基于Minifilter框架的文件系统安全模块的设计与实现-软件工程专业论文.docxVIP

哈尔滨工业大学工程硕士学位论文 哈尔滨工业大学工程硕士学位论文 - - II - Abstract With the rapid development of network technology, the operations of modern enterprises are increasingly dependent on computers network to storage, transfer and exchange information. However, the file information security problems are more and more serious. How to ensure the information security of the files has become an important research direction of modern information science field. Microsoft proposes the minifilter driver technology. The minifilter driver can be loaded in the kernel mode to monitor and intercept all file I/O request packet. Through designing flexible file access control strategies, Minifilter driver can achieve effective protection of the file system security. It can be flexibly loaded and unloaded and also has great compatibility and scalability. The thesis begins with the introduction of the research status of file system security protection and the development of filter driver, and then analyzes the advantages of Minifilter driver framework and the demands of file system security module. Then the paper gives the overall design of the system and module partition. The file system security module adopts the client/server architecture . The server is mainly responsible for setting and transmitting protection and control strategies to the client kernel mode. The Client is divided into two parts: user mode and kernel mode. User mode is responsible for receiving commands from the server. Kernel mode intercepts and filters the IRP according to the corresponding file access control policy. The thesis applies some critical technologies, including client authentication mechanism, file path filtering technology, the communication of user mode and kernel mode and the identification of removable storage devices. It realizes a file protection filter driver based on the Minifilter framework. The filter driver can achieve classified and real-time security protection of the general documents, important documen