1 Product overview
1.1 Development background
At present, the file system drive technology based on the double-buffer model has become the mainstream core technology of document security management products. Since this technology requires drivers to be installed and loaded, the required system permissions are relatively high. Under the constraints of certain specific system environments or technical management terms, the operating system is forbidden to load third-party drivers, causing the document management system based on driver development to fail to deploy. Since APIHook-based application layer encryption technology does not require loading drivers, the document security management system can be deployed normally in such an environment. Using the TTEFS_User development kit can also quickly develop various document management systems and document outsourcing control systems. Has a high use value.
1.2 Explanation of terms
Transparent encryption The
monitoring program captures the file read and write operations of the target process in the background. When the target process reads the file, the monitoring program decrypts the cipher text data in the memory; when the target file writes the file, the data is written to the disk in the form of cipher text. Transparent encryption is mandatory.
ApiHook is
a technical means of dynamically capturing API calls of the target process. This technology is widely used in various types of security software, and can capture file read and write operations, window operations, and clipboard operations of the target process. ApiHook technology is highly mature on the Windows platform.
File header data
File header data is a piece of binary data. This piece of data is forcibly bound to the file body by TTEFS_User. When the file is edited and copied, the data is not lost. The user can customize the storage content of the data. Write the control information of the file, etc. into the file header.
2 Technical architecture
The system architecture is shown in the figure below:
3 Features
3.1 Mandatory document encryption
Mandatory document encryption refers to the forced conversion of document data in plaintext form to ciphertext form. Encrypted documents can still be used normally. The encryption process is completely transparent to the user and does not affect the user's operating habits. TTEFS_User supports mandatory encryption. The encryption action does not require manual intervention and is automatically completed by the control. TTEFS has built-in common applications such as Office, WPS, AutoCAD, Notepad, WordPad, Paint, Adobe Reader, and Adobe Acrobat.
3.2 One sentence one dense
TTEFS supports generating a random key for each file. The same document uses different keys to generate different ciphertexts. The advantage of using the one-text-one-secret mode is to resist known plaintext attacks. Compared with the traditional single fixed key mode, the security has been greatly improved.
3.3 Header data resides
This function allows cultural, educational, and sports data to permanently reside in the file. For example, after the OFFICE file is edited, although the original file is overwritten by the temporary file, the custom data of the original file is still retained. TTEFS_User supports custom header data, and users can store document authority control information (such as expiration time, secret level, limit on opening times, and print control) into the custom data area.
3.4 EXE anti-counterfeiting
TTEFS_User supports MD5 or digital signature verification to verify the legitimacy of the EXE. Prevent users from obtaining plaintext data by tampering with the name of the EXE program.
3.5 Manual file encryption
In some application scenarios, users do not need all documents to be encrypted, but only hope that some important documents are encrypted. TTEFS_User supports manual encryption mode. Encrypted files are always in an encrypted state, and unencrypted files will be ignored by TTEFS_User. This feature is commonly known as "translucent file encryption". TTEFS_User allows users or program developers to customize the timing of file encryption.
3.6 Save as encrypted
TTEFS_User supports capturing the save as event of the application. Prevent users from saving encrypted files as files with unknown extensions through Save As, so that encrypted files can be converted into plain text data.
3.7 File permission control
TTEFS_User supports document permission control function. The control target is the document opened by the current user. Specific function items include: prohibiting viewing, document read-only, prohibiting printing, prohibiting clipboard copying, prohibiting file saving as, prohibiting content dragging.
3.8 Document Operation Log
TTEFS_User can capture the operation behavior of the document. Provide basic data for administrators to audit user operations. Supports capturing events such as opening, closing, printing, and saving as a document.
3.9 Display of encrypted document icon
The icon is displayed according to the document secret level identification information, and the state of the encrypted document of the machine can be understood at a glance without opening the document.
3.10 SHELL right-click menu
Users can encrypt and decrypt files and edit the header data of encrypted files with the right-click menu module.
3.11 Business system compatibility
The business system is divided into C/S architecture and B/S architecture. TTEFS_User can be automatically and seamlessly integrated into the B/S architecture system. For the business system of C/S architecture. TTEFS_User provides a configuration interface. After the correct configuration, it can work together with the business system.
3.12 Platform support
支持Windows XP、Windows 7 (X86+X64) 、Windows 8(X86+X64) 、Windows 8.1 (X86+X64)、、Windows 10 (X86+X64)
3.13 Deployment method
Deploy to the computer as a desktop application.
4 Cooperation methods and services
TTEFS_User supports source code and SDK level cooperation. And provide additional services until the customer completes product development. More specific details can be discussed in detail.
Contact QQ: 7_6_2_1_8_8_3_3_6
More products: http://www.bytehorse.net