[go: up one dir, main page]

CN117034353A - File storage identification method, system, medium and electronic equipment - Google Patents

File storage identification method, system, medium and electronic equipment Download PDF

Info

Publication number
CN117034353A
CN117034353A CN202311088791.3A CN202311088791A CN117034353A CN 117034353 A CN117034353 A CN 117034353A CN 202311088791 A CN202311088791 A CN 202311088791A CN 117034353 A CN117034353 A CN 117034353A
Authority
CN
China
Prior art keywords
file
hash value
target file
type
shielding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311088791.3A
Other languages
Chinese (zh)
Inventor
赵文义
卢存华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Superred Technology Co Ltd
Original Assignee
Beijing Superred Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Superred Technology Co Ltd filed Critical Beijing Superred Technology Co Ltd
Priority to CN202311088791.3A priority Critical patent/CN117034353A/en
Publication of CN117034353A publication Critical patent/CN117034353A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Automation & Control Theory (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A file storage identification method, a system, a medium and electronic equipment relate to the technical field of computer storage security. The method comprises the following steps: when a user operates and stores a target file, identifying the type of the target file and an actual hash value corresponding to each element information in the target file; calling the type of a preset shielding file to be shielded and the shielding hash value corresponding to each element information in the shielding file; and determining a target file to be shielded based on the type of the target file and each actual hash value, and the type of the shielding file and each shielding hash value, and prohibiting the target file to be shielded from being stored. By implementing the technical scheme provided by the application, the confidentiality of the target file to be shielded can be improved, so that the confidentiality requirement of a user is met.

Description

File storage identification method, system, medium and electronic equipment
Technical Field
The application relates to the technical field of computer storage security, in particular to a file storage identification method, a system, a medium and electronic equipment.
Background
The secret-related special-purpose computer is a computer system for processing secret-related information. It has high safety and confidentiality to protect the security of national secrets and sensitive information. The secret-related special computer is widely applied to the fields of national authorities, armies, financial institutions, scientific institutions and the like which need to process secret-related information. They play an important role in protecting national security, maintaining social stability, protecting personal privacy, etc.
With the rapid development of information technology, the informatization degree of institutions such as government authorities, army, enterprises and the like is continuously improved. Files to be stored in private computers are increasing in each unit, wherein secret files in various different formats are not consumed, and the types or the contents of files stored in the computers are strictly forbidden. Meanwhile, along with the increasing of the confidentiality requirements of users, the existing confidential special computer has lower confidentiality of the file types or file contents which are strictly forbidden to be stored, so that the confidentiality requirements of the users cannot be met.
Disclosure of Invention
The application provides a file storage identification method, a system, a medium and electronic equipment, which can improve the confidentiality of a target file to be shielded, thereby meeting the confidentiality requirement of a user.
In a first aspect, the present application provides a method for storing and identifying files, which is applied to a secret-related special-purpose computer, and adopts the following technical scheme:
when a user operates and stores a target file, identifying the type of the target file and an actual hash value corresponding to each element information in the target file;
calling the type of a preset shielding file to be shielded and the shielding hash value corresponding to each element information in the shielding file;
and determining a target file to be shielded based on the type of the target file and each actual hash value, and the type of the shielding file and each shielding hash value, and prohibiting the target file to be shielded from being stored.
By adopting the technical scheme, when a user operates and stores the target file, the type of the target file and the actual hash value corresponding to each element information can be identified, and the actual hash value is compared with the type of the preset shielding file to be shielded or the shielding hash value corresponding to each element information, so that the target file to be shielded can be determined, the target file to be shielded is forbidden to be stored, the safety and confidentiality of the target file information to be shielded are improved, and the confidentiality requirement of the user is met.
Optionally, before the user operates the target file and stores the target file, the method further includes: and writing in the type of the shielding file and each element information of the shielding file under the specific path of the confidential special computer, and calculating a shielding hash value corresponding to each element information, wherein each shielding hash value at least comprises one of a hash value corresponding to a file title, a shielding hash value corresponding to a file name, a shielding hash value corresponding to a transmission text number, a shielding hash value corresponding to a file abstract content, a shielding hash value corresponding to a keyword in the file content, a shielding hash value corresponding to transmission text information and a shielding hash value corresponding to a transmission text date, and the transmission text information comprises a transmission text organization, a main transmission organization and a transmission text date, and the transmission text information comprises a transmission unit, a seal, a transmission text date and a transmission number.
By adopting the technical scheme, the type of the shielding file, the information of each element and the corresponding shielding hash value are written in the specific path of the confidential special computer, so that the shielding file can be preset, and the subsequent identification and comparison are convenient. By presetting the information of the shielding file, the accuracy and reliability of the shielding effect can be improved, and the calculation cost and time consumption during operation can be reduced.
Optionally, the identifying the type of the target file and the actual hash value corresponding to each element information in the target file includes: identifying the suffix of the target file, and determining the type of the target file according to the suffix of the target file; analyzing the target file and extracting element information of the target file; based on a hash algorithm, calculating an actual hash value corresponding to each element information, wherein each actual hash value at least comprises one of an actual hash value corresponding to a file title, an actual hash value corresponding to a transmission word number, an actual hash value corresponding to file abstract content, an actual hash value corresponding to transmission information and an actual hash value corresponding to printing information, the transmission information comprises a transmission organization, a main transmission organization and a transmission date, and the printing information comprises a printing unit, a seal, a printing date and a printing number.
By adopting the technical scheme, the type of the target file is determined by identifying the suffix of the target file, and the target file is analyzed, so that the element information of the target file can be extracted. The actual hash value corresponding to each element information is calculated based on the hash algorithm, and the type and the element information of the target file can be accurately identified, so that the accuracy of the shielding effect is ensured.
Optionally, before determining the target file to be masked based on the type of the target file and each of the actual hash values, and the type of the mask file and each of the mask hash values, the method further includes: acquiring a storage address of the target file stored by the user, and judging whether the storage address is an address with authority to store; if the storage address is an address without authority storage, the storage of the target file is forbidden; and if the storage address is an address with authority to store, executing the step of determining the target file to be masked based on the type of the target file and each actual hash value, and the type of the mask file and each mask hash value.
By adopting the technical scheme, whether the storage address of the target file is a storage address with authority is judged, finer control and shielding of the target file can be realized, and therefore the security and confidentiality of information of the target file to be shielded are improved.
Optionally, the determining the target file to be masked based on the type of the target file and each of the actual hash values, and the type of the mask file and each of the mask hash values includes: comparing the type of the target file with the type of the mask file, and/or comparing each actual hash value with each corresponding mask hash value; judging whether the type of the target file is the same as the type of the mask file and/or whether at least one actual hash value is the same as the corresponding mask hash value exists; and if the type of the target file is the same as the type of the shielding file and/or at least one actual hash value is the same as the corresponding shielding hash value, determining that the target file is the target file to be shielded.
By adopting the technical scheme, the object file to be shielded can be determined by comparing the type of the object file with the actual hash value corresponding to the element information and the type of the shielding file and/or the shielding hash value corresponding to the element information, the object file to be shielded is forbidden to be stored, the security and confidentiality of the object file information to be shielded are improved, and the confidentiality requirement of a user is met.
Optionally, the method further comprises: and if the type of the target file is different from the type of the mask file and/or each actual hash value is different from the corresponding mask hash value, allowing the target file to be stored.
By adopting the technical scheme, when the type of the target file is different from the type of the shielding file and/or each actual hash value is different from the corresponding shielding hash value, the target file is allowed to be stored, and better file filtering and storing functions can be provided.
Optionally, before the identifying the type of the target file and the actual hash value corresponding to each element information in the target file, the method further includes obtaining the current mode category selected by the user: if the current mode type is a detection mode and the target file is determined to be a target file to be shielded, displaying prompt information of failure in storage in a preset area, wherein the prompt information comprises at least one target element risk information with the same actual hash value as the corresponding shielding hash value, and each target element risk information is marked and displayed in different colors; and if the current mode type is a detection mode and the target file is allowed to be stored, displaying prompt information of successful storage.
By adopting the technical scheme, the current mode category selected by the user is obtained, different detection modes can be selected according to different requirements, and the detection effect and accuracy are improved. Meanwhile, by displaying at least one target element risk information with the same actual hash value as the corresponding shielding hash value, a user can be helped to quickly locate a specific position of the target element risk information, and the user is prompted for the reason of storage failure.
In a second aspect of the present application there is provided a storage identification system for a file, the system comprising:
the target file identification module is used for identifying the type of the target file and the actual hash value corresponding to each element information in the target file when a user operates and stores the target file;
the shielding element calling module is used for calling the type of a preset shielding file to be shielded and a shielding hash value corresponding to each element information in the shielding file;
and the file module to be shielded is used for determining the target file to be shielded based on the type of the target file and the actual hash values, and the type of the shielded file and the shielded hash values, and prohibiting the target file to be shielded from being stored.
In a third aspect the application provides a computer storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the above-described method steps.
In a fourth aspect of the application there is provided an electronic device comprising: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the above-mentioned method steps.
In summary, one or more technical solutions provided in the embodiments of the present application at least have the following technical effects or advantages:
1. when a user operates and stores the target file, the type of the target file and the actual hash value corresponding to each element information are identified, and the type of the preset shielding file to be shielded or the shielding hash value corresponding to each element information are compared, so that the target file to be shielded can be determined, the target file to be shielded is forbidden to be stored, the safety and confidentiality of the target file information to be shielded are improved, and the confidentiality requirement of the user is met;
2. the application writes the type of the shielding file, the information of each element and the corresponding shielding hash value in the specific path of the confidential special computer, can realize the presetting of the shielding file, and is convenient for subsequent identification and comparison. By presetting the information of the shielding file, the accuracy and the reliability of the shielding effect can be improved, and the calculation cost and the time consumption during operation can be reduced;
3. The application can acquire the current mode category selected by the user, and select different detection modes according to different requirements, thereby improving the detection effect and accuracy. Meanwhile, by displaying at least one target element risk information with the same actual hash value as the corresponding shielding hash value, a user can be helped to quickly locate a specific position of the target element risk information, and the user is prompted for the reason of storage failure.
Drawings
FIG. 1 is a schematic diagram of an exemplary application scenario provided by an embodiment of the present application;
FIG. 2 is a flow chart of a method for identifying file storage according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a display interface for storing results according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a file storage and identification system according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Reference numerals illustrate: 1. a target file identification module; 2. a shielding element calling module; 3. determining a file module to be shielded; 500. an electronic device; 501. a processor; 502. a communication bus; 503. a user interface; 504. a network interface; 505. a memory.
Detailed Description
In order that those skilled in the art will better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments.
In describing embodiments of the present application, words such as "for example" or "for example" are used to mean serving as examples, illustrations, or descriptions. Any embodiment or design described herein as "such as" or "for example" in embodiments of the application should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "or" for example "is intended to present related concepts in a concrete fashion.
In the description of embodiments of the application, the term "plurality" means two or more. For example, a plurality of systems means two or more systems, and a plurality of screen terminals means two or more screen terminals. Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating an indicated technical feature. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
The following description of the embodiments of the present application will be given in detail with reference to the accompanying drawings, and it is apparent that the embodiments described are only some, but not all embodiments of the present application.
The embodiment of the application provides a file storage identification method, and based on the file storage identification method, when a user operates and stores a target file, the type of the target file and an actual hash value corresponding to each element information can be identified, and the actual hash value is compared with a preset shielding file type to be shielded or a shielding hash value corresponding to each element information, so that the target file to be shielded can be determined, the target file to be shielded is forbidden to be stored, the safety and confidentiality of the target file information to be shielded can be improved, and the confidentiality requirement of the user can be met.
As shown in fig. 1, fig. 1 is a schematic diagram of an exemplary application scenario provided in an embodiment of the present application.
As shown in fig. 1 (a), the user can create a new target file in the confidential special purpose computer and edit the file.
As shown in (b) of fig. 1, it is also possible for the user to directly edit an object file already existing in the confidential special purpose computer, such as modifying the content or type of the object file, or the like.
As shown in (c) in fig. 1, a user creates or edits a target file in a secret-related special computer and stores the target file, and then transmits the target file to a terminal in communication connection with the secret-related special computer, if the target file is the target file to be shielded, by adopting the technical scheme of the embodiment of the application, when the type of the target file and/or the content of the target file meet one of shielding conditions, the target file is determined to be the target file to be shielded, that is, the user cannot store the target file to be shielded, so that the target file to be shielded cannot be transmitted from the secret-related special computer to other terminals, and the confidentiality of the target file to be shielded is improved.
In an embodiment, please refer to fig. 2, a flow chart of a method for storing and identifying files is specifically provided, and the method may be implemented by a computer program, may be implemented by a single chip microcomputer, and may also be run on a storage and identification system of files based on von neumann system. The computer program can be integrated in an application or can be run as an independent tool application, and specifically, in the embodiment of the application, the method can be applied to a secret-related special-purpose computer, and the method comprises the following steps of 10 to 30:
Step 10: when a user operates and stores the target file, the type of the target file and the actual hash value corresponding to each element information in the target file are identified.
In the embodiment of the application, the target file refers to a file which is operated by a user in the confidential special computer, and the target file can be edited by creating a new file in the confidential special computer or directly editing an existing file in the confidential special computer, or can be a file which is imported from other mobile storage media into the confidential special computer, and the like. The target file may be a normal file or a target file to be masked, and the target file to be masked may refer to a sensitive file related to confidentiality of country, business, person, etc., which cannot be saved for transmission to other storage media.
Specifically, the embodiment of the application provides a security protection process service, which can be installed in a security-related special computer, and after the security protection process service of the security-related special computer is normally started, the security-related special computer can be in a security protection mode, so that the process service of file shielding is also successfully started until a user manually closes the shielded process, otherwise, the shielded process can be kept in an open state all the time.
Further, after the security protection process service is started by the secret-related special computer, when a user operates the target file in the secret-related special computer, the target file after operation is stored in the secret-related special computer, or a new file is imported and stored in the secret-related special computer, the target file needs to be identified, and the type of the target file and the actual hash value corresponding to each element information in the target file can be specifically identified, so that the identification of the type and the content of the target file is realized.
It should be noted that, the method for storing and identifying files in the embodiment of the application can be applied to a special secret-related computer, and can also be applied to computers with secret-related requirements in each unit, for example, some enterprises need to shield secret-related files, and then the method can be used for identifying non-storable files in the corresponding computers, thereby realizing the secret-related files.
On the basis of the above embodiment, as an optional embodiment, when the user operates and stores the target file, the step of identifying the type of the target file and the actual hash value corresponding to each element information in the target file may include steps 101-103:
Step 101: and identifying the suffix of the target file, and determining the type of the target file according to the suffix of the target file.
Specifically, the identification of the suffix can be achieved by reading the file name of the target file, and the file name is generally composed of two parts, namely a file name and a file extension (suffix). The confidential special computer stores the corresponding relation between the file extension (suffix) and the file type, and the type of the target file can be determined through the suffix of the target file. For example, some security units have a particular document type for both the secured document and the drawing, thereby preventing leakage of that type of document.
Step 102: analyzing the target file and extracting the element information of the target file.
Specifically, after the type of the target file is identified, the element information of the target file needs to be identified, and usually one file contains a plurality of element information. The target file is parsed to obtain content corresponding to each element information in the target file, for example, the target file element information can include, but is not limited to, file name, file title, file letter number, file abstract content, letter information composed of letter organization-main letter organization-letter date of the file, and print information composed of print unit-seal-print date-print number of copies of the file. The element information of the target file can comprise a plurality of dimensions according to different files, and a user can set identification items according to the file types and the dimensions of the file contents which need to be kept secret.
Step 103: based on a hash algorithm, calculating an actual hash value corresponding to each element information.
Specifically, the hash algorithm is an algorithm for mapping data with any length into data with a fixed length, and the hash value is a method for uniquely identifying the data. In specific implementation, the actual hash value corresponding to each element information of the file can be calculated based on a hash algorithm by reading each element information of the file, for example, the actual hash value corresponding to the name of the target file can be obtained by reading the name of the target file and performing hash value calculation on the target file, the abstract content of the target file can be extracted by using a texttrank algorithm, and the actual hash value corresponding to the abstract content of the target file can be obtained by calculating the hash value. In the embodiment of the present application, the actual hash value corresponding to the posting information refers to a hash value corresponding to the content consisting of a posting authority, a main posting authority, and a posting date of the file, the actual hash value corresponding to the printed information refers to a hash value corresponding to the content consisting of a printing unit, a stamp, a printing date, and a printing number of the file, and the contents of a plurality of pieces of information in the same dimension are combined into one hash value, so that the recognition and comparison efficiency can be improved, and the file screening is more accurate.
Step 20: and calling the type of a preset shielding file to be shielded and a shielding hash value corresponding to each element information in the shielding file.
Specifically, before a user operates and stores a target file, the type of a mask file, element information of the mask file, and a mask hash value corresponding to the element information need to be written in a specific path of a confidential special computer. The specific path of the confidential special-purpose computer can be a specific path in a plurality of storage paths in the computer, namely, when a user stores files in the storage path, the computer focuses on the stored files in the specific path.
It should be noted that, under a specific path, a user may write all items to be masked, including, but not limited to, a type of a mask file, each element information of the mask file, and a mask hash value corresponding to each element information, where in the embodiment of the present application, an item to be masked may be understood as a feature mask pool, where the feature mask pool may be set in advance by the user and includes all elements to be masked and corresponding hash values. In practical application, the type of the shielding file to be shielded, which needs to be called, and the shielding hash value corresponding to each element information in the shielding file can be adjusted according to practical conditions. In the embodiment of the present application, each mask hash value may include, but is not limited to, one of a hash value corresponding to a file header, a hash value corresponding to a transmission word size, a hash value corresponding to a file summary content, a mask hash value corresponding to transmission information, and a mask hash value corresponding to seal information, where the transmission information includes a transmission organization, a main transmission organization, and a transmission date, and the seal information includes a seal unit, a seal date, and a seal number, that is, a seal unit-seal date-seal number of the file is set as one mask hash value, and a seal hash value is set as a seal unit-seal date-seal number of the file.
Further, when the user operates and stores the target file, the confidential special computer identifies the target file, calculates an actual hash value corresponding to each element information in the target file, and then invokes a preset type of the shielding file to be shielded and a shielding hash value corresponding to each element information in the shielding file in the feature shielding pool. The type of the preset shielding file and the shielding hash value are information which is set by a user in advance and needs shielding.
On the basis of the above embodiment, as an alternative embodiment, before determining the target file to be masked, the method further includes the following steps:
when a user operates a target file and stores the target file, acquiring a storage address of the target file stored by the user, performing authority verification on the acquired storage address to determine whether the target file has authority to store the address, namely judging whether the storage address is an authority-storing address, wherein a plurality of addresses capable of storing are arranged in the confidential special computer, if the storage address is an authority-storing-free address, the target file is forbidden to be stored, and if the storage address is the authority-storing address, the storage address possibly can be stored, but further judging whether the target file is a target file to be shielded is needed, namely executing the step of determining the target file to be shielded based on the type and each actual hash value of the target file, the type and each shielding hash value of the shielding file.
Step 30: and determining the target file to be shielded based on the type of the target file and each actual hash value, and the type of the shielding file and each shielding hash value, and prohibiting the target file to be shielded from being stored.
Specifically, comparing the type of the target file with the type of the shielding file, and/or comparing each actual hash value with each corresponding shielding hash value, and if the type of the target file is the same as the type of the shielding file, and/or at least one actual hash value is the same as the corresponding shielding hash value, determining that the target file is the target file to be shielded.
In another possible embodiment, it may be further determined whether to store the target file to be masked by limiting the number of times of storage. Specifically, after the target file is determined to be the target file to be shielded, the preset limit storage times of the target file to be shielded need to be acquired, different target files to be shielded may correspond to different limit storage times, for example, the limit storage times of some target files to be shielded are limit storage once, the limit storage times of some target files to be shielded are limit storage three times, whether the storage times of the target files to be shielded exceeds the preset limit storage times is judged, if the storage times of the target files to be shielded exceed the preset limit storage times, the target files to be shielded are prohibited from being stored, and if the storage times of the target files to be shielded do not exceed the preset limit storage times, the target files to be shielded are permitted to be stored.
As an alternative embodiment, the step of determining the object file to be masked based on the type of the object file and the actual hash values, and the type of the mask file and the mask hash values may include the steps of:
step 301: and comparing the type of the target file with the type of the shielding file, and/or comparing each actual hash value with each corresponding shielding hash value.
Step 302: and judging whether the type of the target file is the same as the type of the mask file, and/or whether at least one actual hash value is the same as the corresponding mask hash value.
Step 303: and if the type of the target file is the same as the type of the shielding file and/or at least one actual hash value is the same as the corresponding shielding hash value, determining the target file as the target file to be shielded. Specifically, the type of the shielding file refers to a file type which is set by a person in advance and needs shielding, for example, a special security drawing file type is set in some units. Comparing the type of the target file with the type of the shielding file, and/or comparing the actual hash value of each element information in the target file with the shielding hash value corresponding to each element information in the shielding file, judging whether the type of the target file is the same as the type of the shielding file, and/or whether at least one actual hash value is the same as the corresponding shielding hash value, if the type of the target file is the same as the type of the shielding file, and/or at least one actual hash value is the same as the corresponding shielding hash value, indicating that the target file is the target file to be shielded.
For example, if the type of the preset mask file is an X file type and a Y file type, the mask hash value corresponding to each element information of the preset mask file includes: a first shielding hash value corresponding to the file name, a second shielding hash value corresponding to the transmitted text number, a third shielding hash value corresponding to the printed information consisting of a printed unit, a seal, a printed date and a printed number of copies, and a fourth shielding hash value corresponding to a keyword 'confidential file' in the file content. Comparing the type of the target file with the type of the shielding file, and/or comparing each actual hash value with each corresponding shielding hash value, namely judging whether the type of the target file is an X file type or a Y file type, and/or judging whether an actual hash value corresponding to the file name of the target file is equal to a first shielding hash value, an actual hash value corresponding to the transmission text number of the target file is equal to a second shielding hash value, an actual hash value corresponding to the printing information consisting of a printing unit, a seal, a printing date and a printing number of the target file is equal to a third shielding hash value, and an actual hsah value corresponding to whether a keyword 'secret file' exists in the content of the target file is equal to a fourth shielding hash value, and determining that the target file is the target file to be shielded if the type of the target file is the same as the type of the shielding file, and/or if at least one actual hash value is the same as the corresponding shielding hash value. For example, when the type of the target file is different from the type of the mask file, but as long as there is one actual hash value in the target file that is the same as the corresponding mask hash value, for example, the actual hash value corresponding to the file name of the target file is equal to the first mask hash value, the target file is determined as the target file to be masked even if the other actual hash values are not equal to the corresponding mask hash values.
On the basis of the above embodiment, as an alternative embodiment, the method may further include the steps of:
and if the type of the target file is different from the type of the mask file and/or each actual hash value is different from the corresponding mask hash value, allowing the target file to be stored. It should be noted that, in the embodiment of the present application, different target files may be provided with different storage restriction policies, and the execution range of the storage restriction policies may be one computer, or may be in one local area network, which is not limited herein.
For example, if the storage limit policies set by the target files to be masked are different in file type, the target files are allowed to be stored as long as the types of the target files are different from those of the mask files; for example, the type of the preset mask file is an X file type, the preset mask hash value is null or not preset, when the type of the target file a is the X file type, the target file a is the target file to be masked, the storage of the target file a is prohibited, and when the type of the target file B is the Y file type, the storage of the target file B is permitted.
And if the storage limit policy set by the target file to be shielded is that each actual hash value is different from the corresponding shielded hash value, the target file can be allowed to be stored only by determining that each actual hash value is different from the corresponding shielded hash value. For example, the type of the preset mask file is null or not preset, the preset mask hash value is a first mask hash value corresponding to the file name, and the second mask hash value corresponding to the word size is sent, so when the actual hash value corresponding to the file name of the target file a is equal to the first mask hash value, the target file a is the target file to be masked, storage of the target file a is forbidden, and when the actual hash value corresponding to the file name of the target file B is not equal to the first mask hash value, and the actual hash value corresponding to the word size is not equal to the second mask hash value, storage of the target file B is allowed.
Assuming that the storage limit policy set by the target file to be shielded is that the type of the target file is different from the type of the shielded file, and each actual hash value is different from the corresponding shielded hash value, when the type of the target file is the same as the type of the shielded file or each actual hash value of the target file is at least one of the same as the corresponding shielded hash value, determining that the target file is the target file to be shielded, and prohibiting storage of the target file to be shielded. Accordingly, only if the type of the target file is different from the type of the mask file and each actual hash value is different from the corresponding mask hash value, and the two values are satisfied at the same time, the target file is allowed to be stored. For example, the type of the preset mask file is a Y file type, the preset mask hash value is a first mask hash value corresponding to a file name, and the second mask hash value corresponding to a transmission word size, when the file type of the target file a is an X file type, the actual hash value corresponding to the file name is equal to the first mask hash value, and the actual hash value corresponding to the transmission word size is not equal to the second mask hash value, the target file a is determined to be the target file to be masked, the storage of the target file a is prohibited, when the file type of the target file B is a Y file type, the actual hash value corresponding to the file name is not equal to the first mask hash value, the actual hash value corresponding to the transmission word size is not equal to the second mask hash value, the target file B is determined to be the target file to be masked, and the storage of the target file B is prohibited. The storage limiting strategy can be adjusted according to different actual requirements.
On the basis of the above embodiment, as an optional embodiment, before identifying the type of the target file and the actual hash value corresponding to each element information in the target file, the method further includes a step of acquiring the current mode category selected by the user.
Specifically, after the user operates the target file, the current mode category needs to be selected, and in the embodiment of the present application, the current mode category includes a detection mode and a normal mode. In another possible embodiment it is also possible to select the current mode category before manipulating the target file. And acquiring the current mode type selected by the user, after determining the target file to be shielded based on the type of the target file, each actual hash value, the type of the shielding file and each shielding hash value, if the current mode type is a detection mode and the target file to be shielded is forbidden to be stored, displaying prompt information of failure in storage in a preset area.
Fig. 3 is a schematic diagram of a display interface for storing results according to an embodiment of the present application.
Referring to fig. 3 (a), an interface schematic diagram when the current mode type is a detection mode and it is determined that the target file is the target file to be masked, where the interface may display a prompt message of "the target file fails to store", and may also display at least one target element risk message of which an actual hash value is the same as a corresponding mask hash value, for example, an actual hash value corresponding to a title name of the target file is the same as a corresponding mask hash value, an actual hash value corresponding to a transmission word number of the target file is the same as a corresponding mask hash value, an actual hash value corresponding to a print message of the target file is the same as a corresponding mask hash value, and an actual hash value of a keyword in a content of the target file is the same as a mask hash value, as shown in a risk prompt shown in fig. 3 (a), where there are the following four kinds of risk information related to secret risk elements, and each of risk information is displayed in different colors, where the user cannot store the target file in a secret-specific computer, or cannot transmit the target file from the secret-specific computer to a storage-specific mobile phone, for example, the smart-phone may fail to store the secret-related information in a storage-specific-related computer, and the communication-related mobile-phone may fail to store the secret-related information after the communication-related information is displayed in the storage-terminal.
In the detection mode, after the user fails to store the target file, at least one target element risk information with the same actual hash value as the corresponding mask hash value is displayed, wherein the target element risk information is the reason of the storage failure, and the user can be helped to quickly locate the specific position of the target element risk information, so that the user is prompted to prompt the reason of the storage failure.
Fig. 3 (b) is an interface schematic diagram when the current mode is the normal mode and the target file is determined to be the target file to be masked.
After the target file to be shielded is determined based on the type and each actual hash value of the target file and the type and each shielding hash value of the shielding file, if the current mode type is a normal mode and the target file is determined to be the target file to be shielded, prompt information of failure in storing the target file is directly displayed, so that the user cannot store the target file in the confidential special computer or cannot transmit the target file from the confidential special computer to other storage media.
In the normal mode, all the identification and detection of the confidential special purpose computer is logically verified in the background, and the cause of the storage failure in the normal mode is not displayed unlike the detection mode. In general, the storage failure detection method is a normal mode by default, and if a user wants to know the cause of the storage failure, the user can select a detection mode to detect so as to know the cause of the storage failure.
Please refer to fig. 3 (c), which is a schematic diagram of an interface when the target file is allowed to be stored in the normal mode or the detection mode.
When the target file is allowed to be stored, the display interfaces of the current mode type of the target file in the detection mode and the normal mode are the same, namely prompt information of successful storage of the target file is displayed. Indicating that the object file is not related to mask information, allowing it to be stored.
By adopting the technical scheme of the embodiment of the application, the file or the file content in a certain format can be protected and prevented from being stored. For example, 100 files are included in a confidential special computer, wherein a part of target files need to be shielded to be confidential, the part of target files can only be allowed to appear in the current confidential special computer, if the target files to be shielded appear on other electronic equipment, the target files may be streamed out in an abnormal form to cause disclosure, and by adopting the method provided by the embodiment of the application, files or contents in a certain format can be shielded, so that a user cannot store the target files, and further, the target files can be effectively prevented from being transmitted.
Referring to fig. 4, a schematic diagram of a file storage and identification system according to an embodiment of the present application may include: a target file identification module 1, a shielding element calling module 2 and a file module 3 to be shielded is determined, wherein:
the target file identification module 1 is used for identifying the type of the target file and the actual hash value corresponding to each element information in the target file when a user operates and stores the target file;
the shielding element calling module 2 is used for calling the type of a preset shielding file to be shielded and a shielding hash value corresponding to each element information in the shielding file;
and the to-be-masked file determining module 3 is configured to determine a to-be-masked target file based on the type and each of the actual hash values of the target file, and the type and each of the mask hash values of the mask file, and prohibit storage of the to-be-masked target file.
The file storage and identification system may be built in the terminal or in the server, and specifically, the method embodiment flow is executed, and details of the file storage and identification system embodiment are described in detail, which are not described herein. According to the file storage identification system provided by the embodiment of the application, when a user operates and stores the target file, the type of the target file and the actual hash value corresponding to each element information are identified, and the actual hash value is compared with the type of the preset shielding file to be shielded or the shielding hash value corresponding to each element information, so that the target file to be shielded can be determined, the target file to be shielded is forbidden to be stored, the security and confidentiality of the target file to be shielded are improved, and the confidentiality requirement of the user is met.
Optionally, a storage identification system of a file may further include: and shielding the information writing module.
And the shielding information writing module is used for writing the type of the shielding file and each element information of the shielding file under the specific path of the confidential special computer, calculating a shielding hash value corresponding to each element information, wherein each shielding hash value at least comprises one of a hash value corresponding to a file title, a shielding hash value corresponding to a file name, a shielding hash value corresponding to a transmission text number, a shielding hash value corresponding to a file abstract content, a shielding hash value corresponding to a keyword in the file content, a shielding hash value corresponding to transmission text information and a shielding hash value corresponding to a printing information, the transmission text information comprises a transmission agency, a main transmission agency and a transmission text date, and the printing information comprises a printing unit, a seal, a printing date and a printing number.
Alternatively, the object file identification module 1 may include: a file type identification unit, an element extraction unit and a hash value calculation unit.
The file type identification unit is used for identifying the suffix of the target file and determining the type of the target file according to the suffix of the target file;
The element extraction unit is used for analyzing the target file and extracting element information of the target file;
the hash value calculation unit is used for calculating an actual hash value corresponding to each element information based on a hash algorithm, wherein each actual hash value is at least one of an actual hash value corresponding to a file title, an actual hash value corresponding to a file name, an actual hash value corresponding to a transmission text number, an actual hash value corresponding to a file abstract content, an actual hash value corresponding to a keyword in the file content, an actual hash value corresponding to transmission text information and an actual hash value corresponding to printing text information, the printing text information comprises a printing unit, a seal, a printing date and a printing number. Optionally, the storage identification system of the file may further include a storage address permission determining module, where the storage address permission determining module includes a judgment permission address unit, a prohibition storage unit, and a file to be masked determining unit.
The judging authority address unit is used for acquiring a storage address of the target file stored by the user and judging whether the storage address is an authority storage address or not;
The non-authority address execution unit is used for prohibiting the storage of the target file if the storage address is an address without authority storage;
and the authorized address execution unit is used for executing the step of determining the target file to be shielded based on the type of the target file and each actual hash value, the type of the shielding file and each shielding hash value if the storage address is the authorized storage address.
Optionally, determining the file module to be masked 3 may further include: the device comprises a comparison unit, a judging unit and a file determining unit to be shielded.
The comparison unit is used for comparing the type of the target file with the type of the shielding file and/or comparing each actual hash value with each corresponding shielding hash value;
the judging unit is used for judging whether the type of the target file is the same as the type of the shielding file and/or whether at least one actual hash value is the same as the corresponding shielding hash value;
and the file to be masked determining unit is used for determining the target file as the target file to be masked if the type of the target file is the same as the type of the mask file and/or at least one actual hash value is the same as the corresponding mask hash value.
Optionally, a storage identification system of a file may further include: allowing the memory module.
And allowing a storage template to be used for allowing the target file to be stored if the type of the target file is different from the type of the mask file and/or each actual hash value is different from the corresponding mask hash value.
Optionally, a storage identification system of a file may further include: and the detection mode storage result display module.
The detection mode storage result display module is used for displaying prompt information of storage failure in a preset area of the target file if the current mode type is a detection mode and the target file is determined to be a target file to be shielded, wherein the prompt information comprises at least one target element risk information with the same actual hash value as the corresponding shielding hash value, and each target element risk information is displayed in a marking mode in different colors; and if the current mode type is a detection mode and the target file is allowed to be stored, displaying prompt information of successful storage.
It should be noted that: in the system provided in the above embodiment, when implementing the functions thereof, only the division of the above functional modules is used as an example, in practical application, the above functional allocation may be implemented by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to implement all or part of the functions described above. In addition, the system and method embodiments provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the system and method embodiments are detailed in the method embodiments, which are not repeated herein.
The embodiment of the present application further provides a computer storage medium, where the computer storage medium may store a plurality of instructions, where the instructions are suitable for being loaded by a processor and executed by a processor, and the specific execution process may refer to the specific description of the embodiment shown in fig. 1 to 3, and is not described herein.
Referring to fig. 5, the application also discloses an electronic device. Fig. 5 is a schematic structural diagram of an electronic device according to the disclosure. The electronic device 500 may include: at least one processor 501, at least one network interface 504, a user interface 503, a memory 505, at least one communication bus 502.
Wherein a communication bus 502 is used to enable connected communications between these components.
The user interface 503 may include a Display screen (Display) and a Camera (Camera), and the optional user interface 503 may further include a standard wired interface and a standard wireless interface.
The network interface 504 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.
Wherein the processor 501 may include one or more processing cores. The processor 501 connects various parts throughout the server using various interfaces and lines, performs various functions of the server and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 505, and invoking data stored in the memory 505. Alternatively, the processor 501 may be implemented in hardware in at least one of digital signal processing (Digital Signal Processing, DSP), field programmable gate array (Field-Programmable Gate Array, FPGA), programmable logic array (Programmable Logic Array, PLA). The processor 1001 may integrate one or a combination of several of a central processing unit (Central Processing Unit, CPU), an image processor (Graphics Processing Unit, GPU), and a modem, etc. The CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It will be appreciated that the modem may not be integrated into the processor 1001 and may be implemented by a single chip.
The Memory 505 may include a random access Memory (Random Access Memory, RAM) or a Read-Only Memory (Read-Only Memory). Optionally, the memory 505 comprises a non-transitory computer readable medium (non-transitory computer-readable storage medium). Memory 505 may be used to store instructions, programs, code sets, or instruction sets. The memory 505 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the above-described various method embodiments, etc.; the storage data area may store data or the like involved in the above respective method embodiments. The memory 505 may also optionally be at least one storage device located remotely from the processor 501. Referring to fig. 5, an operating system, a network communication module, a user interface module, and an application program of a storage recognition method of a file may be included in a memory 505 as a kind of computer storage medium.
In the electronic device 500 shown in fig. 5, the user interface 503 is mainly used for providing an input interface for a user, and acquiring data input by the user; and the processor 501 may be used to invoke an application program in the memory 505 that stores a storage identification method for a file, which when executed by the one or more processors 501, causes the electronic device 500 to perform the method as described in one or more of the embodiments above. It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all of the preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, such as a division of units, merely a division of logic functions, and there may be additional divisions in actual implementation, such as multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some service interface, device or unit indirect coupling or communication connection, electrical or otherwise.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable memory. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in whole or in part in the form of a software product stored in a memory, comprising several instructions for causing a computer device (which may be a personal computer, a server or a network device, etc.) to perform all or part of the steps of the method of the various embodiments of the present application. And the aforementioned memory includes: various media capable of storing program codes, such as a U disk, a mobile hard disk, a magnetic disk or an optical disk.
The foregoing is merely exemplary embodiments of the present disclosure and is not intended to limit the scope of the present disclosure. That is, equivalent changes and modifications are contemplated by the teachings of this disclosure, which fall within the scope of the present disclosure. Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure.
This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a scope and spirit of the disclosure being indicated by the claims.

Claims (10)

1. A method for storing and identifying files, which is applied to a secret-related special-purpose computer, the method comprising:
when a user operates and stores a target file, identifying the type of the target file and an actual hash value corresponding to each element information in the target file;
calling the type of a preset shielding file to be shielded and the shielding hash value corresponding to each element information in the shielding file;
and determining a target file to be shielded based on the type of the target file and each actual hash value, and the type of the shielding file and each shielding hash value, and prohibiting the target file to be shielded from being stored.
2. The method for storing and recognizing files according to claim 1, wherein before the user operates the target file and stores it, further comprising:
Writing in the type of the shielding file and the element information of the shielding file under the specific path of the confidential special computer;
calculating a mask hash value corresponding to each element information, wherein each mask hash value at least comprises one of a hash value corresponding to a file title, a mask hash value corresponding to a file name, a mask hash value corresponding to a text number, a mask hash value corresponding to a file abstract content, a mask hash value corresponding to a keyword in a file content, a mask hash value corresponding to text information and a mask hash value corresponding to a seal information, the text information comprises a text issuing organization, a main sending organization and a text issuing date, and the seal information comprises a seal issuing unit, a seal issuing date and a seal issuing number.
3. The method for storing and identifying files according to claim 1, wherein identifying the type of the target file and the actual hash value corresponding to each element information in the target file includes:
identifying the suffix of the target file, and determining the type of the target file according to the suffix of the target file;
analyzing the target file and extracting element information of the target file;
Based on a hash algorithm, calculating an actual hash value corresponding to each element information, wherein each actual hash value at least comprises one of an actual hash value corresponding to a file title, an actual hash value corresponding to a file name, an actual hash value corresponding to a transmission text number, an actual hash value corresponding to a file abstract content, an actual hash value corresponding to a keyword in the file content, an actual hash value corresponding to transmission text information and an actual hash value corresponding to transmission text information, the transmission text information comprises a transmission text authority, a main transmission authority and a transmission text date, and the transmission text information comprises a transmission unit, a seal, a transmission text date and a transmission number.
4. The method for storing and identifying files according to claim 1, wherein before determining the target file to be masked based on the type of the target file and each of the actual hash values, and the type of the mask file and each of the mask hash values, further comprises:
acquiring a storage address of the target file stored by the user, and judging whether the storage address is an address with authority to store;
if the storage address is an address without authority storage, the storage of the target file is forbidden;
And if the storage address is an address with authority to store, executing the step of determining the target file to be masked based on the type of the target file and each actual hash value, and the type of the mask file and each mask hash value.
5. The method for storing and identifying files according to claim 1, wherein said determining the target file to be masked based on the type of the target file and each of the actual hash values, and the type of the mask file and each of the mask hash values, comprises:
comparing the type of the target file with the type of the mask file, and/or comparing each actual hash value with each corresponding mask hash value;
judging whether the type of the target file is the same as the type of the mask file and/or whether at least one actual hash value is the same as the corresponding mask hash value exists;
and if the type of the target file is the same as the type of the shielding file and/or at least one actual hash value is the same as the corresponding shielding hash value, determining that the target file is the target file to be shielded.
6. The method for storage identification of files of claim 5, further comprising:
And if the type of the target file is different from the type of the mask file and/or each actual hash value is different from the corresponding mask hash value, allowing the target file to be stored.
7. The method for storing and identifying files according to claim 6, wherein before identifying the type of the target file and the actual hash value corresponding to each element information in the target file, the method further comprises: acquiring the current mode category selected by the user, wherein the method further comprises:
if the current mode type is a detection mode and the target file is determined to be a target file to be shielded, displaying prompt information of failure in storage in a preset area, wherein the prompt information comprises at least one target element risk information with the same actual hash value as the corresponding shielding hash value, and each target element risk information is marked and displayed in different colors;
and if the current mode type is a detection mode and the target file is allowed to be stored, displaying prompt information of successful storage.
8. A storage identification system for a file, the system comprising:
the target file identification module (1) is used for identifying the type of the target file and the actual hash value corresponding to each element information in the target file when a user operates and stores the target file;
A shielding element calling module (2) for calling the type of a preset shielding file to be shielded and a shielding hash value corresponding to each element information in the shielding file;
and a to-be-masked file determining module (3) for determining a to-be-masked target file based on the type and each of the actual hash values of the target file and the type and each of the mask hash values of the mask file, and prohibiting the to-be-masked target file from being stored.
9. A computer readable storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the method of any one of claims 1 to 7.
10. An electronic device comprising a processor, a memory and a transceiver, the memory configured to store instructions, the transceiver configured to communicate with other devices, the processor configured to execute the instructions stored in the memory, to cause the electronic device to perform the method of any one of claims 1-7.
CN202311088791.3A 2023-08-26 2023-08-26 File storage identification method, system, medium and electronic equipment Pending CN117034353A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311088791.3A CN117034353A (en) 2023-08-26 2023-08-26 File storage identification method, system, medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311088791.3A CN117034353A (en) 2023-08-26 2023-08-26 File storage identification method, system, medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN117034353A true CN117034353A (en) 2023-11-10

Family

ID=88602261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311088791.3A Pending CN117034353A (en) 2023-08-26 2023-08-26 File storage identification method, system, medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN117034353A (en)

Similar Documents

Publication Publication Date Title
US11704384B2 (en) Secure document sharing
US9036180B2 (en) Apparatus and method for securing confidential information of printed document in cloud computing environment
KR101382222B1 (en) System and method for mobile data loss prevention which uses file system virtualization
US9183289B2 (en) Document classification toolbar in a document creation application
US9516031B2 (en) Assignment of security contexts to define access permissions for file system objects
CN111488603A (en) Method and device for identifying sensitive content of printed file
CN115098877A (en) File encryption and decryption method and device, electronic equipment and medium
Cormack Is the subject access right now too great a threat to privacy?
JP2008262259A (en) Information leakage prevention system
JP5327894B2 (en) Management server and terminal management method thereof
CN114417397A (en) Behavior portrait construction method and device, storage medium and computer equipment
CN117034353A (en) File storage identification method, system, medium and electronic equipment
KR101309592B1 (en) Method of protecting private information
CN119249485A (en) Data display method, device, computer equipment, storage medium and program product
CN118886036A (en) Method, device, equipment, medium and program product for preventing vertical unauthorized access
JP6701368B2 (en) Data loss prevention through print interface technology diagnostics through print operations
CN117235790A (en) Print information desensitizing method, device, electronic equipment and storage medium
CN116405280A (en) Control method, device and equipment for user resource authority in risk detection process
CN115310059A (en) A data security processing method and device
CN119066691B (en) File protection method and electronic equipment
CN118504034B (en) Data processing method, device, medium and product for document materials
EP3493093A1 (en) Data protection method for preventing of re-pasting of confidential data
EP3864559A1 (en) Method for securing a digital document
KR101459676B1 (en) Apparatus for secreting information security in printed documents using user terminal and method thereof
US10956590B2 (en) Methods for securely managing a paper document

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination