A New Model Of Document Security Control System

In recent years, computer and network has become the necessary tools for government andthe enterprises, to deal with daily issues and communication,so the protection of the confidentialdocuments in computer system is becoming more and more essential. We should resist not onlythe external attack and damage,but also internal intentaional or unintentional damage andleak,which usually security software such as antivirus software or firewall can hardly detect orprevent.In this background file monitor technology and access control technology draw more andmore attention.In this thesis a new model of document security control system is presented, this model ismainly composed of, the file monitor subsystem and access control subsystem. File monitorsubsystem is based on a new file monitor technology which is based on IRP feature sequences,this technology is the improvement of the file monitor technology based on file filter drivers. Theconcept of the IRP feature sequence is presented. File operation behavior is monitored throughthe decision of IRP feature sequence. For dealing with some problem in actual situation, adynamic multiple automata decision model is presented. The solution of the asynchronousextraction of IRP feature information, sequence track and determination mechanism wereprovided. So that the file monitor coverage and flexibility in implementation were promoted, andthe decision of the behavior of complex file operation were completed. In views of theparticularity of the file operations taken place in network, a monitor technology which combinesthe file monitor technology based on the IRP sequence and network packets characteristicmonitor technology is presented, and thanks to this technology the monitoring of file operationrelated with network is realized, but at the same time this technology s effect is limited indecition of the file operations of trojans, because there are various technology for hiding used introjans. According to some characteristics related to the process in the local computer of thedynamic embedded trojans, a local monitor technology is presented in this thesis, and it workswell on decision of the dynamic embedded trojans. Based on the monitoring work of file monitorsubsystem, a role-based access control system is realized in access control subsystem. In thisthesis the combination of those subsystems is described.This model which is presented by this thesis gets an initial implementation and applicationin a prototype system of a national project. The function and performance of this prototypesystem is tested, and the results reflect that the system has good universality, accuracy andstability, and the performance is good. The tests of the function of access control subsystemverify its validity.