	US 11,687,645 B2
	Security control method and computer system
Haibo Chen, Shanghai (CN); Nan Wang, Beijing (CN); Shanxi Chen, Shenzhen (CN); and Miao Xie, Shenzhen (CN)
Assigned to HUAWEI TECHNOLOGIES CO., LTD., Shenzhen (CN)
Filed by HUAWEI TECHNOLOGIES CO., LTD., Guangdong (CN)
Filed on Apr. 2, 2020, as Appl. No. 16/838,935.
Application 16/838,935 is a continuation of application No. PCT/CN2018/109416, filed on Oct. 9, 2018.
Claims priority of application No. 201710952362.4 (CN), filed on Oct. 13, 2017.
Prior Publication US 2020/0250302 A1, Aug. 6, 2020
Int. Cl. G06F 21/54 (2013.01); G06N 20/00 (2019.01); G06F 21/74 (2013.01); G06F 16/245 (2019.01); G06F 7/58 (2006.01); G06F 21/57 (2013.01); G06Q 50/26 (2012.01)

CPC G06F 21/54 (2013.01) [G06F 21/74 (2013.01); G06N 20/00 (2019.01); G06F 7/582 (2013.01); G06F 7/588 (2013.01); G06F 16/245 (2019.01); G06F 21/577 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2101 (2013.01); G06Q 50/265 (2013.01)]

20 Claims

10. A security control method for a computer system in which a first domain and a second domain are deployed, the security control method comprising:

obtaining a process identification of a current process from the first domain before a tracer collects a to-be-audited information;

obtaining the to-be-audited information in the second domain using the tracer when a program in the first domain is executed, the to-be-audited information comprising control flow information of the program;

using the process identification together with the control flow information as the to-be-audited information;

searching the second domain for an audit rule that matches the process identification;

auditing, in the second domain, the to-be-audited information according to an audit rule; and

determining that the audit succeeds and allowing access to the second domain when the to-be-audited information matches the audit rule.