| 摘要 |
The present invention relates to a file access control system based on volume globally unique identifiers (GUIDs). The file access control system comprises: a policy setting unit which operates in a user mode, changes process execution paths and file paths based on volume GUIDs for performance of access control, and stores the changed execution paths and file paths in a policy DB; a process volume management unit which operates in a kernel mode, when execution of a process, performed by an application in the user mode, is detected, changes a process execution path of the process based on a volume GUID, and stores the changed volume GUID-based process execution path and a process ID (PID) in a process volume DB; and an access control unit which, when an access control command for a file is generated, acquires a volume GUID-based file path included in the corresponding command and a PID of a process having attempted to access the file, acquires a volume GUID-based process execution path stored in the process volume DB based on the corresponding PID, and then determines whether the access to the corresponding file is permitted by comparing the volume GUID-based file path and the volume GUID-based process execution path with policies of the policy DB. According to the present invention, when access is attempted via a drive path other than a designated drive letter, when the drive letter is changed, or when the drive letter is removed, the drive letter and the drive path are represented and controlled by using a volume GUID, which is a unique value indicative of a specific volume, thereby accurately identifying the same target during policy setting and controlling. |
