Research And Implementation Of Terminal Document Security Protection System

With the popularity of computer network and extensive use of portable storage devices, coupled with the openness of the computer, ease of use and standardization, computer information has the characteristics of sharing and easy to spread, so causes the computer information is always faced with disclosure, theft, tampering and destruction of great danger, though sensitive sector's network using the theoretical safe physical isolation, but the everyday abuse of portable storage devices, illegal online, illegal access and other security incidents threatening the security of confidential information, and some important documents for various reasons will be shared in a multi-world, increasing the possibility of leakage of data, making how to protect important information security on the terminal has become the focus of attention and research。In order to solving the security protection problems of critical terminal information, an effective solution is directly protect the information carrier-the terminal document access control and encryption. Currently, there are many such products, but they are mostly developed based on application layer, not with the operating system's file system integration, the user is not convenient to use. With the file system filter driver technology developing, use the file system filter driver technology to dynamically transparently encrypt for important documents has become an important technical means。Using the file system filter driver to achieve dynamic transparent encryption and decryption of the document, the first problem is that how to distinguish the file which is encrypted or non-encrypted between dynamically transparent encryption and decryption. Usual method is puted a specific type of file in a fixed directory or stored the full path of the file in another file.but when file movement, packing compression or sent by the network becomes extremely cumbersome, it is easy to lost file marking, is not conducive to practical application. This document use the improved file marking technology, which is embed into the document itself, the document ID and the document itself save together,it can avoid the loss of the document ID caused by moving documents and files, achieved transparent identification of the file in fine-grained level. And with the management of documents use securityly hierarchical management, not only the documents are graded respectively, but also users are graded respectively, the different users have different permissions to the correponding different documents。The first, introduces the Windows NT system architecture and some of the specific mechanism, and then introduces some knowledge of the file system and the file system filter, focusing on analysis the process of the file system read and write the document, the second, introduces how to design and develop file system filter driver based on The New Minifilter driver framework, the finaly,applies the new Minifilter driver framework and document identification technology, design and implement a terminal document security protection system, not noly realizes the transparent identification and dynamic transparent encryption security protection of terminal document, but also achieves policy for documents access control and hierarchical management documents, it can effectively to prevent of the terminal important information from leaking, so that document use 1 as usual in the termina,but outside is not available when copy by the removable storage device or sent through the network,it can effectively security protect the terminal critical information. An improved Identification technology is proposed.the encryption key is embedded into the document ID can not only identify the document,but also play the role of simplify the encryption key management。The innovations of this article are as follow:a. An improved identification technology, improve original document technology and propose a method to extend original document ID, the method adds the encryption key and the information of control policy into the document ID,so that the extend document ID not only can identify the document,but also has the functions of managing the encryption keys and managing the policy。b. processes filter, when processes filter, not only use the process name to filter, instead of using the process name and signature code to filter, which is more effective to prevent a non-confidential process forging a secret process by modifying the process name.