CN107463515A - A kind of image-forming media protection device based on Internet of Things - Google Patents

A kind of image-forming media protection device based on Internet of Things Download PDF

Info

Publication number
CN107463515A
CN107463515A CN201710663687.0A CN201710663687A CN107463515A CN 107463515 A CN107463515 A CN 107463515A CN 201710663687 A CN201710663687 A CN 201710663687A CN 107463515 A CN107463515 A CN 107463515A
Authority
CN
China
Prior art keywords
security
file
storage
level
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710663687.0A
Other languages
Chinese (zh)
Inventor
周海云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201710663687.0A priority Critical patent/CN107463515A/en
Publication of CN107463515A publication Critical patent/CN107463515A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement

Abstract

The invention discloses a kind of image-forming media protection device based on Internet of Things; it is mainly used in monitoring camera field; for not high for storing the storage facilities security of monitoring data in the prior art; the problem of effectively monitoring information can not being protected safe; protection is encrypted to the monitoring data in storage module by encipherment protection module; prevent unauthorized management person from being checked to sensitive data, distort, delete, protect the safety of monitoring data, lifting monitoring level of security.The encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, redirects unit, security strategy receiving unit, security strategy input unit and storage detection means.The high monitoring data content of level of security after judging the level of security of monitoring data, is redirected to the high storage region of storage security by encipherment protection module by intercepting and capturing fileinfo, realizes the division that safe class is carried out to different monitoring datas.

Description

A kind of image-forming media protection device based on Internet of Things
Technical field
The present invention relates to field of photography, more particularly to a kind of image-forming media protection device based on Internet of Things.
Background technology
The definition of Internet of Things is by radio frequency identification (RFID), infrared inductor, global positioning system, laser scanner etc. Information sensing device, by the agreement of agreement, any article is connected with internet, enters row information and exchange and communicate, to realize To a kind of network of the Weigh sensor of article, positioning, tracking, monitoring and management.In the prior art, data needs stored The identification of level of security is carried out, some is identified by the difference of application.For example, according to the IP address from different servers To identify, this identification method is commonly available to different application and corresponds to different level of securitys, also, different application is stored in not On same server, so it can use the IP address of server that the data for needing to store are done into security classification;For A variety of to apply on same server, different business realizes Business Stream using fire wall or interchanger by TCP or udp port Control is oriented to, can generally be had by port numbers corresponding to different application to distinguish the application of different safety class, for example, in advance It is high safety rank to set the application received from some port, and the application received from some port is lower security rank.
The patent of Application No. 200580045909.8 proposes a kind of data processing equipment with memory protection unit, With the memory for being operable to data storage value;A kind of memory protection unit, it is operable to storage attribute and the storage A part for device is associated, and identifies multiple storage regions corresponding to the memory appropriate address scope.The storage Protection location is operable at least one in the multiple storage region with corresponding memory region specifier being associated, institute Stating memory region specifier includes being used for the attribute field for the set of memory attributes that definition associates with the storage region and is used for Preserve the sub-region field of sub-region membership value.The sub-region membership value is multiple sub-districts of the storage region Each of domain provides that corresponding subregion is member sub-region or non-member subregion so that by the storage attribute application In the member sub-region but it bel not applied to the non-member subregion.But the patent does not have to the safe class of data storage Divided, system processes data pressure is big, it is difficult to keep system run all right, practicality is not high.
The patent of Application No. 200810096112.6 proposes guard method and the device of a kind of storage medium, and it is applied In the storage device including some variety classes storage mediums, including step:Unified the storage medium structure and information Management;Divide logical blocks;The physical block minimum to erasable number easy to find;The minimum physical block of erasable number is provided to carry out Data storage.The present invention uses the device of the guard method of storage medium, satisfactory erasable by being provided for data storage The minimum physical block of number, realize the purpose of storage medium in protection device.But if the patent is applied to monitoring field, nothing Method carries out security isolation to the monitoring data of each control point, can not solve unauthorized management person and check, distorts, deletes sensitive data The problem of.
The content of the invention
It is high for storing the storage facilities security of monitoring data in the prior art the invention aims to solve, The problem of effectively monitoring information can not being protected safe, and a kind of image-forming media protection device based on Internet of Things proposed.
To achieve these goals, present invention employs following technical scheme:
A kind of image-forming media protection device based on Internet of Things, it is specially that one kind is used to protect in storage module to monitor The encipherment protection module of data, the encipherment protection module include intercept and capture unit, level of security obtaining unit, redirect unit, Security strategy receiving unit, security strategy input unit and storage detection means;It is described intercepting and capturing unit respectively with judging unit and Memory cell is connected, and the judging unit is connected with security strategy receiving unit and redirection unit respectively, described to redirect list Member is connected with two storage regions;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured is included in file attribute information and file Hold, the file attribute information includes file security information;
The level of security obtaining unit is used to obtain text according to the file security information according to the security strategy of setting The level of security of part content;
If the unit that redirects reaches default severity level for the level of security obtained, file content is reset Stored to the first storage region;If the level of security obtained is not reaching to default severity level, by file content It is redirected to the second storage region to be stored, the data storage safety of second storage region is less than the first storage region Data storage safety;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to safe level Other obtaining unit is obtaining the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the safety that will be received Strategy is sent to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured include file attribute information and File content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security The level of security of information acquisition file content;If the level of security obtained reaches default severity level, by file content weight It is directed to the storage of the first storage region;If the level of security obtained is not reaching to default severity level, by file content weight The storage of the second storage region is directed to, the data storage safety of second storage region is less than the data of the first storage region Storage security.
Preferably, according to corresponding to call type cryptographic operation or decryption oprerations to the current tune of file system driving module Data are handled, and are specifically included:Detect currently without the key that can be used.
Preferably, the intercepting and capturing unit is specifically used for calling external interface driving, is driven by external interface and intercepts and captures file Information.
Preferably, the file attribute information also includes filename and file directory information;Device also includes memory cell, For the file driving in call operation system, using file driving from file attribute information extraction document name and file directory Information, for the volume directory management system in call operation system, using volume directory management system by filename and file directory The storage location that information storage is specified to file directory information.
Preferably, the operating system is Windows operating system, and the memory cell is specifically used for calling file system NTFS connects door, using file system NTFS interfaces from file attribute information extraction document name and directory information.
Preferably, the storage detecting system also includes authentication device, and authentication device is used in security strategy input unit Before the security strategy for receiving staff's input, the authority of staff is authenticated.
Compared with prior art, the beneficial effects of the invention are as follows:
1st, the present invention is by intercepting and capturing monitoring data information, after judging the level of security of monitoring data, by safe level Not high monitoring data is redirected to the high storage region of storage security, carries out the judgement of level of security in itself to monitoring data And stored and transparent to staff, realize and safe class is carried out to monitoring data different caused by same application Division.
2nd, support a file system to drive during dynamic model block is called to data in kernel, logarithm is realized in kernel According to encrypting and decrypting operate, and this encrypting and decrypting operation be for staff it is sightless, do not influenceing using storage mould While the memory function of block, the security of monitoring data is improved.
Brief description of the drawings
Fig. 1 is that a kind of image-forming media protection device based on Internet of Things proposed by the present invention is applied to monitoring field Structural representation;
Fig. 2 is a kind of structural representation of the image-forming media protection device based on Internet of Things proposed by the present invention;
Fig. 3 is a kind of another structural representation of the image-forming media protection device based on Internet of Things proposed by the present invention Figure;
Fig. 4 is a kind of method of work flow of the image-forming media protection device based on Internet of Things proposed by the present invention Figure.
Embodiment
The technical scheme in the embodiment of the present invention will be clearly and completely described below, it is clear that described implementation Example only part of the embodiment of the present invention, rather than whole embodiments.
Reference picture 1-4, a kind of image-forming media protection device based on Internet of Things, it is mainly used in monitoring camera neck Domain, protection is encrypted to monitoring data, prevents unauthorized management person from being checked to sensitive data, distort, delete, protect prison Control the safety of data, lifting monitoring level of security.Photographing module is connected with image processor, and image processor is connected with storage mould Block, image processor are handled the monitored picture that photographing module photographs, and the monitoring data after processing is stored in into storage It is convenient to have access in the future in storing module.To ensure the safety of monitoring data in storage module, storage module is connected with encipherment protection mould Block, encipherment protection module the data in memory module are encrypted protection, lift security.
The encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, redirects unit, security strategy reception Unit, security strategy input unit and storage detection means;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured is included in file attribute information and file Hold, the file attribute information includes file security information;
The level of security obtaining unit is used to obtain text according to the file security information according to the security strategy of setting The level of security of part content;
If the unit that redirects reaches default severity level for the level of security obtained, file content is reset Stored to the first storage region;If the level of security obtained is not reaching to default severity level, by file content It is redirected to the second storage region to be stored, the data storage safety of second storage region is less than the first storage region Data storage safety;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to safe level Other obtaining unit is obtaining the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the safety that will be received Strategy is sent to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured include file attribute information and File content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security The level of security of information acquisition file content;If the level of security obtained reaches default severity level, by file content weight It is directed to the storage of the first storage region;If the level of security obtained is not reaching to default severity level, by file content weight The storage of the second storage region is directed to, the data storage safety of second storage region is less than the data of the first storage region Storage security.
A kind of image-forming media protection device based on Internet of Things, its encryption protecting method to monitoring data are specific For:
S1, detect that a file system driving module calls data;
Call type corresponding to S2, query calls;Call type comprises at least storage data and extraction data, the storage The corresponding cryptographic operation of data, the corresponding decryption oprerations of extraction data;
S3, according to corresponding to calling class strong cryptographic operation or decryption oprerations to the current calling of file system driving module Data are handled;
S4, according to corresponding to the call type cryptographic operation or decryption oprerations to the current tune of file system driving module Data are handled, and are specifically included:In cryptographic operation, the clear data that application transfer is come is received, calls one to add Close algorithm, ciphertext data are generated after clear data is encrypted, ciphertext data are stored in list is stored corresponding to application program In member.
Its encryption protecting method to monitoring data also includes cryptographic operation or decryption behaviour according to corresponding to call type Make to handle the data of the current calling of file system driving module, specifically include:In decryption oprerations, application program is found Corresponding memory cell, and the ciphertext data in memory cell are called, a decipherment algorithm is called, after ciphertext data are decrypted Generate clear data;Notify application program processing clear data.
Detect that a file system driving module calls data, also included before:After electrically activating on an electronic device, When in the BOOT LOADER stages, the key of input is received, the key is the encryption key of cryptographic operation, and decryption The decruption key of operation.
The number of cryptographic operation or decryption oprerations to the current calling of file system driving module according to corresponding to call type According to being handled, specifically include:Detect currently without the key that can be used.
Preferably, the intercepting and capturing unit is specifically used for calling external interface driving, is driven by external interface and intercepts and captures file Information.
Preferably, the file attribute information also includes filename and file directory information;Device also includes memory cell, For the file driving in call operation system, using file driving from file attribute information extraction document name and file directory Information, for the volume directory management system in call operation system, using volume directory management system by filename and file directory The storage location that information storage is specified to file directory information.
Preferably, the operating system is Windows operating system, and the memory cell is specifically used for calling file system NTFS connects door, using file system NTFS interfaces from file attribute information extraction document name and directory information.
Preferably, the storage detecting system also includes authentication device, and authentication device is used in security strategy input unit Before the security strategy for receiving staff's input, the authority of staff is authenticated.
The foregoing is only a preferred embodiment of the present invention, but protection scope of the present invention be not limited thereto, Any one skilled in the art the invention discloses technical scope in, technique according to the invention scheme and its Inventive concept is subject to equivalent substitution or change, should all be included within the scope of the present invention.

Claims (6)

1. a kind of image-forming media protection device based on Internet of Things, it is specially that one kind is used to protect to monitor number in storage module According to encipherment protection module, it is characterised in that the encipherment protection module includes intercepting and capturing unit, level of security obtaining unit, again Directed element, security strategy receiving unit, security strategy input unit and storage detection means;The intercepting and capturing unit is respectively with sentencing Disconnected unit is connected with memory cell, and the judging unit is connected with security strategy receiving unit and redirection unit respectively, described Redirect unit and be connected with two storage regions;
The intercepting and capturing unit is used to intercept and capture fileinfo, and the fileinfo intercepted and captured includes file attribute information and file content, The file attribute information includes file security information;
The level of security obtaining unit is used to be obtained in file according to the file security information according to the security strategy of setting The level of security of appearance;
If the unit that redirects reaches default severity level for the level of security obtained, file content is redirected to First storage region is stored;If the level of security obtained is not reaching to default severity level, file content is reset Stored to the second storage region, the data storage safety of second storage region is less than the number of the first storage region According to storage security;
The security strategy receiving unit is used to receive the security strategy, and the security strategy received is supplied to level of security to obtain Unit is obtained to obtain the level of security of file content;
The security strategy input unit, for receiving the security strategy of staff's input, and the security strategy that will be received Send to the storage detection means;
The storage detection means, for intercepting and capturing fileinfo, the fileinfo intercepted and captured includes file attribute information and file Content;File attribute information includes:File security information;Security strategy is received, according to security strategy according to file security information Obtain the level of security of file content;If the level of security obtained reaches default severity level, file content is redirected Stored to the first storage region;If the level of security obtained is not reaching to default severity level, file content is redirected Stored to the second storage region, the data storage safety of second storage region is less than the data storage of the first storage region Security.
A kind of 2. image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that according to Cryptographic operation corresponding to call type or decryption oprerations are handled the data of the current calling of file system driving module, tool Body includes:Detect currently without the key that can be used.
3. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described Intercept and capture unit to be specifically used for calling external interface driving, driven by external interface and intercept and capture fileinfo.
4. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described File attribute information also includes filename and file directory information;Device also includes memory cell, in call operation system File driving, using file driving from file attribute information extraction document name and file directory information, for call operation Volume directory management system in system, filename and file directory information storage are arrived into file directory using volume directory management system The storage location that information is specified.
5. a kind of image-forming media protection device based on Internet of Things according to claim 4, it is characterised in that described Operating system is Windows operating system, and the memory cell is specifically used for calling file system NTFS to connect door, utilizes file system System NTFS interfaces extraction document name and directory information from file attribute information.
6. a kind of image-forming media protection device based on Internet of Things according to claim 1, it is characterised in that described Storage detecting system also includes authentication device, and authentication device is used for the peace that staff's input is received in security strategy input unit Before full strategy, the authority of staff is authenticated.
CN201710663687.0A 2017-08-06 2017-08-06 A kind of image-forming media protection device based on Internet of Things Pending CN107463515A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710663687.0A CN107463515A (en) 2017-08-06 2017-08-06 A kind of image-forming media protection device based on Internet of Things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710663687.0A CN107463515A (en) 2017-08-06 2017-08-06 A kind of image-forming media protection device based on Internet of Things

Publications (1)

Publication Number Publication Date
CN107463515A true CN107463515A (en) 2017-12-12

Family

ID=60548340

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710663687.0A Pending CN107463515A (en) 2017-08-06 2017-08-06 A kind of image-forming media protection device based on Internet of Things

Country Status (1)

Country Link
CN (1) CN107463515A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023225A1 (en) * 2000-08-08 2002-02-21 Lomnes Randy Keith Method and system for automatically preserving persistent storage
CN103620606A (en) * 2013-06-20 2014-03-05 华为技术有限公司 Storage detecting apparatus, system, and method
CN107315974A (en) * 2017-06-20 2017-11-03 黄河科技学院 A kind of image-forming media protection device based on Internet of Things

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023225A1 (en) * 2000-08-08 2002-02-21 Lomnes Randy Keith Method and system for automatically preserving persistent storage
CN103620606A (en) * 2013-06-20 2014-03-05 华为技术有限公司 Storage detecting apparatus, system, and method
CN107315974A (en) * 2017-06-20 2017-11-03 黄河科技学院 A kind of image-forming media protection device based on Internet of Things

Similar Documents

Publication Publication Date Title
US10055559B2 (en) Security device, methods, and systems for continuous authentication
Mayer Security and privacy challenges in the internet of things
TWI678616B (en) File detection method, device and system
US20230045087A1 (en) Method for Remedying a Security Breach on a Mobile Device
CN105740046B (en) A kind of virtual machine process behavior monitoring method and system based on dynamic base
CN204606551U (en) Internet of Things anti-counterfeit anti-theft package bin
JP2008541273A5 (en)
US10943026B2 (en) Tagging and auditing sensitive information in a database environment
CN105678193B (en) A kind of anti-tamper treating method and apparatus
CN111581621A (en) Data security processing method, device, system and storage medium
TWM591118U (en) Storage facility
CN107315974A (en) A kind of image-forming media protection device based on Internet of Things
CN201489538U (en) Terminal safety and security equipment
CN107463515A (en) A kind of image-forming media protection device based on Internet of Things
CN106162083B (en) A kind of HD video superposition processing system and its method for carrying out safety certification
TWI735373B (en) Safekeeping apparatus with image capturing device
Saravanan et al. Portable appliance penetration testing and susceptibility assessment
JP5718757B2 (en) Image management apparatus, image management program, and image management method
CN107797731B (en) Information processing method, system and mobile terminal
Bhomia et al. Anti-theft hybrid solution for tracking & locating mobile devices with data security
CA3043983A1 (en) Tagging and auditing sensitive information in a database environment
EP3921757B1 (en) Dynamic application security posture change based on physical vulnerability
US11604938B1 (en) Systems for obscuring identifying information in images
WO2017054482A1 (en) Method and apparatus for controlling network operation
TWI735374B (en) Safekeeping apparatus with function of storing image related data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171212

RJ01 Rejection of invention patent application after publication