-
公开(公告)号:WO2016094990A1
公开(公告)日:2016-06-23
申请号:PCT/BR2015/000201
申请日:2015-12-15
Applicant: GAS INFORMATICA LTDA
Inventor: CAVALHEIRI MARENGHI, Fabio , DA SILVA ARAUJO, Heros , PEREIRA MORAIS, Thiago , FIGUEIREDO ALVES, Paulo Márcio
IPC: B21C37/00
CPC classification number: G06F21/6209
Abstract: In example embodiments described herein, a device driver is employed to protect certain files. The device driver registers itself with an operating system and requests system notifications when a process attempts to delete, write data, or change attributes of a file. The device driver intercepts messages to delete, write data, or change attributes of a file and determines whether the request is for a protected file. If the request is for a protected file, the request is denied.
Abstract translation: 在本文描述的示例实施例中,采用设备驱动程序来保护某些文件。 设备驱动程序向操作系统注册自身,并在进程尝试删除,写入数据或更改文件属性时请求系统通知。 设备驱动程序拦截消息以删除,写入数据或更改文件的属性,并确定请求是否为受保护的文件。 如果请求是受保护的文件,请求被拒绝。
-
公开(公告)号:WO2016094985A1
公开(公告)日:2016-06-23
申请号:PCT/BR2015/000184
申请日:2015-12-15
Applicant: GAS INFORMATICA LTDA
Abstract: Computer systems Methods (implemented through instructions carried by a medium) and apparatus for protecting a process or thread (102, 202) against forced terminations are disclosed. The protection is accomplished by monitoring of commands targeting the processes or threads (102, 202) under protection. In one example embodiment (100), Operating Systems' API (108) usage is monitored by a Operating System Device Driver (104) using kernel hooks. In another example embodiment (200), that monitoring occurs using kernel callbacks.
Abstract translation: 计算机系统公开了用于保护过程或线程(102,202)以防止强制终止的方法(通过介质承载的指令来实现)和装置。 通过监视针对保护的进程或线程(102,202)的命令来实现保护。 在一个示例实施例(100)中,操作系统的API(108)使用由使用内核钩的操作系统设备驱动程序(104)监视。 在另一示例实施例(200)中,使用内核回调进行监视。
-
Search Results
2
records
(took 0.008 seconds)
