CN113849858A - Method, device, computer storage medium and terminal for realizing file supervision - Google Patents
Method, device, computer storage medium and terminal for realizing file supervision Download PDFInfo
- Publication number
- CN113849858A CN113849858A CN202111155062.6A CN202111155062A CN113849858A CN 113849858 A CN113849858 A CN 113849858A CN 202111155062 A CN202111155062 A CN 202111155062A CN 113849858 A CN113849858 A CN 113849858A
- Authority
- CN
- China
- Prior art keywords
- file
- determining
- address
- terminal
- storage medium
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000004590 computer program Methods 0.000 claims description 14
- 230000008439 repair process Effects 0.000 abstract description 4
- 238000004458 analytical method Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
Disclosed herein are a method, an apparatus, a computer storage medium and a terminal for implementing file supervision, including: when the terminal monitors that the mobile storage medium transmits the first file, determining a second file matched with the first file in a magnetic disk of the terminal; determining the storage address of the second file as the source file address of the first file; and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode. The embodiment of the invention feeds back the source file address of the first file when the mobile storage medium transmits the file containing the sensitive information, provides information support for realizing the processing of safety analysis, repair and the like of the first file, and improves the safety of the file and the stability of the system.
Description
Technical Field
The present disclosure relates to, but not limited to, information security technologies, and in particular, to a method, an apparatus, a computer storage medium, and a terminal for implementing document management.
Background
With the increasing use of mobile storage media, the problem of information security caused by the cross use of mobile storage media in a confidential information system, an intranet information system and an internet information system is receiving more and more attention.
At present, in the related art, a preset monitoring driver is mainly used on a terminal to monitor the write operation of a mobile storage medium, determine that the file content of the write operation contains sensitive information, and prevent the write operation.
Disclosure of Invention
The following is a summary of the subject matter described in detail herein. This summary is not intended to limit the scope of the claims.
The embodiment of the invention provides a method and a device for realizing file supervision, a computer storage medium and a terminal, which can improve the security of files and the stability of a system.
The embodiment of the invention provides a method for realizing file supervision, which comprises the following steps:
when the terminal monitors that the mobile storage medium transmits the first file, determining a second file matched with the first file in a magnetic disk of the terminal;
determining the storage address of the second file as the source file address of the first file;
and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
On the other hand, an embodiment of the present invention further provides a computer storage medium, where a computer program is stored in the computer storage medium, and when the computer program is executed by a processor, the method for implementing file supervision as described above is implemented.
In another aspect, an embodiment of the present invention further provides a terminal, including: a memory and a processor, the memory having a computer program stored therein; wherein,
the processor is configured to execute the computer program in the memory;
the computer program, when executed by the processor, implements a method of implementing document administration as described above.
In another aspect, an embodiment of the present invention further provides an apparatus for implementing file supervision, where the apparatus includes: the device comprises a matching unit, a determining unit and a feedback unit; wherein,
the matching unit is set as follows: when the mobile storage medium is monitored to transmit the first file, determining a second file matched with the first file in a magnetic disk of the terminal;
the determination unit is configured to: determining the storage address of the second file as the source file address of the first file;
the feedback unit is configured to: and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
The technical scheme of the application includes: when the terminal monitors that the mobile storage medium transmits the first file, determining a second file matched with the first file in a magnetic disk of the terminal; determining the storage address of the second file as the source file address of the first file; and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode. The embodiment of the invention feeds back the source file address of the first file when the mobile storage medium transmits the file containing the sensitive information, provides information support for realizing the processing of safety analysis, repair and the like of the first file, and improves the safety of the file and the stability of the system.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention and not to limit the invention.
FIG. 1 is a flow chart of a method for implementing document administration according to an embodiment of the present invention;
fig. 2 is a block diagram of an apparatus for implementing document supervision according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
The steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
The inventor of the present application has analyzed and found that: the normal use of the mobile storage medium by a user can be influenced by blocking the writing operation of the mobile storage medium; when a user using the mobile storage medium cuts, modifies, covers, deletes and the like sensitive information, the action of partially maliciously destroying the information security can be avoided through the processing of preventing writing operation; however, which files are maliciously damaged cannot be known, which influences workers to repair sensitive information; in addition, although the log information records time information, the current monitoring process does not record hardware information of the mobile storage medium, and data analysis of damage sensitive information is affected.
Fig. 1 is a flowchart of a method for implementing document supervision according to an embodiment of the present invention, as shown in fig. 1, including:
in an illustrative example, the first file of the embodiment of the present invention includes a file transmitted by one or any combination of the following:
writing a second file in the terminal into the mobile storage medium in a copying or cutting mode;
writing a first file in the mobile storage medium into the terminal in a copying or cutting mode;
and writing the second file in the terminal into the mobile storage medium through saving processing in an editing mode.
the source file address in the embodiment of the present invention refers to an address in a disk when a first file is transmitted, and includes: when a second file in the disk is written into the mobile storage medium, the storage address of the second file in the disk; when the first file is written into the disk, the address of the first file is stored in the disk.
And 103, when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
In an exemplary embodiment, the preset information in the embodiment of the present invention includes sensitive information, and the sensitive information includes: personal information of one or any combination of the following: identity information, family member information, account information, telephone number information and mail address information; user information of one or any combination of the following: resume information, customer information, and salary information; and contract information.
The embodiment of the invention feeds back the source file address of the first file when the mobile storage medium transmits the file containing the sensitive information, provides information support for realizing the processing of safety analysis, repair and the like of the first file, and improves the safety of the file and the stability of the system.
In an exemplary embodiment, determining a second file matching the first file in the disk of the terminal according to the embodiment of the present invention includes:
when the mobile storage medium transmits a first file through write operation or read operation, determining a second file which is consistent with the name of the first file and has the same size;
and comparing the first file with the second file, and determining that the second file is matched with the first file when the contents of the second file are the same as those of the first file.
In an exemplary embodiment, the consistency of the names in the embodiment of the present invention may be determined by analyzing the text recognition method in the related art.
In an illustrative example, the name correspondence in the embodiments of the present invention includes:
the ratio of the number of characters of the same character in the names of the first file and the second file to the total number of the characters of the names is larger than a preset percentage.
In an exemplary embodiment, the write operation and the read operation of the embodiment of the present invention can be analyzed and determined by a resource management process of the system later with reference to the related art.
In an exemplary embodiment, comparing a first file with a second file according to an embodiment of the present invention includes:
comparing the hash algorithm of the first file with the hash algorithm of the second file;
when the hash algorithm of the first file is the same as that of the second file, determining that the second file is matched with the first file;
wherein, the hash algorithm comprises: information summarization algorithm (MD 5).
In an exemplary embodiment, determining a second file matching the first file in the disk of the terminal according to the embodiment of the present invention includes:
and when the first file is stored by a second file in the disk in an editing mode, determining that the second file is matched with the first file.
The processing of saving the first file in the editing mode of the embodiment of the invention comprises the following steps: and saving the original files of the terminal, including WORD, EXCEL, PPT and the like, in a mobile storage medium in an additional storage mode during editing.
In an exemplary example, before feeding back the determined source file address of the first file to the user in a preset manner, the method in the embodiment of the present invention further includes:
determining whether the first file is a file containing preset information;
wherein the preset information includes: sensitive information.
In an illustrative example, a method of an embodiment of the present invention further includes:
and when the first file is determined to be the file containing the preset information, carrying out safety alarm in a preset alarm mode.
In an exemplary embodiment, the embodiment of the present invention may perform security alarm by displaying an alarm identifier, playing an alarm audio, sending an alarm mail, sending a short message, and the like.
In an exemplary example, when the first file is a file containing sensitive information, determining whether the first file is a file containing sensitive information according to an embodiment of the present invention includes: and extracting the first file, and identifying the sensitive information of the first file through an identification rule and an identification model which are loaded in the terminal and used for identifying the sensitive information. In one illustrative example, determining whether a first file is a file containing sensitive information includes: extracting a first file; sending the extracted first file to a preset server; sensitive information is carried out on the first file through a preset server;
in an exemplary example, the server in the embodiment of the present invention is preset with: identification rules and identification models for sensitive information identification; in an illustrative example, a server in the embodiment of the invention is connected with an online identification model containing sensitive information identification through a network; the embodiment of the invention identifies the sensitive information through the server, and can load the model with high operation efficiency and good identification quality in the server; the server is connected with an online identification model containing sensitive information identification through a network, and the online identification model is used for content updating and algorithm iteration of sensitive information identification, so that the identification efficiency of the sensitive information is improved.
The embodiment of the invention also provides a computer storage medium, wherein a computer program is stored in the computer storage medium, and when being executed by a processor, the computer program realizes the method for realizing the file supervision.
An embodiment of the present invention further provides a terminal, including: a memory and a processor, the memory having stored therein a computer program; wherein,
the processor is configured to execute the computer program in the memory;
the computer program, when executed by a processor, implements a method of implementing document administration as described above.
Fig. 2 is a block diagram of a device for implementing document management according to an embodiment of the present invention, as shown in fig. 2, including: the device comprises a matching unit, a determining unit and a feedback unit; wherein,
the matching unit is set as follows: when the mobile storage medium is monitored to transmit the first file, determining a second file matched with the first file in a magnetic disk of the terminal;
the determination unit is configured to: determining the storage address of the second file as the source file address of the first file;
the feedback unit is configured to: and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
In an exemplary embodiment, the matching unit of the embodiment of the present invention is configured to:
when the mobile storage medium transmits a first file through write operation or read operation, determining a second file which is consistent with the name of the first file and has the same size;
and comparing the first file with the second file, and determining that the second file is matched with the first file when the contents of the second file are the same as those of the first file.
In an illustrative example, the name correspondence in the embodiments of the present invention includes:
the ratio of the number of characters of the same character in the names of the first file and the second file to the total number of the characters of the names is larger than a preset percentage.
In an exemplary embodiment, a matching unit in an embodiment of the present invention is configured to compare a first file and a second file, and includes:
comparing the first file with the second file, comprising:
comparing the hash algorithm of the first file with the hash algorithm of the second file;
when the hash algorithm of the first file is the same as that of the second file, determining that the second file is matched with the first file;
wherein, the hash algorithm comprises: and (4) information summarization algorithm.
In an exemplary embodiment, the matching unit of the embodiment of the present invention is configured to:
and when the first file is stored by a second file in the disk in an editing mode, determining that the second file is matched with the first file.
In an exemplary embodiment, the apparatus of the present invention further includes a determining unit configured to:
determining whether the first file is a file containing preset information;
wherein the preset information includes: sensitive information.
In an exemplary embodiment, the apparatus of the embodiment of the present invention further includes an alarm unit, configured to:
and when the first file is determined to be the file containing the preset information, carrying out safety alarm in a preset alarm mode.
"one of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art. "
Claims (10)
1. A method of implementing document administration, comprising:
when the terminal monitors that the mobile storage medium transmits the first file, determining a second file matched with the first file in a magnetic disk of the terminal;
determining the storage address of the second file as the source file address of the first file;
and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
2. The method of claim 1, wherein determining the second file in the disk of the terminal that matches the first file comprises:
when the mobile storage medium transmits the first file through write operation or read operation, determining a second file which is consistent with the name of the first file and has the same size with the first file;
and comparing the first file with the second file, and determining that the second file is matched with the first file when the contents of the second file are the same as those of the first file.
3. The method of claim 2, wherein the name reconciling comprises:
and the ratio of the number of the characters of the same character in the names of the first file and the second file to the total number of the name characters is more than a preset percentage.
4. The method of claim 2, wherein comparing the first file to the second file comprises:
comparing the hash algorithm of the first file with the hash algorithm of the second file;
when the hash algorithm of the first file is the same as that of the second file, determining that the second file is matched with the first file;
wherein the hashing algorithm comprises: the information summarization algorithm MD 5.
5. The method of claim 1, wherein determining the second file in the disk of the terminal that matches the first file comprises:
and when the first file is saved by a second file in the disk in an editing mode, determining that the second file is matched with the first file.
6. The method according to any one of claims 1 to 5, wherein before the feedback of the determined source file address of the first file to the user in a preset manner, the method further comprises:
determining whether the first file is a file containing the preset information;
wherein the preset information includes: sensitive information.
7. The method of claim 6, further comprising:
and when the first file is determined to be the file containing the preset information, carrying out safety alarm in a preset alarm mode.
8. A computer storage medium having stored thereon a computer program which, when executed by a processor, implements a method of implementing document supervision according to any one of claims 1 to 7.
9. A terminal, comprising: a memory and a processor, the memory having a computer program stored therein; wherein,
the processor is configured to execute the computer program in the memory;
the computer program, when executed by the processor, implements a method of implementing document administration as claimed in any one of claims 1 to 7.
10. An apparatus for implementing document administration, comprising: the device comprises a matching unit, a determining unit and a feedback unit; wherein,
the matching unit is set as follows: when the mobile storage medium is monitored to transmit the first file, determining a second file matched with the first file in a magnetic disk of the terminal;
the determination unit is configured to: determining the storage address of the second file as the source file address of the first file;
the feedback unit is configured to: and when the first file is a file containing preset information, feeding back the determined source file address of the first file to a user in a preset mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111155062.6A CN113849858A (en) | 2021-09-29 | 2021-09-29 | Method, device, computer storage medium and terminal for realizing file supervision |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111155062.6A CN113849858A (en) | 2021-09-29 | 2021-09-29 | Method, device, computer storage medium and terminal for realizing file supervision |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113849858A true CN113849858A (en) | 2021-12-28 |
Family
ID=78977156
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111155062.6A Pending CN113849858A (en) | 2021-09-29 | 2021-09-29 | Method, device, computer storage medium and terminal for realizing file supervision |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113849858A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150121089A1 (en) * | 2013-10-24 | 2015-04-30 | Kaspersky Lab Zao | System and method for copying files between encrypted and unencrypted data storage devices |
| US20170052972A1 (en) * | 2014-05-23 | 2017-02-23 | Hewlett Packard Enterprise Development Lp | Using location addressed storage as content addressed storage |
| US9805204B1 (en) * | 2015-08-25 | 2017-10-31 | Symantec Corporation | Systems and methods for determining that files found on client devices comprise sensitive information |
| CN107832403A (en) * | 2017-11-02 | 2018-03-23 | 武汉斗鱼网络科技有限公司 | Catalogue file management method, device, electric terminal and readable storage medium storing program for executing |
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN111611585A (en) * | 2020-05-20 | 2020-09-01 | 网神信息技术(北京)股份有限公司 | Terminal device monitoring method and device, electronic device and medium |
-
2021
- 2021-09-29 CN CN202111155062.6A patent/CN113849858A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150121089A1 (en) * | 2013-10-24 | 2015-04-30 | Kaspersky Lab Zao | System and method for copying files between encrypted and unencrypted data storage devices |
| US20170052972A1 (en) * | 2014-05-23 | 2017-02-23 | Hewlett Packard Enterprise Development Lp | Using location addressed storage as content addressed storage |
| US9805204B1 (en) * | 2015-08-25 | 2017-10-31 | Symantec Corporation | Systems and methods for determining that files found on client devices comprise sensitive information |
| CN107832403A (en) * | 2017-11-02 | 2018-03-23 | 武汉斗鱼网络科技有限公司 | Catalogue file management method, device, electric terminal and readable storage medium storing program for executing |
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN111611585A (en) * | 2020-05-20 | 2020-09-01 | 网神信息技术(北京)股份有限公司 | Terminal device monitoring method and device, electronic device and medium |
Non-Patent Citations (1)
| Title |
|---|
| 闫彦博;: "一种移动存储介质分级权限管理系统的实现", 电脑编程技巧与维护, no. 01, 3 January 2017 (2017-01-03) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11188657B2 (en) | Method and system for managing electronic documents based on sensitivity of information | |
| US8060596B1 (en) | Methods and systems for normalizing data loss prevention categorization information | |
| US10897520B2 (en) | Connected contact identification | |
| WO2019061991A1 (en) | Multi-element universal model platform modeling method, electronic device, and computer readable storage medium | |
| CN103365882A (en) | Method and system for cleaning junk files on mobile terminal | |
| CN108600081A (en) | A kind of method and device that mail outgoing achieves, Mail Gateway | |
| EP3028243A1 (en) | Determining topic relevance of an email thread | |
| US10652255B2 (en) | Forensic analysis | |
| CN111400714B (en) | Virus detection method, device, equipment and storage medium | |
| US20170371894A1 (en) | Samba configuration management method and system for network device | |
| CN112153115A (en) | Internal and external network file transmission auditing method and device | |
| US9245132B1 (en) | Systems and methods for data loss prevention | |
| CN105245436A (en) | Position-based data management method and device | |
| US20230112332A1 (en) | Multiple data labels within a backup system | |
| CN107357557A (en) | A kind of information updating method and device | |
| CN113792319B (en) | File encryption method, device, storage medium and electronic equipment | |
| US10733148B2 (en) | Predicate based data deletion | |
| CN117520549B (en) | Document segmentation method, device, equipment and readable storage medium | |
| CN113849858A (en) | Method, device, computer storage medium and terminal for realizing file supervision | |
| CN113419924B (en) | Database operation risk prompt processing method and device based on session maintenance | |
| CN108595924A (en) | Business authority management method and device, computer equipment and storage medium | |
| CN115730012A (en) | Database desensitization method and system | |
| CN114416560A (en) | Program crash analysis aggregation method and system | |
| CN113420003A (en) | Method, device, equipment and medium for processing data interaction log | |
| CN113342579A (en) | Data restoration method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |