[go: up one dir, main page]

CN119396778A - A method and system for downloading and viewing documents based on a browser - Google Patents

A method and system for downloading and viewing documents based on a browser Download PDF

Info

Publication number
CN119396778A
CN119396778A CN202411443669.8A CN202411443669A CN119396778A CN 119396778 A CN119396778 A CN 119396778A CN 202411443669 A CN202411443669 A CN 202411443669A CN 119396778 A CN119396778 A CN 119396778A
Authority
CN
China
Prior art keywords
document
browser
special
downloading
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411443669.8A
Other languages
Chinese (zh)
Inventor
卓智斌
董恩双
张小峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Original Assignee
SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD filed Critical SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Priority to CN202411443669.8A priority Critical patent/CN119396778A/en
Publication of CN119396778A publication Critical patent/CN119396778A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • G06F16/168Details of user interfaces specifically adapted to file systems, e.g. browsing and visualisation, 2d or 3d GUIs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

A method for downloading and viewing documents based on browser includes setting up storage strategy of each user for downloading and storing corresponding document on each service website by special browser on strategy server by team manager, issuing said strategy to special browser by strategy server, storing document to memory sandbox, local memory or cloud memory and encrypting according to said strategy when user accesses website and downloads document by special browser, finding out and decrypting document from storage space when encrypting document is opened, calling document plug-in to open decrypted document, and clearing all encrypted documents downloaded locally at this time after special browser is exited. According to the invention, basic data interaction authorization is realized by limiting the downloading behavior in the browser kernel layer, so that the security of enterprise data is enhanced, the local equipment can check the downloaded document without installing corresponding software, and the speed and convenience for accessing the service website data are improved.

Description

Method and system for downloading and viewing document based on browser
Technical Field
The invention relates to the technical field of networks, in particular to a method and a system for downloading and viewing documents based on a browser.
Background
With the accelerated evolution of enterprise digital transformation, the IaaS infrastructure is ubiquitous, and the SaaS service is deeper and deeper into the business scenario of enterprises. The cloud trend on business is firm and clear, and almost all new businesses tend to be accessed with a browser, which pushes the browser to be a virtually portal to enterprise business. However, many enterprises, especially small and medium-sized enterprises, generally use personal browsers to perform daily work, but the common practice brings about potential hazards to enterprises and individuals, namely, the behavior of using personal browsers by the employees is free from an enterprise management system, compliance insight is lacking, and data leakage risks exist. The business mode of the personal browser is mainly traffic and advertisement, and the business mode of the personal browser can be used for collecting and analyzing the behavior and access records of a user using the browser, so that when enterprise staff uses the personal browser to access enterprise business, access data can be inevitably collected and reported, and the access data are shared or reselled to an uncertain third party to cause data leakage.
In addition, since personal browsers rarely consider data security when using local caches to improve access efficiency, local caches can present a risk of leakage when enterprise employees access business websites on untrusted devices. Downloading attachments by employees when accessing a business website is a common operation, and although the operations of employees with different roles are quite different when consuming the attachments, if the attachments are only required to be opened in a read-only mode (format), and if the attachments are required to be edited (streaming mode), the attachments are downloaded in the clear to be temporarily stored locally in many cases. The security of data depends on whether the device is "trusted", an open problem, and it is difficult to agree on how to define "trusted" without one being able to guarantee that the device is sufficiently "trusted". Therefore, the personal browser used at high frequency in the enterprise cannot provide such security, and great hidden danger is brought to the data security of the enterprise.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a method for downloading and viewing documents based on a browser, which can carry out strategy protection on the documents during downloading, and a system for realizing the method.
The invention is realized by the following technical scheme:
a method for downloading and viewing documents based on a browser, comprising the steps of:
S1, installing a special browser on local equipment, distributing accounts for all users in a team by a team administrator, setting storage strategies for all users to download and store corresponding documents on all service websites through the special browser on a strategy server, and issuing the storage strategies to the special browser by the strategy server;
S2, when a user logs in a special browser to access a website through an account number in a team, the special browser judges whether the accessed website is a protected website defined in a storage strategy according to the URL of the accessed website, if so, a download protection operation is executed according to the pre-acquired storage strategy;
S3, after the special browser downloads the document, the user clicks on a download manager interface of the special browser to open the document immediately or at a proper time; when an encrypted document is opened, the special browser firstly finds the encrypted document from a storage space (a memory sandbox and a local memory), then invokes a decryption suite to decrypt the document, and then invokes a document plug-in preset in the special browser to open the decrypted document;
and S4, after exiting the special browser, the special browser uniformly cleans all the encrypted documents downloaded locally after the browser is opened.
Further, the method for storing the document in the memory sandbox in the step S2 comprises the following steps:
S2-11, when a user needs to download a document from a service website, the special browser judges whether the document is a document type designated in a storage strategy according to the type of the document returned by the service website, if not, the downloading operation is prevented;
s2-12, when judging that the document needs to be stored in the memory sandbox, the special browser firstly generates a virtual path, then downloads the document into the memory sandbox and encrypts the document;
s2-13, the special browser stores a virtual path, and the path is an entrance for accessing the document.
Further, the method for generating the virtual path by the special browser in the step S2-12 is as follows:
S2-121, the special browser generates a random hash value and takes the value as a new file name, and the special browser establishes a mapping table between the original file name and the new file name in a memory;
S2-122, storing the document under a sandbox sandbox catalog, and opening the document in an exclusive mode, wherein the sandbox catalog can only be accessed through a local WEB service outside, and the sandbox catalog is expressed as a URL with an address of 127.0.0.1, which is called a local file service URL;
s2-123, displaying the original file name of the file in the browser download manager, wherein the access address of the file is a virtual address formed after the new name of the file is spliced to the local file service URL, and the address is a virtual path displayed externally.
Further, in the step S2, the method for encrypting the document by the encryption suite includes:
S2-21, a special browser acquires userID and TeamID of a current user, wherein the userID and the 3962 are used as keys, the userID is the ID of the user, and the teamID is the ID of a team to which the user belongs;
s2-22, using an SM4 encryption algorithm, and encrypting the file by using the key in the step S2-21.
Further, in step S3, when the document is stored in the memory sandbox, the method for accessing the document in the memory sandbox by the dedicated browser is as follows:
s3-11, judging the type of the accessed object by the special browser through the access path;
S3-12, when the access path is a local file service URL, the special browser accesses the URL with parameters, wherein the parameters comprise a key with a signature;
S3-13, a file service module of the special browser judges the identity of a visitor through checking a key, and obtains a userID and TeamID of a current user of the special browser, wherein the hashed two IDs are used as decryption keys;
s3-14, if the visitor is a special browser and the decryption key is correct, the file service module decrypts the document in the memory sandbox and returns the document to the special browser for opening, and if the visitor is not the special browser or the decryption key is incorrect, the file service module refuses to access the document.
Further, the method for calling the preset document plug-in the special browser to open the decrypted document in the step S3 comprises the following steps:
S3-21, the special browser is preconfigured with a plurality of document plug-ins, wherein the document plug-ins are extensions (extensions) in the special browser and are part of the special browser, such as office extension plug-ins and pdf plug-ins;
s3-22, the special browser registers the opening mode of the document of the appointed type as a corresponding document plug-in;
S3-23, when the file service module in the special browser returns the document of the appointed type, the special browser calls the corresponding document plug-in to open the document.
Further, in step S1, the team administrator sets a storage policy through a policy configuration page, where one policy configuration page corresponds to a storage policy of a service website, and sets a scope of users in the team to which the storage policy is applicable on the policy configuration page.
Further, the document is doc, docx, ppt, pptx, xls, xlsx or the type of pdf format, and the corresponding document plug-in is an office extension plug-in, pdf plug-in, and the like.
Further, the storage policy includes URL of the service website, applicable user scope, document type, document storage location, document opening mode, and whether the document exits deletion.
A system for downloading and viewing documents based on a browser is used for realizing the method for downloading and viewing documents based on the browser, and comprises a policy server and a special browser;
the policy server is used for a team administrator to allocate account numbers for all users in a team, set storage policies of documents on all business websites and issue the storage policies to the special browser;
The special browser comprises a network module, a file downloading module, a file service module and a file viewing module, wherein the network module is used for connecting a service website and a policy server, the file downloading module is used for downloading files from the service website and downloading the files to a memory sandbox, a local memory and a cloud memory according to a storage policy, the file service module is used for encrypting and storing the files downloaded by the special browser, when an external program accesses the files, verifying the identity of a visitor, obtaining a decryption key, decrypting the files and returning clear text files, the file viewing module is used for receiving the clear text files decrypted by the file service module and opening the clear text files, and the file viewing module comprises a file plug-in which is used for viewing the files of corresponding types.
The invention restricts the downloading behavior of the file in a strategy service mode, realizes basic data interaction authorization by limiting uploading and downloading behaviors in a browser kernel layer, realizes the disc-falling encryption of documents in a common format through a configurable strategy, automatically deletes the documents in the encrypted disc-falling mode after the documents are consumed, stores the documents in proper positions such as a memory sandbox, a local memory or a cloud end according to the strategy configuration, greatly enhances the security of enterprise data, fully respects the personal habit of a user, accesses the files stored in the memory sandbox through a virtual path, only logs in a special browser and adapts to the corresponding user and team, can access the documents in the sandbox through double authentication of an access program and a decryption key, ensures the security of the documents, and opens and edits various types of documents in a mode of document plug-in, does not depend on huge document processing software installed in local equipment, such as an office suite, and the local equipment does not need to install corresponding software to open and edit the downloaded documents, thereby improving the speed and convenience of accessing the service data.
Drawings
FIG. 1 is a flow chart of a method according to an embodiment of the invention.
Fig. 2 is a block diagram of an embodiment of the present invention.
Detailed Description
A method for downloading and viewing documents based on a browser, as shown in fig. 1, comprises the following steps:
s1, installing a special browser on local equipment, distributing accounts for all users in a team by a team administrator, setting storage strategies for all users to download and store corresponding documents on all service websites through the special browser on a strategy server, and issuing the storage strategies to the special browser by the strategy server.
The team administrator sets the storage strategy through the strategy configuration page, one strategy configuration page corresponds to the storage strategy of one business website, and the scope of the users in the team to which the storage strategy is applicable is set on the strategy configuration page, which can be the team membership, and can be part or a certain component of the team membership. The storage policy includes URL of the service website, applicable user scope, document type, document storage location, document opening mode and whether the document exits deletion.
For enterprises, in order to standardize document downloading behavior of enterprise staff when logging in certain business websites of the enterprises, when setting a storage strategy, the URL of a corresponding business website needs to be input on a storage strategy configuration page, the types of documents which can be downloaded from the business websites are set, and the positions where various types of documents can be stored at a browser end are set. The method comprises the steps of configuring a storage strategy according to the downloading of the documents, wherein the document types can be classified according to the format types of the documents, such as seven types of the documents, particularly doc, docx, xls, xlsx, ppt, pptx, pdf, which can only be stored in a memory sandbox and encrypted when being downloaded, or in a cloud storage space, allowing downloading to a local disk when being downloaded or storing in a user-specified area or specifying prohibition of downloading when being used for downloading the files of the other types except the seven types of the documents, classifying according to the specific content of the documents, wherein a team administrator classifies the documents according to the content in advance, which files need to be stored in the sandbox, which need to be stored in a cloud storage space, which can be downloaded according to the specification of the user, which security levels are high, which security levels are generally not needed, such as for some less important documents, can be stored on local devices (such as a hard disk, a U disk and the like), and of course, setting the documents which are not suitable for important and not suitable for transmission can only be stored in the memory sandbox and the cloud storage space but can only be stored on the local devices. Similarly, the document exit deletion mode can be set according to the type of the document, and for some important documents, the user needs to delete when exiting the browser or delete when exiting the login, and the method can be set according to actual conditions. The setting of these policies and rules is done by team administrators on the store policy configuration page, only which can set the relevant rights.
S2, when a user logs in a special browser to access a website through an account number in a team, the special browser judges whether the accessed website is a protected website defined in a storage strategy according to the URL of the accessed website, if so, a download protection operation is executed according to the pre-acquired storage strategy, when the user needs to download a document needing to be encrypted from a protected service website, the special browser stores the document into a memory sandbox, a local memory or a cloud memory according to the storage strategy, and an encryption kit is called to encrypt the document stored into the memory sandbox and the local memory. For the document stored in the cloud memory, the corresponding account number needs to be verified when the cloud memory is accessed, and a layer of encryption is actually performed, so that the security of the document can be ensured.
The method for storing the document into the memory sandbox comprises the following steps:
S2-11, when a user needs to download a document from a service website, the special browser judges whether the document is the document type designated in the storage strategy according to the file type returned by the service website, if not, the downloading operation is prevented, and if so, the storage position of the document is judged according to the storage strategy.
S2-12, when judging that the document needs to be stored in the memory sandbox, the special browser firstly generates a virtual path, then downloads the document into the memory sandbox and encrypts the document;
s2-13, the special browser stores a virtual path, and the path is an entrance for accessing the document.
The method for generating the virtual path by the special browser comprises the following steps:
S2-121, the special browser generates a random hash value and takes the value as a new file name, and the special browser establishes a mapping table between the original file name and the new file name in a memory;
S2-122, storing the document under a sandbox sandbox catalog, and opening the document in an exclusive mode, wherein the sandbox catalog can only be accessed through a local WEB service outside, and the sandbox catalog is expressed as a URL with an address of 127.0.0.1, which is called a local file service URL;
s2-123, displaying the original file name of the file in the browser download manager, wherein the access address of the file is a virtual address formed after the new name of the file is spliced to the local file service URL, and the address is a virtual path displayed externally.
The method for encrypting the document through the encryption suite comprises the following steps:
S2-21, a special browser acquires userID and TeamID of a current user, wherein the userID and the 3962 are used as keys, the userID is the ID of the user, and the teamID is the ID of a team to which the user belongs;
s2-22, using an SM4 encryption algorithm, and encrypting the file by using the key in the step S2-21.
And S3, after the special browser downloads the document, the user clicks on a download manager interface of the special browser to open the document immediately or at a proper time, when the encrypted document is opened, the special browser firstly finds the encrypted document from a storage space (a memory sandbox and a local memory), then calls a decryption suite to decrypt the document, and then calls a document plug-in preset in the special browser to open the decrypted document.
When the document is stored in the memory sandbox, the method for the special browser to access the document in the memory sandbox comprises the following steps:
s3-11, judging the type of the accessed object by the special browser through the access path.
S3-12, when the access path is a local file service URL, the special browser accesses the URL with a parameter, wherein the parameter comprises a signed key which is used for a local file service module to check whether a visitor is a special browser program or not, and other programs cannot access the special browser program.
S3-13, the file service module of the special browser judges the identity of the visitor through checking the key, and obtains the UserID and TeamID of the current user of the special browser, wherein the user ID is the ID of the user, and the TeamID is the ID of the team to which the user belongs after the two IDs are hashed to be used as decryption keys.
S3-14, if the visitor is a special browser and the decryption key is correct, the file service module decrypts the document in the memory sandbox and returns the document to the special browser for opening, and if the visitor is not the special browser or the decryption key is incorrect, the file service module refuses to access the document.
By double authentication of the access program and the decryption key, the security of document access can be ensured. The user ID and team ID information are implanted in the secret keys for encrypting and decrypting the documents, so that the downloaded documents are strongly dependent on users and teams, the documents can be accessed only by using the user account numbers in the corresponding teams, and team administrators can authorize and limit the document access behaviors of the users.
The method for calling the document plug-in preset in the special browser to open the decrypted document by the special browser comprises the following steps:
S3-21, the special browser is pre-configured with a plurality of document plug-ins, the document plug-ins are extensions (extensions) in the special browser, are part of the special browser, can be doc, docx, ppt, pptx, xls, xlsx or pdf and other formats, and correspondingly, can be office extension plug-ins, pdf plug-ins and the like.
S3-22, the special browser registers the opening mode of the document of the appointed type as a corresponding document plug-in;
S3-23, when the file service module in the special browser returns the document of the appointed type, the special browser calls the corresponding document plug-in to open the document.
And S4, after exiting the special browser, the special browser uniformly cleans all the encrypted documents downloaded locally after the browser is opened.
The invention authorizes and manages the document storage behavior of the user in the team by taking the team as a unit, one enterprise can have a plurality of teams according to different business types, the document storage authorities of each team can be different, and the storage authorities of different members in the same team can be different, so that the document security can be ensured, and the flexibility is also considered. And setting a user range suitable for each storage strategy in a setting interface by each team administrator, selecting all members or part of members of the team according to actual conditions, logging in a corresponding business website to download a document only by the user with the authority, and storing the document in a designated storage space. When the user is removed from the team (the login account is deleted), the user does not have the authority to download the document on the corresponding website, even the file originally downloaded and stored cannot be accessed because of the inconsistent decryption key, or cannot be accessed any more because the mode of clearing the downloaded document after the browser exits is set.
A system for downloading and viewing documents based on a browser is used for realizing the method for downloading and viewing documents based on the browser, and comprises a policy server and a special browser as shown in figure 2.
The policy server is used for a team administrator to allocate account numbers for all users in the team, set storage policies of documents on all business websites and issue the storage policies to the special browser, and is generally located in the special browser server.
The special browser comprises a network module, a file downloading module, a file service module and a file viewing module, wherein the network module is used for connecting a service website and a policy server. The file downloading module is used for downloading the file from the business website and downloading the file to the memory sandbox, the local storage and the cloud storage according to the storage strategy. The file service module is used for encrypting and storing the downloaded file of the special browser, verifying the identity of a visitor when an external program accesses the file, obtaining a decryption key, decrypting the file and returning a plaintext file. In the invention, only when the visitor is a special browser program and the decryption key obtained by the ID of the user and the ID of the team where the user is located is consistent, the document can be accessed and decrypted and transmitted to the special browser.
The document viewing module is used for receiving the plain text document decrypted by the file service module and opening the plain text document, and comprises a document plug-in which is used for viewing the document of the corresponding type.
When the special browser downloads files on the enterprise business website, a reliable middle layer can be established between the enterprise business system and the local equipment, and when a user connects with the browser server through the special browser, a document protection strategy set by a team manager is obtained from the server in a strategy mode, and the team manager can grant corresponding authorities for document downloading of members in the team, and can be flexibly managed according to different persons. For files with higher security level, the files can be directly set to be stored in a memory sandbox and encrypted, when the files are accessed, a special browser and a user account number need to be verified, the files can be cleared after the access is finished, and no access trace is left on local equipment.
The foregoing detailed description is directed to embodiments of the invention which are not intended to limit the scope of the invention, but rather to cover all modifications and variations within the scope of the invention.

Claims (10)

1. A method for downloading and viewing documents based on a browser, comprising the steps of:
S1, installing a special browser on local equipment, distributing accounts for all users in a team by a team administrator, setting storage strategies for all users to download and store corresponding documents on all service websites through the special browser on a strategy server, and issuing the storage strategies to the special browser by the strategy server;
S2, when a user logs in a special browser to access a website through an account number in a team, the special browser judges whether the accessed website is a protected website defined in a storage strategy according to the URL of the accessed website, if so, a download protection operation is executed according to the pre-acquired storage strategy;
S3, after the special browser downloads the document, the user clicks on a download manager interface of the special browser to open the document immediately or at a proper time; when an encrypted document is opened, the special browser firstly finds the encrypted document from a memory sandbox or a local memory, then invokes a decryption suite to decrypt the document, and then invokes a document plug-in preset in the special browser to open the decrypted document;
and S4, after exiting the special browser, the special browser uniformly cleans all the encrypted documents downloaded locally after the browser is opened.
2. The method for downloading and viewing documents based on a browser as claimed in claim 1, wherein the method for storing the documents in the memory sandbox in step S2 is as follows:
S2-11, when a user needs to download a document from a service website, the special browser judges whether the document is a document type designated in a storage strategy according to the type of the document returned by the service website, if not, the downloading operation is prevented;
s2-12, when judging that the document needs to be stored in the memory sandbox, the special browser firstly generates a virtual path, then downloads the document into the memory sandbox and encrypts the document;
s2-13, the special browser stores a virtual path, and the path is an entrance for accessing the document.
3. The method for downloading and viewing documents based on a browser as claimed in claim 2, wherein the method for generating the virtual path by the dedicated browser in the S2-12 step is as follows:
S2-121, the special browser generates a random hash value and takes the value as a new file name, and the special browser establishes a mapping table between the original file name and the new file name in a memory;
S2-122, storing the document under a sandbox catalog, and opening the sandbox catalog in an exclusive mode, wherein the sandbox catalog can only be accessed through a local WEB service outwards, and the sandbox catalog is expressed as a URL with an address of 127.0.0.1, which is called a local file service URL;
s2-123, displaying the original file name of the file in the browser download manager, wherein the access address of the file is a virtual address formed after the new name of the file is spliced to the local file service URL, and the address is a virtual path displayed externally.
4. The method for downloading and viewing a document based on a browser as claimed in claim 1, wherein the method for encrypting the document by the encryption suite in step S2 is as follows:
S2-21, a special browser acquires userID and TeamID of a current user, wherein the userID and the 3962 are used as keys, the userID is the ID of the user, and the teamID is the ID of a team to which the user belongs;
s2-22, using an SM4 encryption algorithm, and encrypting the file by using the key in the step S2-21.
5. The method for downloading and viewing documents based on a browser as claimed in claim 1, wherein the user opens the downloaded documents immediately or at a proper time in step S3, and when the documents are stored in the memory sandbox, the method for accessing the documents in the memory sandbox by the dedicated browser is as follows:
s3-11, judging the type of the accessed object by the special browser through the access path;
S3-12, when the access path is a local file service URL, the special browser accesses the URL with parameters, wherein the parameters comprise a key with a signature;
S3-13, a file service module of the special browser judges the identity of a visitor through checking a key, and obtains a userID and TeamID of a current user of the special browser, wherein the hashed two IDs are used as decryption keys;
s3-14, if the visitor is a special browser and the decryption key is correct, the file service module decrypts the document in the memory sandbox and returns the document to the special browser for opening, and if the visitor is not the special browser or the decryption key is incorrect, the file service module refuses to access the document.
6. The method for downloading and viewing documents based on a browser according to claim 1, wherein the method for calling a document plug-in preset in the dedicated browser to open the decrypted document in step S3 comprises the steps of:
s3-21, a special browser is preconfigured with a plurality of document plug-ins;
s3-22, the special browser registers the opening mode of the document of the appointed type as a corresponding document plug-in;
S3-23, when the file service module in the special browser returns the document of the appointed type, the special browser calls the corresponding document plug-in to open the document.
7. The method for downloading and viewing documents based on a browser according to claim 1, wherein in step S1, a team administrator sets a storage policy through a policy configuration page, one policy configuration page corresponds to a storage policy of a service website, and a scope of users in a team to which the storage policy is applicable is set on the policy configuration page.
8. The browser-based method of downloading and viewing documents as claimed in claim 1, wherein the documents are of the doc, docx, ppt, pptx, xls, xlsx or pdf format type.
9. The method for downloading and viewing documents based on a browser as claimed in claim 1, wherein said storage policy comprises URL of a service website, applicable user scope, document type, document storage location, document opening mode and whether the document exits deletion.
10. A browser-based document downloading and viewing system for implementing a browser-based document downloading and viewing method according to any one of claims 1 to 9, comprising a policy server and a dedicated browser;
the policy server is used for a team administrator to allocate account numbers for all users in a team, set storage policies of documents on all business websites and issue the storage policies to the special browser;
The special browser comprises a network module, a file downloading module, a file service module and a file viewing module, wherein the network module is used for connecting a service website and a policy server, the file downloading module is used for downloading files from the service website and downloading the files to a memory sandbox, a local memory and a cloud memory according to a storage policy, the file service module is used for encrypting and storing the files downloaded by the special browser, when an external program accesses the files, verifying the identity of a visitor, obtaining a decryption key, decrypting the files and returning clear text files, the file viewing module is used for receiving the clear text files decrypted by the file service module and opening the clear text files, and the file viewing module comprises a file plug-in which is used for viewing the files of corresponding types.
CN202411443669.8A 2024-10-16 2024-10-16 A method and system for downloading and viewing documents based on a browser Pending CN119396778A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411443669.8A CN119396778A (en) 2024-10-16 2024-10-16 A method and system for downloading and viewing documents based on a browser

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411443669.8A CN119396778A (en) 2024-10-16 2024-10-16 A method and system for downloading and viewing documents based on a browser

Publications (1)

Publication Number Publication Date
CN119396778A true CN119396778A (en) 2025-02-07

Family

ID=94421532

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411443669.8A Pending CN119396778A (en) 2024-10-16 2024-10-16 A method and system for downloading and viewing documents based on a browser

Country Status (1)

Country Link
CN (1) CN119396778A (en)

Similar Documents

Publication Publication Date Title
USRE49904E1 (en) Systems and methods for cloud data security
US10270593B2 (en) Managing security in a computing environment
US10367851B2 (en) System and method for automatic data protection in a computer network
US10033743B2 (en) Methods and systems for a portable data locker
CN112313652A (en) System and method for providing data loss prevention via embedded browser
US20060041760A1 (en) Trusted computer activity monitoring and recording system and method
WO2006017362A2 (en) Storing and distributing encrypted digital content
US20240362344A1 (en) Encrypted file control
US20220130401A1 (en) Systems and methods for watermarking audio of saas applications
CN109309645A (en) A kind of software distribution security guard method
CN113039769A (en) System and method for deep linking of SAAS applications via embedded browser
CN104636675A (en) System and method for providing safety protection for database
CN106453398A (en) Data encryption system and method
CN105516056B (en) encrypted file protection system and protection method thereof
CN119396778A (en) A method and system for downloading and viewing documents based on a browser
CN106650492B (en) A kind of multiple device file guard method and device based on security catalog
CN114285631A (en) An automatic data encryption system based on security gateway and its application
EP4439359A1 (en) System and method for entity attribute based access to data
CN118761078A (en) Data security control method, device, equipment and medium
TR2023006911T2 (en) ENCRYPTED FILE CONTROL
CN118713914A (en) Cross-device management method, device and system for privacy data
CN119939647A (en) Project file access method and electronic device
BADHE et al. “SECURE JAR” ENSURING DISTRIBUTED DATA SHARING AND SECURITY IN CLOUD
Van Jaarsveld Internal Control with Specific Reference to the Intranet
TUD et al. First Report on Security Metrics and Assessment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination