• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2016, Vol. 38 ›› Issue (03): 460-464.

• 论文 • Previous Articles     Next Articles

A method for protecting user data
files based on private directory container        

WEI Lifeng,DING Yan,CHEN Songzheng,HUANG Chenlin   

  1. (College of Computer,National University of Defense Technology,Changsha 410073,China)
  • Received:2015-02-20 Revised:2015-09-11 Online:2016-03-25 Published:2016-03-25

Abstract:

Because of the existence of privilege users such as the administrator, user  data files are difficult to protect. In order to make sure that only the file owner can access these data files, we create a private directory container (PDC), which includes token attributes of user. The PDC access control mechanism can be realized under the OS kernel mandatory access control (MAC) framework, thus protecting user private data files. Only the owner of the PDC can access the files in the PDC, no exception, including administrators. User’s token can only be got by identity authentication, so the owner’s PDC identity cannot be got by others, and private files can be protected effectively.

Key words: private directory container (PDC);token;mandatory access control (MAC);privilege