CN107463515A - A kind of image-forming media protection device based on Internet of Things - Google Patents
A kind of image-forming media protection device based on Internet of Things Download PDFInfo
- Publication number
- CN107463515A CN107463515A CN201710663687.0A CN201710663687A CN107463515A CN 107463515 A CN107463515 A CN 107463515A CN 201710663687 A CN201710663687 A CN 201710663687A CN 107463515 A CN107463515 A CN 107463515A
- Authority
- CN
- China
- Prior art keywords
- security
- file
- storage
- level
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1491—Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
Abstract
The invention discloses a kind of image-forming media protection device based on Internet of Things; it is mainly used in monitoring camera field; for not high for storing the storage facilities security of monitoring data in the prior art; the problem of effectively monitoring information can not being protected safe; protection is encrypted to the monitoring data in storage module by encipherment protection module; prevent unauthorized management person from being checked to sensitive data, distort, delete, protect the safety of monitoring data, lifting monitoring level of security.The encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, redirects unit, security strategy receiving unit, security strategy input unit and storage detection means.The high monitoring data content of level of security after judging the level of security of monitoring data, is redirected to the high storage region of storage security by encipherment protection module by intercepting and capturing fileinfo, realizes the division that safe class is carried out to different monitoring datas.
Description
Technical field
The present invention relates to field of photography, more particularly to a kind of image-forming media protection device based on Internet of Things.
Background technology
The definition of Internet of Things is by radio frequency identification (RFID), infrared inductor, global positioning system, laser scanner etc.
Information sensing device, by the agreement of agreement, any article is connected with internet, enters row information and exchange and communicate, to realize
To a kind of network of the Weigh sensor of article, positioning, tracking, monitoring and management.In the prior art, data needs stored
The identification of level of security is carried out, some is identified by the difference of application.For example, according to the IP address from different servers
To identify, this identification method is commonly available to different application and corresponds to different level of securitys, also, different application is stored in not
On same server, so it can use the IP address of server that the data for needing to store are done into security classification;For
A variety of to apply on same server, different business realizes Business Stream using fire wall or interchanger by TCP or udp port
Control is oriented to, can generally be had by port numbers corresponding to different application to distinguish the application of different safety class, for example, in advance
It is high safety rank to set the application received from some port, and the application received from some port is lower security rank.
The patent of Application No. 200580045909.8 proposes a kind of data processing equipment with memory protection unit,
With the memory for being operable to data storage value;A kind of memory protection unit, it is operable to storage attribute and the storage
A part for device is associated, and identifies multiple storage regions corresponding to the memory appropriate address scope.The storage
Protection location is operable at least one in the multiple storage region with corresponding memory region specifier being associated, institute
Stating memory region specifier includes being used for the attribute field for the set of memory attributes that definition associates with the storage region and is used for
Preserve the sub-region field of sub-region membership value.The sub-region membership value is multiple sub-districts of the storage region
Each of domain provides that corresponding subregion is member sub-region or non-member subregion so that by the storage attribute application
In the member sub-region but it bel not applied to the non-member subregion.But the patent does not have to the safe class of data storage
Divided, system processes data pressure is big, it is difficult to keep system run all right, practicality is not high.
The patent of Application No. 200810096112.6 proposes guard method and the device of a kind of storage medium, and it is applied
In the storage device including some variety classes storage mediums, including step:Unified the storage medium structure and information
Management;Divide logical blocks;The physical block minimum to erasable number easy to find;The minimum physical block of erasable number is provided to carry out
Data storage.The present invention uses the device of the guard method of storage medium, satisfactory erasable by being provided for data storage
The minimum physical block of number, realize the purpose of storage medium in protection device.But if the patent is applied to monitoring field, nothing
Method carries out security isolation to the monitoring data of each control point, can not solve unauthorized management person and check, distorts, deletes sensitive data
The problem of.
The content of the invention
It is high for storing the storage facilities security of monitoring data in the prior art the invention aims to solve,
The problem of effectively monitoring information can not being protected safe, and a kind of image-forming media protection device based on Internet of Things proposed.
To achieve these goals, present invention employs following technical scheme:
A kind of image-forming media protection device based on Internet of Things, it is specially that one kind is used to protect in storage module to monitor
The encipherment protection module of data, the encipherment protection module include intercept and capture unit, level of security obtaining unit, redirect unit,
Security strategy receiving unit, security strategy input unit and storage detection means;It is described intercepting and capturing unit respectively with judging unit and
Memory cell is connected, and the judging unit is connected with security strategy receiving unit and redirection unit respectively, described to redirect list
Member is connected with two storage regions;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured is included in file attribute information and file
Hold, the file attribute information includes file security information;
The level of security obtaining unit is used to obtain text according to the file security information according to the security strategy of setting
The level of security of part content;
If the unit that redirects reaches default severity level for the level of security obtained, file content is reset
Stored to the first storage region;If the level of security obtained is not reaching to default severity level, by file content
It is redirected to the second storage region to be stored, the data storage safety of second storage region is less than the first storage region
Data storage safety;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to safe level
Other obtaining unit is obtaining the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the safety that will be received
Strategy is sent to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured include file attribute information and
File content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security
The level of security of information acquisition file content;If the level of security obtained reaches default severity level, by file content weight
It is directed to the storage of the first storage region;If the level of security obtained is not reaching to default severity level, by file content weight
The storage of the second storage region is directed to, the data storage safety of second storage region is less than the data of the first storage region
Storage security.
Preferably, according to corresponding to call type cryptographic operation or decryption oprerations to the current tune of file system driving module
Data are handled, and are specifically included:Detect currently without the key that can be used.
Preferably, the intercepting and capturing unit is specifically used for calling external interface driving, is driven by external interface and intercepts and captures file
Information.
Preferably, the file attribute information also includes filename and file directory information;Device also includes memory cell,
For the file driving in call operation system, using file driving from file attribute information extraction document name and file directory
Information, for the volume directory management system in call operation system, using volume directory management system by filename and file directory
The storage location that information storage is specified to file directory information.
Preferably, the operating system is Windows operating system, and the memory cell is specifically used for calling file system
NTFS connects door, using file system NTFS interfaces from file attribute information extraction document name and directory information.
Preferably, the storage detecting system also includes authentication device, and authentication device is used in security strategy input unit
Before the security strategy for receiving staff's input, the authority of staff is authenticated.
Compared with prior art, the beneficial effects of the invention are as follows:
1st, the present invention is by intercepting and capturing monitoring data information, after judging the level of security of monitoring data, by safe level
Not high monitoring data is redirected to the high storage region of storage security, carries out the judgement of level of security in itself to monitoring data
And stored and transparent to staff, realize and safe class is carried out to monitoring data different caused by same application
Division.
2nd, support a file system to drive during dynamic model block is called to data in kernel, logarithm is realized in kernel
According to encrypting and decrypting operate, and this encrypting and decrypting operation be for staff it is sightless, do not influenceing using storage mould
While the memory function of block, the security of monitoring data is improved.
Brief description of the drawings
Fig. 1 is that a kind of image-forming media protection device based on Internet of Things proposed by the present invention is applied to monitoring field
Structural representation;
Fig. 2 is a kind of structural representation of the image-forming media protection device based on Internet of Things proposed by the present invention;
Fig. 3 is a kind of another structural representation of the image-forming media protection device based on Internet of Things proposed by the present invention
Figure;
Fig. 4 is a kind of method of work flow of the image-forming media protection device based on Internet of Things proposed by the present invention
Figure.
Embodiment
The technical scheme in the embodiment of the present invention will be clearly and completely described below, it is clear that described implementation
Example only part of the embodiment of the present invention, rather than whole embodiments.
Reference picture 1-4, a kind of image-forming media protection device based on Internet of Things, it is mainly used in monitoring camera neck
Domain, protection is encrypted to monitoring data, prevents unauthorized management person from being checked to sensitive data, distort, delete, protect prison
Control the safety of data, lifting monitoring level of security.Photographing module is connected with image processor, and image processor is connected with storage mould
Block, image processor are handled the monitored picture that photographing module photographs, and the monitoring data after processing is stored in into storage
It is convenient to have access in the future in storing module.To ensure the safety of monitoring data in storage module, storage module is connected with encipherment protection mould
Block, encipherment protection module the data in memory module are encrypted protection, lift security.
The encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, redirects unit, security strategy reception
Unit, security strategy input unit and storage detection means;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured is included in file attribute information and file
Hold, the file attribute information includes file security information;
The level of security obtaining unit is used to obtain text according to the file security information according to the security strategy of setting
The level of security of part content;
If the unit that redirects reaches default severity level for the level of security obtained, file content is reset
Stored to the first storage region;If the level of security obtained is not reaching to default severity level, by file content
It is redirected to the second storage region to be stored, the data storage safety of second storage region is less than the first storage region
Data storage safety;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to safe level
Other obtaining unit is obtaining the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the safety that will be received
Strategy is sent to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured include file attribute information and
File content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security
The level of security of information acquisition file content;If the level of security obtained reaches default severity level, by file content weight
It is directed to the storage of the first storage region;If the level of security obtained is not reaching to default severity level, by file content weight
The storage of the second storage region is directed to, the data storage safety of second storage region is less than the data of the first storage region
Storage security.
A kind of image-forming media protection device based on Internet of Things, its encryption protecting method to monitoring data are specific
For:
S1, detect that a file system driving module calls data;
Call type corresponding to S2, query calls;Call type comprises at least storage data and extraction data, the storage
The corresponding cryptographic operation of data, the corresponding decryption oprerations of extraction data;
S3, according to corresponding to calling class strong cryptographic operation or decryption oprerations to the current calling of file system driving module
Data are handled;
S4, according to corresponding to the call type cryptographic operation or decryption oprerations to the current tune of file system driving module
Data are handled, and are specifically included:In cryptographic operation, the clear data that application transfer is come is received, calls one to add
Close algorithm, ciphertext data are generated after clear data is encrypted, ciphertext data are stored in list is stored corresponding to application program
In member.
Its encryption protecting method to monitoring data also includes cryptographic operation or decryption behaviour according to corresponding to call type
Make to handle the data of the current calling of file system driving module, specifically include:In decryption oprerations, application program is found
Corresponding memory cell, and the ciphertext data in memory cell are called, a decipherment algorithm is called, after ciphertext data are decrypted
Generate clear data;Notify application program processing clear data.
Detect that a file system driving module calls data, also included before:After electrically activating on an electronic device,
When in the BOOT LOADER stages, the key of input is received, the key is the encryption key of cryptographic operation, and decryption
The decruption key of operation.
The number of cryptographic operation or decryption oprerations to the current calling of file system driving module according to corresponding to call type
According to being handled, specifically include:Detect currently without the key that can be used.
Preferably, the intercepting and capturing unit is specifically used for calling external interface driving, is driven by external interface and intercepts and captures file
Information.
Preferably, the file attribute information also includes filename and file directory information;Device also includes memory cell,
For the file driving in call operation system, using file driving from file attribute information extraction document name and file directory
Information, for the volume directory management system in call operation system, using volume directory management system by filename and file directory
The storage location that information storage is specified to file directory information.
Preferably, the operating system is Windows operating system, and the memory cell is specifically used for calling file system
NTFS connects door, using file system NTFS interfaces from file attribute information extraction document name and directory information.
Preferably, the storage detecting system also includes authentication device, and authentication device is used in security strategy input unit
Before the security strategy for receiving staff's input, the authority of staff is authenticated.
The foregoing is only a preferred embodiment of the present invention, but protection scope of the present invention be not limited thereto,
Any one skilled in the art the invention discloses technical scope in, technique according to the invention scheme and its
Inventive concept is subject to equivalent substitution or change, should all be included within the scope of the present invention.
Claims (6)
1. a kind of image-forming media protection device based on Internet of Things, it is specially that one kind is used to protect to monitor number in storage module
According to encipherment protection module, it is characterised in that the encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, again
Directed element, security strategy receiving unit, security strategy input unit and storage detection means;The intercepting and capturing unit is respectively with sentencing
Disconnected unit is connected with memory cell, and the judging unit is connected with security strategy receiving unit and redirection unit respectively, described
Redirect unit and be connected with two storage regions;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured includes file attribute information and file content,
The file attribute information includes file security information;
The level of security obtaining unit is used to be obtained in file according to the file security information according to the security strategy of setting
The level of security of appearance;
If the unit that redirects reaches default severity level for the level of security obtained, file content is redirected to
First storage region is stored;If the level of security obtained is not reaching to default severity level, file content is reset
Stored to the second storage region, the data storage safety of second storage region is less than the number of the first storage region
According to storage security;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to level of security to obtain
Unit is obtained to obtain the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the security strategy that will be received
Send to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured includes file attribute information and file
Content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security information
Obtain the level of security of file content;If the level of security obtained reaches default severity level, file content is redirected
Stored to the first storage region;If the level of security obtained is not reaching to default severity level, file content is redirected
Stored to the second storage region, the data storage safety of second storage region is less than the data storage of the first storage region
Security.
A kind of 2. image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that according to
Cryptographic operation corresponding to call type or decryption oprerations are handled the data of the current calling of file system driving module, tool
Body includes:Detect currently without the key that can be used.
3. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described
Intercept and capture unit to be specifically used for calling external interface driving, driven by external interface and intercept and capture fileinfo.
4. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described
File attribute information also includes filename and file directory information;Device also includes memory cell, in call operation system
File driving, using file driving from file attribute information extraction document name and file directory information, for call operation
Volume directory management system in system, filename and file directory information storage are arrived into file directory using volume directory management system
The storage location that information is specified.
5. a kind of image-forming media protection device based on Internet of Things according to claim 4, it is characterised in that described
Operating system is Windows operating system, and the memory cell is specifically used for calling file system NTFS to connect door, utilizes file system
System NTFS interfaces extraction document name and directory information from file attribute information.
6. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described
Storage detecting system also includes authentication device, and authentication device is used for the peace that staff's input is received in security strategy input unit
Before full strategy, the authority of staff is authenticated.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710663687.0A CN107463515A (en) | 2017-08-06 | 2017-08-06 | A kind of image-forming media protection device based on Internet of Things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710663687.0A CN107463515A (en) | 2017-08-06 | 2017-08-06 | A kind of image-forming media protection device based on Internet of Things |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107463515A true CN107463515A (en) | 2017-12-12 |
Family
ID=60548340
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710663687.0A Pending CN107463515A (en) | 2017-08-06 | 2017-08-06 | A kind of image-forming media protection device based on Internet of Things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107463515A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020023225A1 (en) * | 2000-08-08 | 2002-02-21 | Lomnes Randy Keith | Method and system for automatically preserving persistent storage |
CN103620606A (en) * | 2013-06-20 | 2014-03-05 | 华为技术有限公司 | Storage detecting apparatus, system, and method |
CN107315974A (en) * | 2017-06-20 | 2017-11-03 | 黄河科技学院 | A kind of image-forming media protection device based on Internet of Things |
-
2017
- 2017-08-06 CN CN201710663687.0A patent/CN107463515A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020023225A1 (en) * | 2000-08-08 | 2002-02-21 | Lomnes Randy Keith | Method and system for automatically preserving persistent storage |
CN103620606A (en) * | 2013-06-20 | 2014-03-05 | 华为技术有限公司 | Storage detecting apparatus, system, and method |
CN107315974A (en) * | 2017-06-20 | 2017-11-03 | 黄河科技学院 | A kind of image-forming media protection device based on Internet of Things |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10055559B2 (en) | Security device, methods, and systems for continuous authentication | |
Mayer | Security and privacy challenges in the internet of things | |
TWI678616B (en) | File detection method, device and system | |
US20230045087A1 (en) | Method for Remedying a Security Breach on a Mobile Device | |
CN105740046B (en) | A kind of virtual machine process behavior monitoring method and system based on dynamic base | |
CN204606551U (en) | Internet of Things anti-counterfeit anti-theft package bin | |
JP2008541273A5 (en) | ||
US10943026B2 (en) | Tagging and auditing sensitive information in a database environment | |
CN105678193B (en) | A kind of anti-tamper treating method and apparatus | |
CN111581621A (en) | Data security processing method, device, system and storage medium | |
TWM591118U (en) | Storage facility | |
CN107315974A (en) | A kind of image-forming media protection device based on Internet of Things | |
CN201489538U (en) | Terminal safety and security equipment | |
CN107463515A (en) | A kind of image-forming media protection device based on Internet of Things | |
CN106162083B (en) | A kind of HD video superposition processing system and its method for carrying out safety certification | |
TWI735373B (en) | Safekeeping apparatus with image capturing device | |
Saravanan et al. | Portable appliance penetration testing and susceptibility assessment | |
JP5718757B2 (en) | Image management apparatus, image management program, and image management method | |
CN107797731B (en) | Information processing method, system and mobile terminal | |
Bhomia et al. | Anti-theft hybrid solution for tracking & locating mobile devices with data security | |
CA3043983A1 (en) | Tagging and auditing sensitive information in a database environment | |
EP3921757B1 (en) | Dynamic application security posture change based on physical vulnerability | |
US11604938B1 (en) | Systems for obscuring identifying information in images | |
WO2017054482A1 (en) | Method and apparatus for controlling network operation | |
TWI735374B (en) | Safekeeping apparatus with function of storing image related data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171212 |
|
RJ01 | Rejection of invention patent application after publication |