HK1125708A - Data processing control method, information processor, and data processing control system - Google Patents
Data processing control method, information processor, and data processing control system Download PDFInfo
- Publication number
- HK1125708A HK1125708A HK09103470.4A HK09103470A HK1125708A HK 1125708 A HK1125708 A HK 1125708A HK 09103470 A HK09103470 A HK 09103470A HK 1125708 A HK1125708 A HK 1125708A
- Authority
- HK
- Hong Kong
- Prior art keywords
- data
- secondary storage
- storage device
- request
- volatile memory
- Prior art date
Links
Description
Technical Field
The present invention relates to a data processing control method, an information processing apparatus and a data processing control system, which can provide write protection for a secondary storage device of a user terminal and can prevent writing to an external medium.
Background
Conventionally, there is a method of controlling erasure of confidential data by encrypting and saving a file when storing the confidential file in a secondary storage device of a user terminal. In this method, even if a file is erased, it does not mean that the information itself is erased because the file is encrypted. For example, patent document 1(JP patent publication (Kokai) No.11-149414 a (1999)) discloses an automatic file encryption system that interrupts file I/O processing of an OS to automatically perform processing of encryption and decryption, thereby making the system convenient for users to use.
In addition, there is a method of allowing editing of a confidential document and preventing information leakage by access control to, for example, a removable apparatus and a printing apparatus.
However, there is a tendency that mobile PCs containing confidential documents such as user information which are encrypted and stored in the mobile PCs are not widely accepted even if the confidential information is not in danger of leakage because of being encrypted. If a company loses an encrypted document, the company must declare that the document has been lost and is subject to social serious criticism. After that, there is a fear that the life of the company is also ended. Therefore, it is highly desirable to use and view confidential information, but not to store such information in a PC that may be lost, such as a mobile PC. However, the automatic file encryption system disclosed in patent document 1 cannot satisfy such a demand.
The present invention has been developed in view of such circumstances and provides a system capable of viewing information more securely.
Disclosure of Invention
In order to solve the above-described problems, the present invention provides a system in which an OS and an application are located in a user terminal, and for a data write operation of the OS and the application, differences of write data are referenced (hook) using a filter driver or a kernel module of the OS and stored in a network destination server. Thus, it appears that the OS and applications write data in the local disk, and in fact the data is forced to be stored in the network destination server. By using such a system, confidential data can be automatically collected in the server in the normal application mode without manually uploading a locally generated file to the server, as opposed to simply caching the data in memory to disable writing to the secondary storage device. In addition, system updates that must be normally stored, such as application settings and OS patches, are also stored on the server side, so that no special update mode needs to be provided.
That is, the data processing control method of the present invention is a data processing method of controlling a secondary storage device included in an information processing device, and is characterized in that a secondary storage device control unit installed in the information processing device acquires any processing request applied to the secondary storage device, and if the processing request is a write data request, writing to the secondary storage device is prohibited, and conversely, a write operation is performed to a volatile memory. In addition, the secondary storage device control unit also stores data written in the volatile memory into an external storage unit connected to the information processing device.
The secondary storage device control unit writes a difference between data in an initial state of the secondary storage device and modified data obtained by modifying the data in the volatile memory.
Further, if the processing request is a read data request, the data to be read is read from the secondary storage device, the modification data obtained by modifying the data to be read is read from the volatile memory, and the data to be read is rewritten and presented using the modification data.
Also, when the information processing apparatus is initialized, the secondary storage apparatus control unit controls the apparatus to access an external storage unit connected to the information processing apparatus, to acquire attribute information of data stored in the external storage unit, and to generate a data list having the attribute information in the volatile memory. The data list includes the data address of the secondary storage device, the data size, and attribute information of the data address in the volatile memory. The data list also includes information indicating whether the data itself stored in the external storage unit exists in the volatile memory.
Another data processing control method according to the present invention is a method of controlling data processing of a secondary storage device included in a first information processing device, wherein a file access control unit installed in the first information processing apparatus acquires any processing request applied to the secondary storage apparatus to determine the content of the request, if the target file or folder of the processing request should be transmitted to a second information processing apparatus on the network destination (for example, a file server connected via a network), it is transmitted to the second information processing apparatus, if the target file or folder of the processing request should not be transmitted to the second information processing apparatus, the secondary storage device control unit installed in the first information processing device acquires the processing request, prohibits the write operation to the secondary storage device, and conversely performs the write operation to the volatile memory. If the processing request is a read data request, reading out the data to be read from the secondary storage device, reading out the modified data obtained by modifying the data to be read from the volatile memory, and rewriting and presenting the data to be read by using the modified data.
An information processing apparatus according to the present invention is an information processing apparatus characterized by comprising a secondary storage device, a secondary storage device control unit for controlling processing of the secondary storage device, and a volatile memory, wherein the secondary storage device control unit acquires a processing request of any application to the secondary storage device, and if the processing request is a write data request, inhibits a write operation to the secondary storage device, and conversely, performs a write operation to the volatile memory.
Further, an information processing apparatus according to the present invention is an information processing apparatus characterized by comprising a secondary storage device, a file access control unit for controlling file access to an external storage unit connected via a network, a secondary storage device control unit for controlling processing by the secondary storage device, and a volatile memory, wherein the file access control unit acquires any processing request applied to the secondary storage device to determine the content of the request, transmits a target file or folder of the processing request to the external storage unit on a network destination side if it should be transmitted to the external storage unit, acquires the processing request to prohibit a write operation to the secondary storage device if it should not be transmitted to a second information processing apparatus, a write operation is performed to the volatile memory.
A data processing control system according to the present invention is a data processing control system that controls data writing, characterized by comprising an information processing device and an external storage unit connected to the information processing device, the information processing device comprising a secondary storage device, a secondary storage device control unit for controlling processing of the secondary storage device, and a volatile memory, wherein the secondary storage device control unit acquires any processing request applied to the secondary storage device, and if the processing request is a write data request, inhibits the write operation to the secondary storage device, and conversely, performs the write operation to the volatile memory, and the secondary storage device control unit stores data written in the volatile memory into the external storage unit.
Another data processing control system according to the present invention is a file processing control system that controls writing of a file, characterized by comprising an information processing apparatus and an external storage unit connected to the information processing apparatus, the information processing apparatus comprising a secondary storage device, a file access control unit for controlling access of the file to the external storage unit connected via a network, a secondary storage device control unit for controlling processing by the secondary storage device, and a volatile memory, wherein the file access control unit acquires any processing request applied to the secondary storage device to determine the content of the request, transfers a target file or folder of the processing request to the external storage unit of a destination of the network if it should be transferred to the external storage unit, transfers it to the external storage unit if it should not be transferred to a second information processing apparatus, the secondary storage device control unit obtains the processing request, prohibits the write operation to the secondary storage device, and performs the write operation to the volatile memory, instead.
Further features of the present invention will become apparent from the following best mode for carrying out the invention and the accompanying drawings.
According to the present invention, a system that allows confidential information to be referred to and edited in a more secure manner can be realized.
Drawings
Fig. 1 shows a configuration diagram of a data processing control system according to a first exemplary embodiment of the present invention;
fig. 2 shows an internal structural view of a system according to a first exemplary embodiment of the present invention;
FIG. 3 shows a schematic diagram of a primary cache management table;
FIG. 4 shows a schematic diagram of a secondary cache management table;
FIG. 5 is a flowchart illustrating a process for a secondary storage device write control driver upon initialization by a user terminal;
FIG. 6 is a flow chart illustrating a process for a secondary storage device write control driver when accessing a file;
FIG. 7 is a flow chart depicting the process of caching data;
FIG. 8 is a flowchart illustrating a process for obtaining data from a cache;
fig. 9 shows a configuration diagram of a data processing control system according to a second exemplary embodiment of the present invention;
fig. 10 shows an internal structural view of a system according to a second exemplary embodiment of the present invention;
FIG. 11 is a flowchart illustrating the processing of the file access control driver when accessing a file;
FIG. 12 is a flow chart describing the process of the secondary storage device write control driver when accessing a file.
Description of the figures
A user terminal 101
A cache server
103
104
105...OS
Application of
An external media write control drive
A secondary storage device write control driver
A secondary storage device
A memory
202
206
User mode
Kernel mode
Starting block number
Size of a ship
A data pointer
304
Data biasing
902
Confidential data
907
Detailed Description
Exemplary embodiments of the present invention will be described in detail below using the attached drawings. Meanwhile, the exemplary embodiments of the present invention are only examples to implement the present invention, and the present invention is not limited to these examples.
As described above, the present invention provides a system capable of referring to and editing confidential information more securely. Accordingly, the exemplary embodiments achieve functions of preventing loss of confidential information, automatically collecting confidential data to a server, storing settings and updates of applications and OS without changing application modes, and the like.
[ first example embodiment ]
Fig. 1 is a system configuration diagram of a first exemplary embodiment of the present invention. The system comprises a user terminal 101 and a cache server 102, both connected by a network 103. The user terminal 101 is a known PC including a memory 110 and a secondary storage device (e.g., hard disk drive HDD)109, and is installed with an OS 105, an application 106, an external medium write control driver 107, and a secondary storage device write control driver 108. In this manner, application 106 is not application specific, but refers to any known application.
For example, the user initializes the OS 105 through the user terminal 101 and edits confidential data by using the application 106. If the edited data is stored locally, the data is cached in the memory 110 (primary cache) by the secondary storage device write control driver 108, and the data is periodically transmitted to the cache server 102 to be stored as the cache data file 104. Thus, data is not stored in the secondary storage device 109, and confidential data is collected in the cache server 102. That is, the secondary storage device write control driver 108 allows reading of data of the secondary storage device but prohibits writing of data thereto. As will be described in detail below, if a write command is executed, the difference data is cached in the memory 110 without writing the data in the secondary storage device 109. The difference data refers to the difference between the original data and the modified data in the secondary storage device 109. Through this process, it appears to the user that the modified data is already stored in the secondary storage device (actually stored in the secondary storage device), is not actually stored in the secondary storage device 109, but is stored in the primary cache 110 or the cache server 102.
The external medium write control drive 107 is a module that prohibits writing of data to an external medium, such as a USB memory and an external hard disk. For example, data is blocked by the module using a filter driver for USB, so that confidential data can be prevented from leaking out from a user terminal.
The cache data file 104 stored in the cache server 102 is a file storing difference data between the initial state of the user terminal secondary storage device (for example, the state in which the setting of the OS and necessary applications has been terminated) and the current file configuration. The cached copies stored in the memory are periodically uploaded to the server side, thereby maintaining the state of the most recent file configuration.
Fig. 2 shows an internal structural view of the first exemplary embodiment of the present invention. When it is assumed that the OS is Windows (registered trademark name), the same structure as that of other OS can be realized, and the present invention is not limited. Windows (registered trade name) has two modes of operation, user mode 201 and kernel mode 202. In general, the user mode 201 is a mode in which the application 106 operates, and the kernel mode 202 is a mode in which basic components forming the OS, such as device drivers, operate. When the file system 203, such as NTFS and FAT, is operating in the kernel mode 202, the secondary storage device write control driver 108 is set at a lower layer. The secondary storage device write control driver 108 is a driver for prohibiting a write operation to the secondary storage device 109, and stores write data in the destination storage 110 or the cache server 102 of the network 205 through the communication driver 204 for a write request (a request for storing modified data) from the file system 203.
The cache of the storage 110 is a primary cache and the cache in the cache server 102 serves as a secondary cache. Basically, each write data is stored in the primary cache and also periodically copied into the secondary cache. If the size of the primary cache exceeds a predetermined threshold, the primary cache data which is used less frequently among the data copied into the secondary cache is removed. With this configuration, it is possible to prevent memory overflow due to the increase of the main cache, and to realize cache access. Meanwhile, an algorithm for determining a copy block when copying the primary cache data to the secondary cache is called LRU (least recently used) or the like, and such an algorithm is arbitrary and is not limited to the present invention. Meanwhile, the cache server 102 is necessary when the user terminal 101 is used in a network environment, and the main cache 110 is unnecessary. However, if the primary cache 110 is installed, a technical effect of an increase in processing speed can be achieved because the cache server 102 does not need to be accessed every time. The main cache 110 is necessary when the user terminal 101 is used in a stand-alone environment where connection to a network is not possible.
Fig. 3 shows a schematic diagram of a master cache management table. When the table is present in memory 110, the data written to the table is controlled by secondary storage device write control driver 108. In FIG. 3, the diagram includes four attributes, a starting block number 301, a data size 302, a data pointer 303, and a primary cache tag 304. The starting block number 301 is a starting sector address of data on the HDD, the data pointer 303 is a data address in the memory (main buffer) 110, and the main buffer flag 304 is a flag indicating whether target data is included in the main buffer. Meanwhile, the reason why the main cache flag 304 is set is that it is necessary to quickly identify whether or not there is a presence because data will be lost and not present when the power is turned off, and target data is in the cache server when the start-up operation is performed. With such a primary cache flag 304, it is possible to quickly jump to the cache server (secondary cache) 102 and acquire data when the target data is not in the primary cache 110, so that it is possible to realize accelerated processing.
In a write/read request sent from a file system to a secondary storage device write control driver, start address and size information of a block, and an access target in the secondary storage device are specified. If data writing is initialized, the start block address and the size information of the write data are acquired from the request and registered in the main cache management table. Physical memory is then allocated, write data copied and buffered data configured. A pointer in the physical memory where the actual cache data is stored is registered in the data pointer 303. As described above, primary cache tag 304 is a tag that indicates whether the target cache data is included in the primary cache. When the primary cache management table has an entry for each cache data, not every data is stored in the primary cache. If the flag is TRUE, the buffered data is present in memory, so that the data pointer 303 is a pointer to the buffered data. If the flag is FALSE, then the cache data does not exist in the primary cache, meaning only in the secondary cache of the cache server, and data pointer 303 is an invalid value.
Fig. 4 shows a schematic diagram of a secondary cache management table. The diagram includes three attributes, starting block number 401, size 402, and data offset 403. The starting block number 401 and size 402 refer to the starting block number and size of each cache data in the secondary storage device 109, respectively. The data offset 403 refers to a storage location of target entry data of the cache data. The secondary cache overwritten with the primary cache refers to the latest cache state, and the secondary cache management table does not have an entry for each cache data, which is not the latest state in real time. However, when the system is shut down or the primary cache is periodically copied to the secondary cache, it will be in the most current state.
FIG. 5 shows a flow chart of the process of the secondary storage device write control driver 108 upon initialization (primary buffer empty) by the user terminal. When the user terminal initializes, the OS loads the secondary storage device write control driver (step S501). Next, the OS initializes the communication-related driver (step S502). In the case of Windows (registered trade name), the timing of loading the driver by the OS is determined according to the registered content of the driver. Thus, the secondary storage device write control driver may be loaded prior to loading the communication-related driver.
Next, the secondary storage device write control driver 108 accesses the cache server by using the initialized communication driver (step S503). At this time, it is determined whether the cache server 102 can be accessed (step S504). That is, whether or not access is possible is determined by actually accessing a server (network-connectable), for example. If the cache server 102 is powered down or if there is an error in itself even though the service is running, access is not possible.
If it is determined to be accessible, the secondary storage device write control driver 108 acquires the secondary cache table from the cache server and generates a primary cache table (step S505). If it is determined that the cache server 102 cannot be accessed, the write data is cached only in the memory 110, and the write-inhibit function is executed (step S506).
Thus, if the initialization is performed in a case where the cache server is accessible in a network environment, the initialization will be performed in a mode of storing the cache to the cache server. However, otherwise, the caching will only be performed in memory, and the initialization will be performed in a mode where the write data is not synchronized with the cache server and thus the write data will be lost when the power is off.
Fig. 6 is a flowchart of the processing of the secondary storage device write control driver 108 when accessing a file in the secondary storage device 109. In fig. 6, if the application accesses a file (step S601), the secondary storage device write control driver 108 acquires a write operation request from the file system (step S602). It is determined whether the request is a write operation when the request is obtained (step S603). If the determination is a write operation, the write data (difference data between the modified data and the data on the HDD, as described below) is buffered in the memory 110 (step S608), and the write operation request ends (step S609).
On the other hand, if it is determined in step S603 that it is not a write operation, and the operation is a read operation, the target data is first read from the secondary storage device (step S604). Next, it is determined whether the read data is already in the memory 110 (primary cache) (step S605). If not, the read data is directly transferred to the file system (step S607). If it is in the primary cache, the primary cache is overwritten at the read data and transferred to the file system (step S606). Actual processing contents of registering data in the cache or acquiring data from the cache will be further described using fig. 7 and 8.
FIG. 7 shows a flow diagram of a process of caching data. The flow of fig. 7 is a flow chart describing in detail step S608 of fig. 6.
In fig. 7, if data writing is performed and a data cache request is generated (step S701), it is determined whether the write data has been cached in the memory 110 (step S702). If it is determined that there is no cache, it is registered on the main cache of the memory 110 (step S706).
If it is determined that buffering has been performed, a portion overlapping with the write data is acquired from the buffer list (main buffer management table: refer to fig. 3) (step S703). If cached, the overlap will of course exist. In the overlapped portion, the primary cache flag 304 of the primary cache management table downloaded from the secondary cache checks a portion not existing in the primary cache (step S704). Finally, the write data is registered in the main buffer of the memory (step S705). In this registration, processing is performed such that: the overlapping part of the write data is overwritten in the cache of the cache list, while the other part is newly registered.
FIG. 8 is a flow chart of a process for retrieving data from a cache. The flowchart of fig. 8 is a flowchart describing step S605 of fig. 6 in detail.
In fig. 8, a cache read request is first generated (step S801). Next, it is determined whether the read data has been buffered in the memory (main buffer) 110 (step S802). If the read data is not cached, the result of the non-caching is returned to the call source (the secondary storage device controls the function of the driver 108) (step S806). If the read data has been cached, an overlapping portion between the read data and the cache exists, thereby acquiring the overlapping portion (step S803). In practice, the already buffered overlapping portions in the read data area are obtained by comparing the start block address and size information of the read data and the start block address and size information of each buffer. Next, a portion that is not in the primary cache (the memory 110) and is an overlapping portion is downloaded from the secondary cache (the cache server 102) (step S804). Finally, the overlapped part is returned to the call source, and the process ends (step S805).
By adopting the above configuration, each data written locally is stored in the cache server. In this case, each installation and update of applications and components of the OS is stored in the cache server. Therefore, the modified content is not stored locally but in the cache server, so that the normal application mode is not destroyed. Moreover, no special update mode is required to update the OS patch and virus code.
[ second example embodiment ]
Next, a second exemplary embodiment according to the present invention is described. In the first exemplary embodiment, when it is necessary to store data in the secondary cache, not only data of each user but also system information (for example, all data not depending on the user's system itself, such as a change in network settings) is stored, and on the other hand, in the second exemplary embodiment, processing of storing only data of each user in the secondary cache is performed without storing all data including system information. In the second exemplary embodiment, the caching process of the file unit is also performed because each user's data has a very personal attribute, which is stored into the secondary cache even during the process.
Fig. 9 is a system configuration diagram according to a second exemplary embodiment of the present invention. The system adopts a configuration in which a user terminal 901 is connected to a file server 902 through a network 903. The user terminal 901 includes a memory 911 and a secondary storage device 910, and is installed with an OS 905, an application 906, a file access control driver 907, an external media write control driver 908, and a secondary storage device write control driver 909. The file access control driver 907 is a filter driver at a higher level than the file system, and it refers to (hook) file I/O for I/O control of each folder. In particular, write/read requests to a particular folder are redirected to a designated folder on the file server. For example, in Windows XP (registered trademark name), access requests for both documents and Settings and Program Files are redirected to two specific folders that are replicated onto the network destination file server 902. Thus, access to both folders is actually access to folders on file server 902. In an actual installation method, the redirection function may be implemented by referring to an IRP MJ CREATE request issued in the (hook) file opening process, designating the path (pass) of the folder on the network destination file server 902 as a new path, and returning a STATUS report error. The secondary storage device write control driver 909 is a filter driver that has the following functions: the write data is cached in memory 911 when a write operation is required, the cache is fetched when a read operation is required, the overlapping portions are merged and returned to the file system. Unlike the first exemplary embodiment, the filter driver has only a function of buffering in the memory 911 and prohibiting a write operation to the secondary storage device 910, and write data is lost when the power is turned off. Therefore, files in folders that are not redirected to the file server 902 by the file access control driver 907 are prohibited from writing by the secondary storage device write control driver 909.
Fig. 10 is an internal structural view according to a second exemplary embodiment of the present invention. The OS of the user terminal 901 is divided into two operation modes: user mode 1001 and kernel mode 1002, application 906 in user mode 1001 and file access control driver 907 in kernel mode, file system 1003, secondary storage device write control driver 909, and communication driver 1004 are running. The file access control driver 907, which is a filter driver at a higher level than the file system, monitors file I/O to perform redirection processing.
The secondary storage device write control driver 909 is at a lower level than the file system and caches write data in the memory 911 in response to file access requests from higher levels. The read data is retrieved from the cache (memory 911), read from the secondary storage device 910 if it is not in the cache, and partially read from the secondary storage device 910 if in the cache, while the overlapping portion between the data present in the cache (memory 911) and the data present in the secondary storage device 910 is overwritten into the read data to be returned to the higher level file system.
In the system including the configuration of fig. 10, if the user terminal 901 cannot access the file server 902, it is cached in the memory 911, and if it can be accessed, the data is sequentially cached in the file server 902. Meanwhile, data (e.g., system information, etc.) other than the file data and data that is not redirected to the file server 902 are cached only in the memory 911, and they are lost each time the power of the user terminal 901 is turned off.
FIG. 11 shows a process flow diagram for a file access control driver when accessing a file. First, if a file open request is received for a file stored in the secondary storage device (step S1101), the file access control driver 907 checks the name of the access request destination file or folder and determines whether the access request destination file/folder is the target of redirection (step S1102).
If it is determined in step S1102 that it is the target of redirection, the file path (pass) of the redirection target is set (step S1103) and a STATUS REPARSE error is returned (step S1104). Thus, the I/O manager performs re-analysis, and re-issues an open request to redirect file paths, and performs redirection of file access.
If it is determined in step S1102 that it is not the target of redirection, a file open request is sent directly to the file system (step S1105). Meanwhile, if the file which is not the redirection target needs to be stored, the file can be copied to the specified folder for redirection.
Fig. 12 is a flowchart of the processing of the secondary storage device write control driver 909 when accessing a file. If the file access is not redirected to the file server 902 on the network, the write/read request is sent to the secondary storage device write control driver 909 through the file system 1003 (step S1201). When the request is received, it is determined whether the processing request is a write operation (step S1202). If the operation is a write operation, the write data is buffered in the memory 911 (step S1207), and the write request processing ends (step S1208). If it is determined in step S1202 that it is not a write operation but a read operation, data is read from the secondary storage device 910 (step S1203).
Next, it is checked from the start block address and the size information whether or not there is a cache (step S1204). If there is no cache, the read data is directly sent to the file system 1003 (step S1205). If a cache exists in the memory 911, an overlap between the cache data and the read data is acquired, and the overlap is overwritten into the read data to be transmitted to the file system (step S1206). According to this method, write operations to the secondary storage device 910 are disabled, and write data is cached only in the memory 911. Thus, a system can be realized in which the cache is lost when the power is turned off, and confidential data is not retained locally.
In the second exemplary embodiment described above, redirection to the file server is by a filter driver of the file system. However, in the case of the file system filter driver, since the opportunity to load it at the time of OS initialization is late, if the file server is redirected except for the boot driver and the OS patch is applied, the redirection function may not be operated at the time of OS initialization and only the patch file may be partially loaded. Thus, in this example embodiment, the OS patch must be executed in a writable mode in which the local file is updated.
The OS patch application task by the user can be implemented by providing a writable mode controlled by the GUI that is only applicable to the update task of the OS patch. Such an update mode can be realized, for example, by providing a GUI implemented by a menu button that performs only batch processing of stopping initialization of a Windows (registered trademark) shell and executing an OS patch update.
[ conclusion ]
According to the above-described exemplary embodiments, the secondary storage device control unit installed in the user terminal acquires any processing request applied to the secondary storage device, and if the processing request is a write data request, the writing to the secondary storage device is prohibited, and conversely, the write operation is performed to the volatile memory (primary cache memory). Thus, leakage/loss of confidential data can be prevented by prohibiting write operations to the secondary storage device (HDD), and write operations to the HDD are not simply prohibited but can appear to be actually performed by writing to the primary cache, thereby making it natural for a user to handle.
The secondary storage device control unit also stores the data written in the primary cache memory into an external storage unit (cache server: secondary cache) connected to the user terminal. Although the data stored only in the primary cache is lost when the user terminal is powered off, it can be retained in the server through the secondary cache. Since data can be centrally managed in the server, convenience is improved.
Then, the secondary storage device control unit writes a difference between data in an initial state of the secondary storage device (data initially registered and present in the HDD) and modified data (edited data or the like) obtained by modifying the data in the main cache memory (volatile memory). The capacity of the main cache memory need not be too large, since only the difference data is stored in the memory. After the data is stored in the main cache memory, the data is finally stored in the cache server, and the cache server does not need to be accessed every time, so that the processing speed is improved.
If the processing request is a data read request, the data to be read is read from the HDD, the modified data (difference data obtained by editing) obtained by modifying these data is read from the main cache memory, and the above-mentioned data to be read is rewritten and presented using these modified data. Thus, even if the modification data is not stored in the HDD, it can be presented to the user in a modified state. Since the user can accept the feeling that the modified data has been read from the HDD, the user does not feel dissimilarity with the existing reading operation, and therefore does not receive a sense of incongruity.
When the user terminal is initialized, the secondary storage device control unit controls the terminal to access an external storage unit (cache server) connected to the user terminal, acquires attribute information of data stored in the external storage unit, and generates a data list (main cache management table) having the attribute information in the main cache memory. The data list includes attribute information of HDD data address (storage location), data size, and data address (storage location) in the main cache memory. Furthermore, the data list also includes information indicating whether the data itself in the cache server exists in the primary cache memory. Therefore, the relation between the original data and the modified data in the HDD can be controlled in the main buffer definitely, and the efficiency of data processing is improved.
According to the second exemplary embodiment of the present invention described above, it is characterized in that the file access control unit installed in the user terminal acquires any processing request applied to the HDD to determine the content of the request, transmits the target file or folder of the processing request to the file server of the network destination if it should be transmitted to the file server, and acquires the processing request to prohibit the write request to the HDD and, on the contrary, performs the write operation to the main cache memory (volatile memory) if it should not be transmitted to the file server. Thereby, leakage/loss of confidential information can be prevented, and automatic file collection to a server becomes possible, and the convenience of the system can be improved without changing the application mode of the user terminal.
If the processing request is a data read request, data to be read (original file data) is read from the HDD, modified data obtained by modifying the data to be read is read from the main cache memory, and the data to be read is rewritten and presented using the modified data. Thus, even if the modification data is not stored in the HDD, it can be presented to the user in a modified state. Since the user can accept the feeling that the modified data has been read from the HDD, the user does not feel dissimilarity with the existing reading operation, and therefore does not receive a sense of incongruity.
Meanwhile, all publications, patents and patent applications cited in this specification are used as if the specification were directly cited.
The present invention is not limited to the exemplary embodiments disclosed above, and any reconfiguration, modification and replacement may be made without departing from the scope of the claims.
The claims (modification according to treaty clause 19)
1. A data processing control method for a secondary storage device included in an information processing device provided with the secondary storage device,
a secondary storage device control unit installed in the information processing device acquires any processing request applied to the secondary storage device running on the information processing device, and if the processing request is a write data request, writing to the secondary storage device is prohibited, and conversely, a write operation is performed to the volatile memory.
2. The data processing control method according to claim 1, wherein the secondary storage device control unit further stores the data written in the volatile memory in an external storage unit connected to the information processing device.
3. The data processing control method according to claim 1 or 2, wherein the secondary storage device control unit writes to the volatile memory a difference between the data in the initial state of the secondary storage device and modified data obtained by modifying the data.
4. A data processing control method according to any one of claims 1 to 3, wherein if the processing request is a read data request, reading out data to be read from the secondary storage device, reading out modification data obtained by modifying the data to be read from the volatile memory, and rewriting and presenting the data to be read using the modification data.
5. The data processing control method according to any one of claims 1 to 4, wherein when the information processing apparatus is initialized, the secondary storage apparatus controlling unit controls the apparatus to access an external storage unit connected to the information processing apparatus, to acquire attribute information of data stored in the external storage unit, and to generate a data list having the attribute information in the volatile memory.
6. The data processing control method of claim 5, wherein the data list includes attribute information of a secondary storage device data address, a data size, and an address in the volatile memory.
7. The data processing control method according to claim 6, wherein the data list further includes information indicating whether the data itself stored in the external storage unit exists in the volatile memory.
8. A data processing control method for a secondary storage device included in a first information processing device provided with the secondary storage device,
a file access control unit installed in a first information processing apparatus acquires any processing request to be applied to a secondary storage apparatus running on the first information processing apparatus to determine the content of the request, transmits a target file or folder of the processing request to a second information processing apparatus on a network destination if the second information processing apparatus should transmit the target file or folder, and
if the target file or folder of the processing request should not be transferred to the second information processing apparatus, the secondary storage apparatus control unit installed in the first information processing apparatus acquires the processing request, prohibits the write request to the secondary storage apparatus, and, on the contrary, performs the write operation to the volatile memory.
9. The data processing control method according to claim 8, wherein if the processing request is a read data request, reading out data to be read from the secondary storage device, reading out modification data obtained by modifying the data to be read from the volatile memory, and rewriting and presenting the data to be read using the modification data.
10. An information processing apparatus characterized by comprising:
a secondary storage device;
a secondary storage device control unit for controlling processing of the secondary storage device; and
a volatile memory (or a non-volatile memory),
wherein the secondary storage device control unit acquires a processing request to the secondary storage device by any application running on the information processing device, and if the processing request is a write data request, inhibits a write operation to the secondary storage device, and conversely, performs a write operation to the volatile memory.
11. The information processing apparatus according to claim 10, wherein the secondary storage apparatus control unit further stores the data written in the volatile memory in an external storage unit connected to the information processing apparatus.
12. An information processing apparatus characterized by comprising:
a secondary storage device;
a file access control unit for controlling file access to an external storage unit connected through a network;
a secondary storage device control unit for controlling the secondary storage device processing; and
a volatile memory (or a non-volatile memory),
wherein the file access control unit acquires a processing request of any application running on the information processing apparatus to the secondary storage apparatus to determine the content of the request, transmits a target file or folder of the processing request to an external storage unit of a network destination if it should be transmitted to the external storage unit,
if the target file or folder of the processing request should not be transferred to the external storage unit, the secondary storage device control unit acquires the processing request, prohibits the write operation to the secondary storage device, and conversely, performs the write operation to the volatile memory.
13. A data processing control system that controls data writing, comprising:
an information processing apparatus; and
an external storage unit connected to the information processing apparatus,
the information processing apparatus includes:
a secondary storage device;
a secondary storage device control unit for controlling processing of the secondary storage device; and
a volatile memory (or a non-volatile memory),
wherein the secondary storage device control unit acquires a processing request of any application running on the information processing device to the secondary storage device, prohibits a write operation to the secondary storage device if the processing request is a write data request, and conversely, performs a write operation to the volatile memory, and
the secondary storage device control unit also stores data written in the volatile memory into the external storage unit.
14. A data processing control system that controls writing of a file, comprising:
an information processing apparatus; and
an external storage unit connected to the information processing apparatus,
the information processing apparatus includes:
a secondary storage device;
a file access control unit for controlling file access to an external storage unit connected through a network;
a secondary storage device control unit for controlling the secondary storage device processing; and
a volatile memory (or a non-volatile memory),
wherein the file access control unit acquires a processing request of any application running on the information processing apparatus to the secondary storage apparatus to determine the content of the request, transmits a target file or folder of the processing request to an external storage unit of a network destination if it should be transmitted to the external storage unit, and
if the target file or folder of the processing request should not be transferred to the external storage unit, the secondary storage device control unit acquires the processing request, prohibits the write operation to the secondary storage device, and conversely, performs the write operation to the volatile memory.
Claims (14)
1. A data processing control method for a secondary storage device included in an information processing device provided with the secondary storage device,
a secondary storage device control unit installed in the information processing device acquires any processing request applied to the secondary storage device, and if the processing request is a write data request, writing to the secondary storage device is prohibited, and instead, a write operation is performed to the volatile memory.
2. The data processing control method according to claim 1, wherein the secondary storage device control unit further stores the data written in the volatile memory in an external storage unit connected to the information processing device.
3. The data processing control method according to claim 1 or 2, wherein the secondary storage device control unit writes to the volatile memory a difference between the data in the initial state of the secondary storage device and modified data obtained by modifying the data.
4. A data processing control method according to any one of claims 1 to 3, wherein if the processing request is a read data request, reading out data to be read from the secondary storage device, reading out modification data obtained by modifying the data to be read from the volatile memory, and rewriting and presenting the data to be read using the modification data.
5. The data processing control method according to any one of claims 1 to 4, wherein when the information processing apparatus is initialized, the secondary storage apparatus controlling unit controls the apparatus to access an external storage unit connected to the information processing apparatus, to acquire attribute information of data stored in the external storage unit, and to generate a data list having the attribute information in the volatile memory.
6. The data processing control method of claim 5, wherein the data list includes attribute information of a secondary storage device data address, a data size, and an address in the volatile memory.
7. The data processing control method according to claim 6, wherein the data list further includes information indicating whether the data itself stored in the external storage unit exists in the volatile memory.
8. A data processing control method for a secondary storage device included in a first information processing device provided with the secondary storage device,
a file access control unit installed in a first information processing apparatus acquires any processing request applied to a secondary storage apparatus to determine the content of the request, transmits a target file or folder of the processing request to a second information processing apparatus on a network destination side if it should be transmitted to the second information processing apparatus, and
if the target file or folder of the processing request should not be transferred to the second information processing apparatus, the secondary storage apparatus control unit installed in the first information processing apparatus acquires the processing request, prohibits the write request to the secondary storage apparatus, and, on the contrary, performs the write operation to the volatile memory.
9. The data processing control method according to claim 8, wherein if the processing request is a read data request, reading out data to be read from the secondary storage device, reading out modification data obtained by modifying the data to be read from the volatile memory, and rewriting and presenting the data to be read using the modification data.
10. An information processing apparatus characterized by comprising:
a secondary storage device;
a secondary storage device control unit for controlling processing of the secondary storage device; and
a volatile memory (or a non-volatile memory),
wherein the secondary storage device control unit acquires a processing request to the secondary storage device by any application, and if the processing request is a write data request, inhibits a write operation to the secondary storage device, and conversely, performs a write operation to the volatile memory.
11. The information processing apparatus according to claim 10, wherein the secondary storage apparatus control unit further stores the data written in the volatile memory in an external storage unit connected to the information processing apparatus.
12. An information processing apparatus characterized by comprising:
a secondary storage device;
a file access control unit for controlling file access to an external storage unit connected through a network;
a secondary storage device control unit for controlling the secondary storage device processing; and
a volatile memory (or a non-volatile memory),
wherein the file access control unit acquires any processing request applied to the secondary storage device to determine the content of the request, transmits a target file or folder of the processing request to an external storage unit of a network destination if the target file or folder should be transmitted to the external storage unit,
if the target file or folder of the processing request should not be transferred to the second information processing apparatus, the secondary storage apparatus control unit acquires the processing request, prohibits the write operation to the secondary storage apparatus, and conversely, performs the write operation to the volatile memory.
13. A data processing control system that controls data writing, comprising:
an information processing apparatus; and
an external storage unit connected to the information processing apparatus,
the information processing apparatus includes:
a secondary storage device;
a secondary storage device control unit for controlling processing of the secondary storage device; and
a volatile memory (or a non-volatile memory),
wherein the secondary storage device control unit acquires any processing request applied to the secondary storage device, if the processing request is a write data request, inhibits the write operation to the secondary storage device, and on the contrary, performs the write operation to the volatile memory, and
the secondary storage device control unit also stores data written in the volatile memory into the external storage unit.
14. A data processing control system that controls writing of a file, comprising:
an information processing apparatus; and
an external storage unit connected to the information processing apparatus,
the information processing apparatus includes:
a secondary storage device;
a file access control unit for controlling file access to an external storage unit connected through a network;
a secondary storage device control unit for controlling the secondary storage device processing; and
a volatile memory (or a non-volatile memory),
wherein the file access control unit acquires any processing request applied to the secondary storage device to determine the content of the request, transmits a target file or folder of the processing request to an external storage unit of a network destination if the target file or folder should be transmitted to the external storage unit, and
if the target file or folder of the processing request should not be transferred to the second information processing apparatus, the secondary storage apparatus control unit acquires the processing request, prohibits the write operation to the secondary storage apparatus, and conversely, performs the write operation to the volatile memory.
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK1125708A true HK1125708A (en) | 2009-08-14 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6907512B2 (en) | System and method for filtering write operations to a storage medium containing an operating system image | |
| CA2162818C (en) | Rewritable rom file device | |
| JP4189436B2 (en) | Data processing control method | |
| KR100360154B1 (en) | Portable informat ion processing terminal device with low power consumption and large memory capacity | |
| US20060174074A1 (en) | Point-in-time copy operation | |
| US6904496B2 (en) | Computer system with improved write cache and method therefor | |
| JP2006127106A (en) | Storage system and control method thereof | |
| JP2010511926A (en) | Progressive and transparent file update | |
| US20170060744A1 (en) | Tiered storage system, computer using tiered storage device, and method of correcting count of accesses to file | |
| JP2005301628A (en) | Disk array device | |
| WO2013042159A1 (en) | Storage apparatus, computer system, and data migration method | |
| JP2006048641A (en) | Long-term data archive file server | |
| CN101430700B (en) | File system management device and method, and storage device | |
| US20060149899A1 (en) | Method and apparatus for ongoing block storage device management | |
| KR20100016174A (en) | Storage device and method for data-smuggling | |
| US20080235474A1 (en) | Method and system for processing access to disk block | |
| US11409451B2 (en) | Systems, methods, and storage media for using the otherwise-unutilized storage space on a storage device | |
| KR101624005B1 (en) | Controlling access to software component state | |
| JP4945669B2 (en) | Data processing control method, information processing apparatus, and data processing control system | |
| JP2008293525A (en) | Data processing control method, information processor, and data processing control system | |
| HK1125708A (en) | Data processing control method, information processor, and data processing control system | |
| JP5295046B2 (en) | User terminal device and method for controlling user terminal device | |
| JP2008090378A (en) | Hybrid file system, operating system, cache control method, and recording medium | |
| JP2011090531A (en) | Information storage device | |
| JP2001084115A (en) | Information recording control system and information recording control method |