Method and system for establishing access control
暂无分享,去创建一个
The present invention relates to a system and method for setting access control policies and, more particularly, to the action and file I / O is not allowed according to the control mode automatically allow or block to establish access control policies more easily so you can set access control policy relates to a system and method. For this, the configuration for achieving the access control policy setting system of the present invention, monitors the A system for establishing access control policy, the file I / O (Input / Output) through file system filter driver that is installed in the system , and the full path of the file from the file I / O, the access attribute of the file, the user account (SID) and a process of obtaining information for the file system I / O monitoring unit; Said the full path of the file from the file system I / O monitoring unit, to come get the current control mode from the access attribute of the file, and the user account (SID), and receiving delivery of such items as process information, while control mode store, according to the control mode to add or update of the entry to the internal access control policy storage or further characterized in that it comprises a control unit access control to block or allow the entry. The configuration for achieving an access control policy setting method of the present invention, there is provided a method for establishing access control policy, and via a file system filter driver that is installed on the system monitors the file I / O (Input / Output) , and the full path of the file from the file I / O, the access attribute of the file, the user account (SID) and a file system I / O monitoring process to obtain the information; The full path and file in the file system I / O monitoring step coming retrieves the current control mode from the access attribute of the file, and the user account (SID), and receiving delivery of such items as process information, while control mode store, according to the control mode to add or update of the entry to the internal access control policy storage or further characterized in that it comprises a control step of the access control block or allow the entry. According to the above-described configuration, the actions and the file I / O in the system in accordance with the learning mode and a blocking mode of the control mode storage is stored, or allowed, and thereby the activity or file I / O that is not allowed by the system is automatically shut off , which will also have a more easy and convenient effects that you can establish a set of access control policies, and fundamentally blocked by unacceptable behavior, can efficiently prevent hacking and hacker attacks effects. Access control, system, file system filter driver, learning mode, block mode