Research And Implement Of File Security Accessing System Based On Internal Network

With the widely use of network, the security inside the internal network became more and more serious. Traditional gateway and firewall could keep the internal network from external invading and attacking, but could not supervise users inside the network accessing internal resources. According to the investigation, the annual loss caused by internal accessing was far beyond the one caused by external network attacking. Therefore, how to intercept and filter the accessing to internal files has become very important.The file storage inside the internal network can be divided into separately storage on the desktop and centralized storage in the FTP server. As a monitoring system in the field of information security, the robustness played an essential role, which directly affected the effectiveness of the file access controlling. Considering the different storage of files and robustness requirements of system, the thesis studied the following aspects:1,Monitoring to desktop. Considering the file accessing principle of Windows, the thesis pointed out using Detours technology based on inline-hooking to hook functions associated with file accessing. The interception happened during the running time of functions, which showed some elusive. The system used global hooking technology to inject monitoring module into all processes, making sure the whole system was monitored, and then using shared memory technology to ensure the uniqueness of accessing rules.2,Monitoring to FTP file server. According to the interaction of FTP protocols, the thesis proposed using Winsock2 SPI inception technology to filter network packets. In this way, it could capture the content of network packet directly, without fragmenting and reassembling of package, which could improve the efficiency of system.3,System robustness. The thesis proposed using three-thread process protecting technology to ensure the effective running of system, avoiding the monitoring failure caused by malicious closing. The filtering rules which the file access controlling referenced were stored in the remote database. The updating of filtering rules stored in the database was considered. The system could respond to the updating in real-time, making sure the effectiveness of monitoring.Finally, the design ideas, algorithms of the file access controlling and detailed implementation process of system were pointed out. Experiments showed that the scheme indeed could realize effective file access monitoring to desktop and FTP server, and not disturbing the actual communication of network, which displayed good portability and scalability. The system solved the security risks of internal network, and was positive to strengthen the security of internal network.