CN112818341B - External device control method and device based on operating system filter layer drive - Google Patents
External device control method and device based on operating system filter layer drive Download PDFInfo
- Publication number
- CN112818341B CN112818341B CN202110114575.6A CN202110114575A CN112818341B CN 112818341 B CN112818341 B CN 112818341B CN 202110114575 A CN202110114575 A CN 202110114575A CN 112818341 B CN112818341 B CN 112818341B
- Authority
- CN
- China
- Prior art keywords
- equipment
- management
- driver
- strategy
- registry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4411—Configuring for operating with peripheral devices; Loading of device drivers
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The invention belongs to the field of external equipment control, and provides an external equipment control method and device based on operating system filter layer driving. Receiving a management and control software starting command, starting management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; the control driver is mounted on a filter layer of the PC system; reading the policy in the PC registry by using the management and control driver while monitoring the access behavior of the device at the driver layer: when the device access behavior is detected, acquiring device information and comparing the device information with the strategies in the PC registry: if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC; if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released and no operation is carried out on the equipment driver.
Description
Technical Field
The invention belongs to the field of external equipment control, and particularly relates to an external equipment control method and device based on operating system filter layer driving.
Background
The statements in this section merely provide background information related to the present disclosure and may not constitute prior art.
The access of the network and the mobile equipment is always a disaster area spread by the worm virus and the Trojan horse virus at the PC end. The access of illegal external equipment is difficult to prevent during the use of the PC equipment. The method for disabling the external device of the current mainstream comprises the following steps: (1) The external device access is forbidden by modifying the registry, but the inventor discovers that the method is easy to discover, and the device can be accessed to the computer again by simply modifying the registry. And (2) forbidding the external equipment through the exclusive equipment drive file. The inventors have found that this method can only disable devices that are not used on the computer.
Disclosure of Invention
In order to solve at least one technical problem in the background art, the invention provides a method and a device for managing and controlling an external device based on a filter layer drive of an operating system, which can prohibit an illegal device from accessing a PC on a drive layer, and can add a safe and controllable device into a device white list so that the device can be accessed normally.
In order to achieve the purpose, the invention adopts the following technical scheme:
the invention provides an external device control method based on operating system filter layer driving.
An external device control method based on operating system filter layer driving comprises the following steps:
receiving a management and control software starting command, starting management and control software, installing a management and control driver, and writing a forbidden strategy and a white list strategy into a PC registry; the control drive is mounted on a filter layer of the PC system;
reading the strategy in the PC registry by using the management and control driver and monitoring the access behavior of the equipment at the driver layer:
when the device access behavior is detected, acquiring device information and comparing the device information with the strategies in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released and no operation is carried out on the equipment driver.
The second aspect of the invention provides an external device management and control device based on operating system filter layer driving.
The utility model provides an external device management and control device based on operating system filter layer drive, includes:
the management and control starting and driver installing module is used for receiving a management and control software starting command, starting the management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; the control driver is mounted on a filter layer of the PC system;
a device access behavior monitoring module for reading policies in the PC registry with a management driver while monitoring device access behavior at a driver layer:
when the device access behavior is detected, device information is acquired and compared with the strategies in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released and no operation is carried out on the equipment driver.
A third aspect of the invention provides a computer-readable storage medium.
A computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps in the operating system filter driver-based external device management and control method as described above.
A fourth aspect of the invention provides a computer apparatus.
A computer device comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor executes the program to realize the steps of the external device management and control method based on the operating system filter layer drive.
Compared with the prior art, the invention has the beneficial effects that:
the method and the device utilize the mutual cooperation of application layer management and control software and a drive layer management and control driver to complete the whole device management and control flow, utilize the management and control driver to read the strategy in the PC registry and simultaneously monitor the access behavior of the device at the drive layer to compare the obtained device information with the strategy written in the registry, thereby achieving the functions of forbidding illegal devices and releasing white list devices; the method can safely and effectively manage and control the external equipment, and can conveniently and quickly set the control equipment and the white list equipment by matching with an upper computer.
Advantages of additional aspects of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
FIG. 1 is a flowchart of an operating system filter driver-based external device management and control method according to an embodiment of the present invention;
FIG. 2 is an IRP transmission flow according to an embodiment of the present invention;
fig. 3 is a flow of managing and controlling a drive binding device according to an embodiment of the present invention;
fig. 4 is a communication flow of the policing control IRP according to the embodiment of the present invention.
Detailed Description
The invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
Example one
As shown in fig. 1, the external device management and control method based on the operating system filter driver of this embodiment specifically includes the following steps:
step S101: receiving a management and control software starting command, starting management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; wherein, the management and control drive is mounted on the filter layer of the PC system.
In specific implementation, the policy includes device information, map items to be matched, and policy priority information.
Wherein the whitelist policy has a higher priority than the disabling policy.
Step S102: reading the policy in the PC registry by using the management and control driver while monitoring the access behavior of the device at the driver layer:
when the device access behavior is detected, device information (such as hardware ID, compatible ID, enumeration, class and the like) is obtained and compared with the policy in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released and no operation is carried out on the equipment driver.
In a specific implementation, the Windows kernel mode uses an IRP (I/O Request Package) as a basic communication means with a driver. The control drive is a filtering drive and is mounted on a filtering layer of the PC system. The driverObject (device OBJECT, DO for short) is assigned by the system when the device DRIVER is loaded as the DRIVER _ OBJECT corresponding to the DRIVER. The registrypath is a registry path dedicated to recording device drive-related parameters. DO is important in that it possesses a set of function pointers called dispatch functions. When the system needs to use the device driver, it will send IRP like DO. The management and control driver is used as a filtering driver, and the main work is to modify or write the distance functions.
As shown in fig. 2, the downward arrow indicates the sending process of the IRP request, and the upward is the return. It can be seen that the IRP is sent down step by step starting from the top of the device stack. DevVolumue denotes the actual Volume device to be filtered and DevTop denotes the top of this device stack.
As shown in fig. 3, the flow of managing and controlling the driver binding device is specifically:
after the management and control driver operates, reading a user setting strategy from a registry, and simultaneously monitoring the plugging and unplugging behavior of the equipment; when the access of the equipment is detected, the equipment information is acquired, the equipment information is compared with the strategy read in the registry, and whether the equipment needs to be controlled or not is judged:
if the device needs to be controlled, when the corresponding device driver sends the IRP to the system, the IRP sent by the device is intercepted in the dispatch functions, and a new DO (device object) is generated to be bound with the source device.
When the device is detected to be added into the white list, the management and control driver does not need to generate a new DO (device object) to be bound with the corresponding device.
After the management and control driver binds the source device, the IRP communication between the monitoring system and the source device is monitored, and the IRP content is modified according to the requirement, so that the function of disabling or releasing the external device is achieved, as shown in fig. 4.
In the embodiment, the whole equipment management and control flow is completed by mutually matching application layer management and control software and a drive layer management and control driver, the management and control driver is used for reading the strategy in the PC registry and simultaneously monitoring the access behavior of equipment at the drive layer to compare the obtained equipment information with the strategy written in the registry, so that the functions of forbidding illegal equipment and releasing white list equipment are achieved; the method can safely and effectively manage and control the external equipment, and can conveniently and quickly set the control equipment and the white list equipment by matching with an upper computer.
Example two
This embodiment provides an external device management and control device based on operating system filter layer drive, includes:
the management and control starting and driver installing module is used for receiving a management and control software starting command, starting the management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; the control drive is mounted on a filter layer of the PC system;
a device access behavior monitoring module for reading policies in the PC registry with a management driver while monitoring device access behavior at a driver layer:
when the device access behavior is detected, acquiring device information and comparing the device information with the strategies in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released and no operation is carried out on the equipment driver.
It should be noted that, each module in the external device management and control apparatus based on the operating system filter layer driver in this embodiment corresponds to each step in the external device management and control method based on the operating system filter layer driver in the first embodiment one to one, and the specific implementation process is the same, which will not be described herein again.
In the embodiment, the whole equipment management and control flow is completed by mutually matching application layer management and control software and a drive layer management and control driver, the management and control driver is used for reading the strategy in the PC registry and simultaneously monitoring the access behavior of equipment at the drive layer to compare the obtained equipment information with the strategy written in the registry, so that the functions of forbidding illegal equipment and releasing white list equipment are achieved; the method can safely and effectively manage and control the external equipment, and can conveniently and quickly set the control equipment and the white list equipment by matching with an upper computer.
EXAMPLE III
The present embodiment provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps in the method for managing and controlling an external device based on an operating system filter driver as described in the first embodiment.
In the embodiment, the whole equipment management and control flow is completed by mutually matching application layer management and control software and a drive layer management and control driver, the management and control driver is used for reading the strategy in the PC registry and simultaneously monitoring the access behavior of equipment at the drive layer to compare the obtained equipment information with the strategy written in the registry, so that the functions of forbidding illegal equipment and releasing white list equipment are achieved; the method can safely and effectively manage and control the external equipment, and can conveniently and quickly set the control equipment and the white list equipment by matching with an upper computer.
Example four
The embodiment provides a computer device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the program to implement the steps in the method for managing and controlling an external device based on an operating system filter driver according to the first embodiment.
In the embodiment, the whole equipment management and control flow is completed by utilizing the mutual cooperation of application layer management and control software and a drive layer management and control driver, the management and control driver is utilized to read the strategy in a PC registry, and meanwhile, the access behavior of the equipment is monitored at the drive layer, and the obtained equipment information is compared with the strategy written in the registry, so that the functions of forbidding illegal equipment and releasing white list equipment are achieved; the method can safely and effectively manage and control the external equipment, and can conveniently and quickly set the control equipment and the white list equipment by matching with an upper computer.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by a computer program, which may be stored in a computer readable storage medium and executed by a computer to implement the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (8)
1. An external device management and control method based on operating system filter layer driving is characterized by comprising the following steps:
receiving a management and control software starting command, starting management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; the control driver is mounted on a filter layer of the PC system;
reading the strategy in the PC registry by using the management and control driver and monitoring the access behavior of the equipment at the driver layer:
when the device access behavior is detected, device information is acquired and compared with the strategies in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released, and no operation is carried out on the equipment driver;
when the acquired equipment information is compared with the strategy in the PC registry, and the equipment is judged to need to be controlled, and when the corresponding equipment driver sends the IRP to the PC system, the IRP sent by the equipment is intercepted in the dispatch functions, and a new equipment object is generated and bound with the source equipment;
the source equipment and the PC system carry out IRP communication, the IRP content is modified according to the requirement, and the modified IRP is issued to the PC system and the source equipment, so that the function of forbidding or releasing the external equipment is achieved.
2. The operating system filter layer driven-based external device management and control method according to claim 1, wherein the IRP is sent downwards step by step starting from the top of the device stack.
3. The method for managing and controlling an external device based on an operating system filter layer driver as claimed in claim 1, wherein when the configuration policy of the relevant device is found to be written into the PC registry and the policy is a white list policy, the management and control driver does not need to generate a new device object to bind with the corresponding device.
4. The operating system filter layer driver-based external device management and control method according to claim 1, wherein the policy includes device information, map items to be matched, and policy priority information.
5. The operating system filter layer driven-based add-on device management and control method of claim 4, wherein a whitelist policy has a higher priority than a disable policy.
6. The utility model provides an external device management and control device based on operating system filter layer drive which characterized in that includes:
the management and control starting and driver installing module is used for receiving a management and control software starting command, starting the management and control software, installing a management and control driver, and writing a forbidden policy and a white list policy into a PC registry; the control drive is mounted on a filter layer of the PC system;
a device access behavior monitoring module for reading policies in the PC registry with a management driver while monitoring device access behavior at a driver layer:
when the device access behavior is detected, acquiring device information and comparing the device information with the strategies in the PC registry:
if the configuration strategy of the relevant equipment is written into the PC registry, continuously judging whether the strategy is a white list strategy, if so, releasing the equipment and not performing any operation on the equipment drive; if the strategy is a forbidden strategy, forbidding the drive of the corresponding equipment, so that the equipment cannot be normally accessed into the PC;
if the configuration strategy of the relevant equipment is not found in the PC registry, the equipment is directly released, and no operation is carried out on the equipment driver;
when the acquired device information is compared with the strategy in the PC registry, and the device is judged to need to be controlled, and when the corresponding device driver sends the IRP to the PC system, the IRP sent by the device is intercepted in the dispatch functions, and a new device object is generated to be bound with the source device;
the source equipment and the PC system carry out IRP communication, the IRP content is modified according to the requirement, and the modified IRP is issued to the PC system and the source equipment, so that the function of forbidding or releasing the external equipment is achieved.
7. A computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the steps in the operating system filter layer driver-based external device management and control method according to any one of claims 1 to 5.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the steps of the operating system filter layer driver-based external device management and control method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110114575.6A CN112818341B (en) | 2021-01-26 | 2021-01-26 | External device control method and device based on operating system filter layer drive |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110114575.6A CN112818341B (en) | 2021-01-26 | 2021-01-26 | External device control method and device based on operating system filter layer drive |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112818341A CN112818341A (en) | 2021-05-18 |
| CN112818341B true CN112818341B (en) | 2023-02-24 |
Family
ID=75860052
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110114575.6A Active CN112818341B (en) | 2021-01-26 | 2021-01-26 | External device control method and device based on operating system filter layer drive |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112818341B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113485895B (en) * | 2021-07-22 | 2024-07-09 | 北京天空卫士网络安全技术有限公司 | Method and device for determining IO device type |
| CN114238988B (en) * | 2021-12-20 | 2025-02-25 | 紫光计算机科技有限公司 | Computer interface control method, device and electronic equipment |
| CN115168300B (en) * | 2022-09-05 | 2022-12-09 | 山东正中信息技术股份有限公司 | Portable mobile working method and system based on file system filtering |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0315227A2 (en) * | 1987-11-02 | 1989-05-10 | The Boeing Company | Dual channel signal selection and fault detection system |
| CN109254735A (en) * | 2018-10-11 | 2019-01-22 | 北京明朝万达科技股份有限公司 | The access control method and device of movable storage device |
| CN112052045A (en) * | 2020-08-31 | 2020-12-08 | 郑州信大捷安信息技术股份有限公司 | Equipment control method and system based on IRP hook |
| CN112068890A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Method, system and storage medium for controlling computer external equipment |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1684151A1 (en) * | 2005-01-20 | 2006-07-26 | Grant Rothwell William | Computer protection against malware affection |
| CN103605930B (en) * | 2013-11-27 | 2016-04-13 | 湖北民族学院 | A kind of dualized file based on HOOK and filtration drive prevents divulging a secret method and system |
| US10346320B2 (en) * | 2017-01-27 | 2019-07-09 | Wyse Technology L.L.C. | Restricting applications and users that can make persistent changes to artifacts |
| CN107463369B (en) * | 2017-06-30 | 2020-10-16 | 北京北信源软件股份有限公司 | Access device control method and device for virtual desktop |
-
2021
- 2021-01-26 CN CN202110114575.6A patent/CN112818341B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0315227A2 (en) * | 1987-11-02 | 1989-05-10 | The Boeing Company | Dual channel signal selection and fault detection system |
| CN109254735A (en) * | 2018-10-11 | 2019-01-22 | 北京明朝万达科技股份有限公司 | The access control method and device of movable storage device |
| CN112068890A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Method, system and storage medium for controlling computer external equipment |
| CN112052045A (en) * | 2020-08-31 | 2020-12-08 | 郑州信大捷安信息技术股份有限公司 | Equipment control method and system based on IRP hook |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112818341A (en) | 2021-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112818341B (en) | External device control method and device based on operating system filter layer drive | |
| CN107463369B (en) | Access device control method and device for virtual desktop | |
| US8955056B2 (en) | Terminal and method for assigning permission to application | |
| US8838926B2 (en) | Interacting with data in hidden storage | |
| US20020188812A1 (en) | Implementing a dual partition flash with suspend/resume capabilities | |
| US9330265B2 (en) | Method for component access control and electronic device | |
| CN104618333B (en) | A kind of mobile terminal safety office system | |
| CN106874232B (en) | Charging method, device and terminal of Universal Serial Bus (USB) | |
| GB2398134A (en) | Applying a data handing policy to predetermined system calls | |
| CN104462937B (en) | Operating system peripheral access permission control method based on users | |
| CN100570601C (en) | Method and computer system for switching folders to be accessed based on secret mode | |
| US20090119772A1 (en) | Secure file access | |
| CN1556967A (en) | Portable Information Recording Device | |
| GB2397665A (en) | Operating system data management | |
| CN108255542B (en) | Serial port and parallel port control method and device of virtual machine | |
| CN105653354A (en) | Batch processing method and device | |
| CN111858020B (en) | User resource limiting method and device and computer storage medium | |
| CN113127852B (en) | SE application management method and device based on chip card and storage medium | |
| GB2515736A (en) | Controlling access to one or more datasets of an operating system in use | |
| CN102737198A (en) | Method and device for object protection | |
| CN116702126A (en) | Application access control method and device, computing device and readable storage medium | |
| DE102023121503A1 (en) | SELECTIVE DELETION OF SENSITIVE DATA | |
| JP2005196334A5 (en) | ||
| CN102222185A (en) | Method for preventing operating system starting file from being infected | |
| CN101826062A (en) | Computer executing method and electric system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |