the other hand, the first process is continued:
s7: waiting for a clipboard paste event;
s8: data is sent to the second process.
The implementation steps of the second process include:
s9: sticking a clipboard;
s10: after the clipboard is pasted, on the one hand, a pasting request is received at a server side of the clipboard platform, and a signal is transmitted to S7 to wait for a clipboard pasting event;
s11: on the other hand, the second process directly receives the data sent by the first process;
s12: judging whether the copy data is protected by a sandbox or not, wherein the specific operation method is to check a data path to determine whether the copy data is protected by the sandbox or not, if the path of the copy data is in the sandbox, the data path can be checked to determine whether the copy data is protected by the sandbox or not;
the specific operation steps of checking the data path in S12 to determine whether the copy data is protected by the sandbox are as follows:
s1201: using the ls command to check the path and file name of the data;
the ls instruction is one of the most common commands in Linux, and is also a very old command, which can be traced back to the Unix system at the earliest, and is the same command in even more old Multics;
s1202: determining whether the path is in the sandbox by checking the path of the file, acquiring the current working directory by using the pwd command, and comparing with the path of the file;
in the Linux hierarchy, to know the directory in which it is currently located, a pwd command may be used that displays the entire pathname;
s1203: if the file path is in the sandbox, the data can be determined to be protected by the sandbox, and if the file path is not in the sandbox, the data is not protected by the sandbox
If the copy data is sandboxed, then performing:
s13: judging whether the pasting process is in the sand box or not;
if the copy data is not protected by the sandbox, executing:
s14: directly pasting the copy data to the process;
for the determination in S13 as to whether the paste process is within the sandbox:
if the process is in the sandbox, then S15: decrypting the data, and executing S14 after decrypting the data: data is pasted to the process.
If the paste process is not within the sandbox, then execution S16: paste data to the local is refused.
Working principle:
as shown in fig. 1, in the first process, copy information is detected and temporarily stored in a clipboard of a terminal, then a file path is checked, if the path of copied data is in a sandbox, whether the copied data is in the sandbox is judged by checking the path of the file, if the copied data is in the sandbox, an isolated environment or an encryption function based on DM-CRYPT and LUKS is provided by using a container technology of Linux, the data is encrypted, an encryption tag is used, the data can be encrypted, and a protected identifier is added in the encrypted data, so that the original data can be seen only after decryption, a specific protection operation can be performed according to the protected identifier, and a server is notified that a clipboard copy event exists; if the copied data is not in the sandbox, directly informing the server of the data without encrypting the data and attaching a protected mark to the data, wherein the data has a clipboard copying event, and after the clipboard copying event is detected, on one hand, the server records the clipboard related information on the clipboard platform, on the other hand, waits for the clipboard pasting event, and sends the data to the second process;
in the second process, the clipboard is pasted, a pasting request is received at a clipboard platform server side on one hand, a signal is transmitted to a first process for waiting for a clipboard pasting event, on the other hand, the data transmitted by the first process is directly received by the second process, then whether the copy data is protected by a sandbox is judged, the specific operation method is that a data path is checked for determining, if the path of the copy data is in the sandbox, whether the copy data is protected by the sandbox can be determined by checking the path of the data, and if the copy data is not protected by the sandbox, the copy data is directly pasted to the process; if the copied data is protected by the sandbox, judging whether the pasting process is in the sandbox, if the process is in the sandbox, decrypting the data, pasting the data to the process, and if the pasting process is not in the sandbox, refusing to paste the data to the local. The technology can be realized under a standard X11 or waiand protocol framework (X11 is a protocol based on a client server architecture, in the X11, an application program interacts with a display through an X server, waiand is a protocol based on a synthesizer client architecture, in waiand, the application program interacts with a synthesizer directly, and the synthesizer is responsible for synthesizing the output of the application program into a final image), the clipboard application library is modified, the compatibility is strong, and the library can not be upgraded on the same operating system as long as the protocol is not subverted; without injection into any process, cpu or memory consumption is almost negligible; without using the hook technology (the hook is a system mechanism provided in Windows for replacing "interrupt" in DOS, chinese is translated into "hook" or "hook", after a hook is carried out on a specific system event, once the hook event occurs, a program carrying out the hook on the event can receive a notification of the system, and then the program can respond to the event at the first time), and the clipboard data isolation technology which is not invasive to an application program has small system invasion and cannot be misjudged by a protection mechanism of an operating system or virus-proof software; the clipboard data transmission of all applications can be intercepted without special treatment on the applications with the hook prevention mechanism; the application program version is promoted and degraded, and the interception effect of the clipboard is not affected.
Compared with the prior art, the method and the device have the advantages that by modifying the clipboard protocol of linux, when data is copied in a safe working space, the data is encrypted, a secret identifier is carried in a data object, and when the data is pasted, whether the data is the object in the safe working space is judged, so that whether the clipboard is intercepted for pasting is determined, and the method and the device have the following beneficial effects:
under the standard x11 or wayland protocol framework, the clipboard application library is modified, the compatibility is strong, and the library can not be upgraded as long as the protocol is not overturned and upgraded on the same operating system;
meanwhile, the method does not need to be injected into any process, the cpu or memory consumption is almost negligible, a hook technology is not needed, the application program is not invasive, the clipboard data isolation technology is not used, the system is not invasive, and the system cannot be misjudged by a protection mechanism of an operating system or anti-virus software;
in addition, the clipboard data transmission of all applications can be intercepted without special processing of the applications with the hook prevention mechanism, and meanwhile, the version of the application program is promoted and degraded, so that the interception effect of the clipboard is not affected.
Finally, it should be noted that: the embodiments described above are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced with equivalents; such modifications and substitutions do not depart from the spirit of the invention.
Claims (10)
1. The clipboard data security isolation method based on the linux or information creation terminal environment is characterized by comprising a first process, a clipboard platform and a second process, wherein the specific implementation steps of the first process comprise:
the method comprises the steps of detecting copy information and temporarily storing the copy information on a clipboard of a terminal;
judging whether the copied data is in a sandbox or not;
if the copied data is in a sandbox, then:
encrypting the data;
attaching a protected identifier to the data;
and informing the server that a clipboard copying event exists.
2. The method for safely isolating clipboard data based on linux or credit terminal environment according to claim 1, wherein the clipboard platform comprises a server for recording clipboard related information and a server for receiving a paste request, if copied data are not in a sandbox, directly informing the server that a clipboard copying event exists, and on the one hand, enabling the server to record the clipboard related information on the clipboard platform;
on the other hand, continuing the first process to wait for a clipboard paste event;
data is sent to the second process.
3. The method for safely isolating clipboard data based on linux or credit terminal environment according to claim 1, wherein the specific implementation steps of the second process include:
sticking a clipboard;
after the clipboard is pasted, on one hand, a pasting request is received at a server side of the clipboard platform, and a signal is transmitted to a clipboard pasting event waiting for the clipboard;
on the other hand, the second process directly receives the data sent by the first process;
judging whether the copy data is protected by a sandbox;
if the copy data is not protected by the sandbox, the copy data is directly pasted to the process.
4. The method for safely isolating clipboard data based on linux or credit terminal environment according to claim 3, wherein if the copied data is protected by a sandbox, further judging whether a pasting process is in the sandbox, if the process is in the sandbox, decrypting the data, and pasting the data to the process after decrypting the data.
5. The method for securely isolating clipboard data based on a linux or credit terminal environment according to claim 4, wherein if the paste process is not in a sandbox, then paste data is refused to be locally.
6. The method for safely isolating clipboard data based on linux or credit terminal environment according to claim 1, wherein the specific operation method for judging whether the copied data is in a sandbox is as follows:
viewing environment variables of a process: the environment variable of the process can contain information of the sandbox, and whether the copied data is in the sandbox is determined by checking the environment variable of the process;
viewing the file path: if the path of the copied data is in the sandbox, determining whether the path of the file is in the sandbox by looking at the path of the file;
using a sandbox management tool: some operating systems provide sandbox management tools by which to see if the copied data is within the sandbox.
7. The method for safely isolating clipboard data based on linux or information creation terminal environment according to claim 1, wherein the specific operation method for encrypting the data is as follows:
the encryption method provided by the sandbox environment, particularly the container technology of Linux, provides an isolated environment or encryption function based on DM-CRYPT and LUKS, and encrypts data.
8. The method for safely isolating clipboard data based on linux or information creation terminal environment according to claim 1, wherein the specific operation method for attaching the protected identifier to the data is as follows:
using the extended attributes: both Linux and the environment of the originating terminal support the use of extended attributes to mark files or directories, and extended attributes to attach protected identities so that the data can be identified and protected in subsequent operations;
using an encryption tag: the data can be encrypted, and the protected identifier can be added to the encrypted data, so that the original data can be seen only after decryption, and a specific protection operation can be performed according to the protected identifier.
9. The method for securely isolating clipboard data based on linux or credit terminal environment according to claim 1, wherein the specific operation method for determining whether the copy data is protected by a sandbox is to check a data path to determine whether the copy data is protected by the sandbox or not by checking the data path if the copy data is in the sandbox.
10. The method for securely isolating clipboard data based on linux or credit terminal environment according to claim 9, wherein the specific operation steps of checking the data path to determine whether the copy data is protected by a sandbox are as follows:
using the ls command to check the path and file name of the data;
determining whether the path is in the sandbox by checking the path of the file, acquiring the current working directory by using the pwd command, and comparing with the path of the file;
if the file path is within the sandbox, it may be determined that the data is protected by the sandbox, and if the file path is not within the sandbox, the data is not protected by the sandbox.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310970280.8A CN117009957A (en) | 2023-08-03 | 2023-08-03 | Clipboard data safety isolation method based on linux or credit terminal environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310970280.8A CN117009957A (en) | 2023-08-03 | 2023-08-03 | Clipboard data safety isolation method based on linux or credit terminal environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117009957A true CN117009957A (en) | 2023-11-07 |
Family
ID=88566757
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310970280.8A Withdrawn CN117009957A (en) | 2023-08-03 | 2023-08-03 | Clipboard data safety isolation method based on linux or credit terminal environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117009957A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119254770A (en) * | 2024-12-03 | 2025-01-03 | 北京庭宇科技有限公司 | Method, system and device for file transmission between multiple devices |
-
2023
- 2023-08-03 CN CN202310970280.8A patent/CN117009957A/en not_active Withdrawn
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119254770A (en) * | 2024-12-03 | 2025-01-03 | 北京庭宇科技有限公司 | Method, system and device for file transmission between multiple devices |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9705855B2 (en) | Secure data destruction in a distributed environment using key protection mechanisms | |
| US9348984B2 (en) | Method and system for protecting confidential information | |
| US6874139B2 (en) | Method and system for seamless integration of preprocessing and postprocessing functions with an existing application program | |
| US20020194389A1 (en) | Secure machine platform that interfaces to operating systems and customized control programs | |
| US8843926B2 (en) | Guest operating system using virtualized network communication | |
| CN110889130B (en) | Database-based fine-grained data encryption method, system and device | |
| US20040181691A1 (en) | System and method for real-time detection of computer system files intrusion | |
| CN106992851B (en) | TrustZone-based database file password encryption and decryption method and device and terminal equipment | |
| US9805197B2 (en) | Secure host operating system running a virtual guest operating system | |
| US10122739B2 (en) | Rootkit detection system and method | |
| CN115329389B (en) | File protection system and method based on data sandbox | |
| CN106339629A (en) | Application management method and device | |
| EP3079057B1 (en) | Method and device for realizing virtual machine introspection | |
| CN108334404B (en) | Application program running method and device | |
| US11113391B2 (en) | Method and computer system for preventing malicious software from attacking files of the computer system and corresponding non-transitory computer readable storage medium | |
| CN109657490B (en) | Transparent encryption and decryption method and system for office files | |
| US20240163264A1 (en) | Real-time data encryption/decryption security system and method for network-based storage | |
| CN117009957A (en) | Clipboard data safety isolation method based on linux or credit terminal environment | |
| EP4006758B1 (en) | Data storage apparatus with variable computer file system | |
| CN112434285B (en) | File management method, device, electronic equipment and storage medium | |
| CN109167785B (en) | Calling method of virtual trusted root and service server | |
| CN117034330B (en) | macOS-based safety protection method, macOS-based safety protection equipment and storage medium | |
| CN104899512A (en) | Windows system service descriptor table tamper-proofing apparatus and method | |
| KR102675729B1 (en) | Data protection methods and Apparatus in Linux-based OS | |
| RU2768196C2 (en) | Protected storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20231107 |
|
| WW01 | Invention patent application withdrawn after publication |