进入信息和网络化的时代以来,计算机在我们的工作和生活中扮演着日益重要的角色。个人电脑作为一种现代化数据处理和存储的工具,就好似银行中的保险柜一样,经常会存放一些非常重要的资料,而文件是数据存储的最基本单位。我们平常提到的文件包括可执行的文件(程序),配置文件和数据文件。其中数据文件更是存储了个人的机密信息等,入侵者感兴趣的也正是这些机密文件。因此,对于数据文件的安全保护成为了信息安全中的重要课题。
在本文中,我们阐述了文件操作原理,分析了数据文件操作过程中产生的安全隐患,并针对此问题自定义了一套数据文件访问控制规则。然后利用Visual Studio 开发工具和C++语言设计实现一个基于微软detour之API截获技术的文件访问控制工具,能够对文件的打开操作,修改操作等过程进行控制,对于违反规则的文件操作都予以拒绝。
本文的重点之处在于如何从创建,存储,修改,到销毁的整个过程中对文件进行操作控制,创新之处在于对文件保护采取主动控制方式,区别于现有的防火墙等被动防卫的安全机制,为保护数据安全找到了一条新的途径。
关键词:Detour,Trampoline函数,Target函数,Win32 API,DLL
The research of user-defined data files tools for access and control
Abstract
Since we have entered the information and network time, computer is playing an increasingly important role in our life and work. As a modern data processing and storage tool, the PC seems like the safe in the banks which often keeps some very important information. And the document is the most basic data storage units. The documents we normally mentioned include executable document (procedures), configuration files and data files. The data file stores the person's confidential information, which just interested the invader. Therefore, the security protection to the data file proves to be an important issue in the field of the Information security.
In this paper, we elaborated the document operating principle, analyzed potential safety problems which generated in the process of the data file operating and defined a set of data file access control rules aimed the problems mentioned. And then making use of the Visual Studio development tools and C + + language, this system designed and implemented a file access control tool based on the API intercepted technical of the Microsoft detour, which can control the open and close to the file and refuse the access operation which violate the rule.
The key of this paper is how to control the operation of the document from creation, store, modify, to the destruction of the whole process, the innovation is to take the initiative to protect the document control. It is different from the existing passive defense firewall security mechanisms to protect the security of the data, and it also finds a new way for the data security.