[go: up one dir, main page]

CN107741914A - Insertion type mobile network information security device and safety protection method - Google Patents

Insertion type mobile network information security device and safety protection method Download PDF

Info

Publication number
CN107741914A
CN107741914A CN201711153766.3A CN201711153766A CN107741914A CN 107741914 A CN107741914 A CN 107741914A CN 201711153766 A CN201711153766 A CN 201711153766A CN 107741914 A CN107741914 A CN 107741914A
Authority
CN
China
Prior art keywords
safety
protection system
memory cell
write
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711153766.3A
Other languages
Chinese (zh)
Inventor
张正天
陈东辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dandong Ubs Technology Co Ltd
Original Assignee
Dandong Ubs Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dandong Ubs Technology Co Ltd filed Critical Dandong Ubs Technology Co Ltd
Priority to CN201711153766.3A priority Critical patent/CN107741914A/en
Publication of CN107741914A publication Critical patent/CN107741914A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses insertion type mobile network information security device and safety protection method, wherein, the equipment includes:Main control unit, identity authenticating unit, user data memory cell, safety-protection system memory cell, write-protect analog switch and communication interface, write-protect analog switch are connected with safety-protection system memory cell;Methods described comprises the following steps:PC is accessed, shields the original hard disk of PC, turns into the hard disk of PC, and the main frame of one carrying safety-protection system of CPU and random access memory composition together with PC;Start PC, identity authenticating unit carries out identity validation to user, after being identified through, into safety-protection system.The insertion type mobile network information security device is invasive devices, suitable for different PCs, hard disk that is maskable and substituting PC forms new main frame, the data of safety-protection system will not be changed arbitrarily, poisoning intrusion can be prevented, meanwhile authentication is needed into safety-protection system, improve the security of information.

Description

Insertion type mobile network information security device and safety protection method
Technical field
The present invention relates to technical field of network security, specifically provides a kind of insertion type mobile network information security device And safety protection method.
Background technology
With the development of science and technology, computer has incorporated the life of people with network dearly.It is general extensively with network in computer And while, safety problem also highlights.There are many fire walls and all kinds of antivirus softwares in the present reality world, black for restraining The attack of visitor, however, these products do not tackle the problem at its root all the time, its effect does not reach the expectation of user, annual black The attack of visitor has brought huge loss to national national defense safety, economic construction, even more special to bank, hospital, army etc. Security field brings serious threat.Special industry has been set up the internal network of the industry, matched somebody with somebody one after another in order to solve this problem It is standby to be used for two sets of computers of Intranet and outer net, and formulated strict intranet and extranet safeguard management system.So, though It can so solve the above problems to a certain extent, at the same it is huge there is also putting into, and application and management are cumbersome, slightly accidentally, just Accidental loss result can be caused.
Therefore, the safeguard management of the network information how is further improved, turns into people's urgent problem to be solved.
The content of the invention
In consideration of it, it is an object of the invention to provide a kind of insertion type mobile network information security device and security protection side Method, application and management cumbersome, the problems such as security low big to solve existing information safety protection method input amount.
One aspect of the present invention provides a kind of insertion type mobile network information security device, including:Main control unit, identity Authentication unit, user data memory cell, safety-protection system memory cell, write-protect analog switch and communication interface, wherein, it is described Identity authenticating unit, user data memory cell, safety-protection system memory cell, write-protect analog switch and communication interface with master Unit connection is controlled, write-protect analog switch is connected with safety-protection system memory cell, for realizing to safety-protection system memory cell Write-protect.
It is preferred that described insertion type mobile network information security device also include the information that is connected with main control unit add/ Decryption unit, information enciphering/deciphering unit are connected with user data memory cell, for realizing encryption and decryption to information.
Further preferably, the identity authenticating unit includes identity information acquisition unit and the identity information acquisition list The identity information matching unit of member connection and the identity information storage unit being connected with the identity information matching unit, wherein, The identity information acquisition unit is used to gather the identity information of user's input and sent to identity information matching unit, the body Part information matching unit is used for the identity information received and what is prestored in identity information storage unit start safety-protection system Identity information matched, if the match is successful, to main control unit send pass signal, after main control unit receives the signal Start safety-protection system.
Further preferably, the identity for the adjustable write-protect analog switch state that also prestored in the identity information storage unit Information, the identity information for being gathered with identity information acquisition unit is matched, if the match is successful, guarantor is write in main control unit adjustment The state of analog switch is protected, stops the write-protect to safety-protection system memory cell.
Further preferably, the communication interface includes USB interface and SAS interfaces.
Another aspect of the present invention provides a kind of insertion type mobile network information safety protection method, it is characterised in that including Following steps:
S1:PC in the power-offstate, stores the security device access PC of safety-protection system, shields the original hard disk of PC, And replace as the hard disk of PC, the CPU and random access memory together with PC form the main frame of a carrying safety-protection system, Wherein, the memory cell for storing safety-protection system passes through write-protect of the write-protect analog switch realization to memory cell;
S2:Start PC, identity authenticating unit carries out identity validation to user, after being identified through, into safety-protection system.
It is preferred that when in PC running, in addition to the step of carry out enciphering/deciphering processing to data.
Further preferably, the state of write-protect analog switch can be adjusted by authentication, to realize to security protection The change of information in system memory unit.
Further preferably, the identity information is finger print information and/or encrypted message.
Further preferably, the security device is communicated by USB interface and/or SAS interfaces.
Insertion type mobile network information security device provided by the invention is invasive devices, suitable for different PCs, After being connected with PC, the hard disk of maskable PC and the hard disk for turning into PC, and CPU and random access memory composition together with PC New main frame, safety-protection system can not be changed arbitrarily, specifically:Safety-protection system memory cell stores up safety-protection system, number of users It is used to store data according to memory cell, after equipment access PC, identity authenticating unit carries out identity to operator and tested Card, if success, into safety-protection system, in system operation, write-protect analog switch can enter to safety-protection system memory cell Row write is protected, it is ensured that safety-protection system is not modified, safe..
Insertion type mobile network information safety protection method provided by the invention, passes through the maskable PC of insertion type security device Original hard disk, and replace as the hard disk of PC, the CPU and random access memory together with PC form a carrying security protection The data of the main frame of system, wherein safety-protection system are protected by write-protect analog switch, will not arbitrarily be changed, and can be prevented Poisoning intrusion, meanwhile, authentication is needed into safety-protection system, improves the security of information.
Brief description of the drawings
Below in conjunction with the accompanying drawings and embodiment the present invention is further detailed explanation:
Fig. 1 is the structured flowchart of insertion type mobile network information security device provided by the invention;
Fig. 2 is the structured flowchart of identity authenticating unit;
Fig. 3 is the flow chart of insertion type mobile network information safety protection method provided by the invention.
Embodiment
The present invention is further explained below in conjunction with specific embodiment, but the not limitation present invention.
As shown in figure 1, insertion type mobile network information security device, including:Main control unit 1, identity authenticating unit 2, User data memory cell 3, safety-protection system memory cell 4, write-protect analog switch 5 and communication interface 6, wherein, the identity Authentication unit 2, user data memory cell 3, safety-protection system memory cell 4, write-protect analog switch 5 and communication interface 6 with Main control unit 1 is connected, and write-protect analog switch 5 is connected with safety-protection system memory cell 4, and list is stored to safety-protection system for realizing The write-protect of member 4.
The insertion type mobile network information security device is invasive devices, suitable for different PCs, is connected with PC Afterwards, the hard disk of maskable PC and as the hard disk of PC, and CPU together with PC and random access memory form new main frame, Safety-protection system can not be changed arbitrarily, prevent poisoning intrusion, specifically:Safety-protection system memory cell stores up safety-protection system, uses User data memory cell is used to store data, and after equipment access PC, identity authenticating unit carries out body to operator Part checking, if success, into safety-protection system, in system operation, write-protect analog switch can store single to safety-protection system Member carries out write-protect, it is ensured that safety-protection system is not modified, safe.
Just can directly it be used after maliciously being obtained in order to avoid the data in user data memory cell, as technical scheme Improvement, as shown in figure 1, the insertion type mobile network information security device also include the information that is connected with main control unit 1 add/ Decryption unit 7, information enciphering/deciphering unit 7 are connected with user data memory cell 3, for realizing encryption and decryption to information, During use, user according to the security classification of information can choose whether that it is encrypted and decrypts.
As the improvement of technical scheme, as shown in Fig. 2 the identity authenticating unit 2 include identity information acquisition unit 21, The identity information matching unit 22 that is connected with the identity information acquisition unit 21 and connect with the identity information matching unit 22 The identity information storage unit 23 connect, wherein, the identity information acquisition unit 21 is used for the identity information for gathering user's input And send to identity information matching unit 21, the identity information matching unit 22 is used for the identity information and identity that will be received The identity information for starting safety-protection system to be prestored in information memory cell 23 is matched, if the match is successful, to main control unit 1 Pass signal is sent, main control unit 1 starts safety-protection system after receiving the signal, wherein, the identity information of checking can be Finger print information and/or encrypted message.
Although user can not to the random change of safety-protection system, keeper can be modified to safety-protection system, as The improvement of technical scheme, the identity letter for the adjustable write-protect analog switch state that also prestores in the identity information storage unit 23 Breath, the identity information for being gathered with identity information acquisition unit 21 is matched, if the match is successful, the adjustment of main control unit 1 is write The state of analog switch is protected, stops the write-protect to safety-protection system memory cell 5, now, keeper can as needed more Change safety-protection system.
As the improvement of technical scheme, the communication interface 6 includes USB interface and SAS interfaces.
As shown in figure 3, insertion type mobile network information safety protection method, comprises the following steps:
S1:PC in the power-offstate, stores the security device access PC of safety-protection system, shields the original hard disk of PC, And replace as the hard disk of PC, the CPU and random access memory together with PC form the main frame of a carrying safety-protection system, Wherein, the memory cell for storing safety-protection system passes through write-protect of the write-protect analog switch realization to memory cell;
S2:Start PC, identity authenticating unit carries out identity validation to user, after being identified through, into safety-protection system.
The insertion type mobile network information safety protection method, pass through the original hard of the maskable PC of insertion type security device Disk, and replace as the hard disk of PC, the CPU and random access memory together with PC form the master of a carrying safety-protection system The data of machine, wherein safety-protection system are protected by write-protect analog switch, will not arbitrarily be changed, and can prevent virus from entering Invade, meanwhile, authentication is needed into safety-protection system, improves the security of information.
In order to ensure the security of data, as the improvement of technical scheme, when in PC running, in addition to data The step of carrying out enciphering/deciphering processing.
In order to facilitate change of the keeper to safety-protection system, as the improvement of technical scheme, the shape of write-protect analog switch State can be adjusted by authentication, to realize the change to information in safety-protection system memory cell.
As the improvement of technical scheme, the identity information is finger print information and/or encrypted message.
As the improvement of technical scheme, the security device is communicated by USB interface and/or SAS interfaces.
The embodiment of the present invention is write according to progressive mode, highlights each embodiment Difference, its similar portion can be with cross-reference.
Embodiments of the present invention are elaborated above in conjunction with accompanying drawing, but the present invention is not limited to above-mentioned implementation Mode, can also be on the premise of present inventive concept not be departed from those of ordinary skill in the art's possessed knowledge Various changes can be made.

Claims (10)

1. insertion type mobile network information security device, it is characterised in that including:Main control unit (1), identity authenticating unit (2), user data memory cell (3), safety-protection system memory cell (4), write-protect analog switch (5) and communication interface (6), its In, the identity authenticating unit (2), user data memory cell (3), safety-protection system memory cell (4), write-protect analog switch (5) it is connected with communication interface (6) with main control unit (1), write-protect analog switch (5) connects with safety-protection system memory cell (4) Connect, for realizing the write-protect to safety-protection system memory cell (4).
2. according to the insertion type mobile network information security device described in claim 1, it is characterised in that:Also include and master control The information enciphering/deciphering unit (7) of unit (1) connection, information enciphering/deciphering unit (7) are connected with user data memory cell (3), For realizing encryption and decryption to information.
3. according to the insertion type mobile network information security device described in claim 1, it is characterised in that:The authentication The identity information matching that unit (2) includes identity information acquisition unit (21), is connected with the identity information acquisition unit (21) Unit (22) and the identity information storage unit (23) being connected with the identity information matching unit (22), wherein, the identity Information acquisition unit (21) is used to gather the identity information of user's input and sent to identity information matching unit (21), the body Part information matching unit (22) is used to start the identity information received with what is prestored in identity information storage unit (23) The identity information of safety-protection system is matched, if the match is successful, sends pass signal to main control unit (1), main control unit (1) connects Start safety-protection system after receiving the signal.
4. according to the insertion type mobile network information security device described in claim 3, it is characterised in that:The identity information The identity information for the adjustable write-protect analog switch state that also prestores in memory cell (23), for identity information acquisition unit (21) identity information of collection is matched, if the match is successful, main control unit (1) adjusts the state of write-protect analog switch, stops Only to the write-protect of safety-protection system memory cell (5).
5. according to the insertion type mobile network information security device any one of Claims 1-4, it is characterised in that: The communication interface (6) includes USB interface and SAS interfaces.
6. insertion type mobile network information safety protection method, it is characterised in that comprise the following steps:
S1:PC in the power-offstate, stores the security device access PC of safety-protection system, shields the original hard disk of PC, and take And instead of turning into the hard disk of PC, the CPU and random access memory together with PC form the main frame of a carrying safety-protection system, its In, the memory cell for storing safety-protection system passes through write-protect of the write-protect analog switch realization to memory cell;
S2:Start PC, identity authenticating unit carries out identity validation to user, after being identified through, into safety-protection system.
7. according to the insertion type mobile network information safety protection method described in claim 6, it is characterised in that:When PC was run Cheng Zhong, in addition to data carry out enciphering/deciphering processing the step of.
8. according to the insertion type mobile network information safety protection method described in claim 6, it is characterised in that:Write-protect simulation is opened The state of pass can be adjusted by authentication, to realize the change to information in safety-protection system memory cell.
9. according to the insertion type mobile network information safety protection method described in claim 6, it is characterised in that:The identity information For finger print information and/or encrypted message.
10. according to the insertion type mobile network information safety protection method any one of claim 6 to 9, it is characterised in that: The security device is communicated by USB interface and/or SAS interfaces.
CN201711153766.3A 2017-11-20 2017-11-20 Insertion type mobile network information security device and safety protection method Pending CN107741914A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711153766.3A CN107741914A (en) 2017-11-20 2017-11-20 Insertion type mobile network information security device and safety protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711153766.3A CN107741914A (en) 2017-11-20 2017-11-20 Insertion type mobile network information security device and safety protection method

Publications (1)

Publication Number Publication Date
CN107741914A true CN107741914A (en) 2018-02-27

Family

ID=61238484

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711153766.3A Pending CN107741914A (en) 2017-11-20 2017-11-20 Insertion type mobile network information security device and safety protection method

Country Status (1)

Country Link
CN (1) CN107741914A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008009981A (en) * 2006-06-28 2008-01-17 Beijing Feitian Technologies Co Ltd Method and device for realizing protection of starting computer
US20090045914A1 (en) * 2007-08-13 2009-02-19 Transcend Information , Inc. Write-protection module and method for storage device
CN101986597A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Identity authentication system with biological characteristic recognition function and authentication method thereof
CN103886234A (en) * 2014-02-27 2014-06-25 浙江诸暨奇创电子科技有限公司 Safety computer based on encrypted hard disk and data safety control method of safety computer
CN203746071U (en) * 2014-02-27 2014-07-30 浙江诸暨奇创电子科技有限公司 Security computer based on encrypted hard disc
CN105184179A (en) * 2015-11-05 2015-12-23 深圳市凯祥源科技有限公司 Embedded encrypted mobile storage device and operation method thereof
CN106850593A (en) * 2017-01-14 2017-06-13 河南工程学院 A kind of computer network security guard system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008009981A (en) * 2006-06-28 2008-01-17 Beijing Feitian Technologies Co Ltd Method and device for realizing protection of starting computer
US20090045914A1 (en) * 2007-08-13 2009-02-19 Transcend Information , Inc. Write-protection module and method for storage device
CN101986597A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Identity authentication system with biological characteristic recognition function and authentication method thereof
CN103886234A (en) * 2014-02-27 2014-06-25 浙江诸暨奇创电子科技有限公司 Safety computer based on encrypted hard disk and data safety control method of safety computer
CN203746071U (en) * 2014-02-27 2014-07-30 浙江诸暨奇创电子科技有限公司 Security computer based on encrypted hard disc
CN105184179A (en) * 2015-11-05 2015-12-23 深圳市凯祥源科技有限公司 Embedded encrypted mobile storage device and operation method thereof
CN106850593A (en) * 2017-01-14 2017-06-13 河南工程学院 A kind of computer network security guard system

Similar Documents

Publication Publication Date Title
US20240289490A1 (en) Systems and methods for runtime content masking
CN104331644B (en) A transparent encryption and decryption method for intelligent terminal files
CN108595989B (en) Mobile APP safety protection system and method under iOS
US10079835B1 (en) Systems and methods for data loss prevention of unidentifiable and unsupported object types
CN112217835B (en) Message data processing method and device, server and terminal equipment
US8566934B2 (en) Apparatus and method for enhancing security of data on a host computing device and a peripheral device
CN102999732B (en) Multi-stage domain protection method and system based on information security level identifiers
US20190332765A1 (en) File processing method and system, and data processing method
CN101667232B (en) Terminal credible security system and method based on credible computing
Jo et al. Security analysis and improvement of fingerprint authentication for smartphones
CN102333072B (en) Network banking trusted transaction system and method based on intelligent terminal
WO2016192453A1 (en) Safety control method and apparatus, and terminal
CN107871081A (en) A kind of computer information safe system
CN107196932A (en) Managing and control system in a kind of document sets based on virtualization
CN111832053A (en) Transparent encryption and decryption method and system based on application program
CN103902922B (en) A kind of method and system for preventing file from stealing
CN106790243A (en) A kind of password remapping method of safe U disc
Nowroozi et al. Cryptocurrency wallets: Assessment and security
US9262619B2 (en) Computer system and method for protecting data from external threats
CN106355112A (en) Method of destructing data in encrypted mobile storage device and server
CN107741914A (en) Insertion type mobile network information security device and safety protection method
Lee et al. A study on a secure USB mechanism that prevents the exposure of authentication information for smart human care services
CN113360877A (en) Method for designing safe mobile storage medium based on RAM
TWI829608B (en) System and method for securing data files
Neuner Bad things happen through USB

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180227

RJ01 Rejection of invention patent application after publication