CN110032840A - A kind of method of the medical instrument access privilege control of pair of external storage equipment - Google Patents
A kind of method of the medical instrument access privilege control of pair of external storage equipment Download PDFInfo
- Publication number
- CN110032840A CN110032840A CN201910304527.6A CN201910304527A CN110032840A CN 110032840 A CN110032840 A CN 110032840A CN 201910304527 A CN201910304527 A CN 201910304527A CN 110032840 A CN110032840 A CN 110032840A
- Authority
- CN
- China
- Prior art keywords
- storage equipment
- medical devices
- signature
- autorun
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses the methods of the medical instrument access privilege control of a kind of pair of external storage equipment, are assigned to the access right grade that the owner of current storage devices has Medical Devices by storing one in the equipment competence profile with MD5 signature.It, will corresponding access right in owner's open configuration file to current storage devices when Medical Devices host passes through the competence profile sign test in storage equipment;When Medical Devices host does not recognize the sign test failure of competence profile or configuration file in storage equipment, then Medical Devices host directly pops up the storage equipment, and the menu lock function of Medical Devices host will not release.The access right management of Medical Devices is realized by the way that the competence profile signed with MD5 is arranged in storage equipment, solves the problems, such as the access right of current medical instrument.
Description
Technical field
The present invention relates to a kind of data permission access method more particularly to the Medical treatment devices of a kind of pair of external storage equipment
The method of tool access privilege control.
Background technique
Medical instrument (band store function) at present, does not have very good solution method to the access control of user right;It is any
People can copy the data in host with USB flash disk or mobile hard disk, cause the leakage of patient information privacy;Some instruments can be with
Upgraded by movable storage device, if host is not stringent enough to the verifying of upgrade procedure, program midway is tampered just
Serious consequence can be caused to host system, there are the security risks of medical instrument;It, can be to master after anyone takes host equipment
Machine carries out all operations, is easy to adjust disorderly some advanced parameters, influences the effect of the optimal use of instrument.Lead to the original of problem above
Because being exactly not do access right management to medical instrument, do not access permission control to storing equipment.
Therefore, the existing technology needs to be improved and developed.
Summary of the invention
The purpose of the present invention is to provide the method for the medical instrument access privilege control of a kind of pair of external storage equipment, purports
Solving the problem of that existing public medical instrument do not have rights management not to be able to satisfy requirement.
Technical scheme is as follows: the method for the medical instrument access privilege control of a kind of pair of external storage equipment,
Wherein, specifically includes the following steps:
Step S1: after Medical Devices host identification storage equipment, load store equipment;
Step S2: it whether there is competence profile in Medical Devices host judgement storage equipment, be to execute step S3- step
S4, it is no, execute step S5;
Step S3: Medical Devices host reads the permission in storage equipment in competence profile, according to the permission pair read
The corresponding function in the open Medical Devices host OSD menu of equipment is stored, assigns storage equipment to doctor according to the permission read
Treat the corresponding access authority of device Host;
Step S4: authorization is completed;
Step S5: Medical Devices host system prompts user's error message, and pops up storage equipment.
The method of the medical instrument access privilege control to external storage equipment, wherein sign and test by MD5
Sign the consistency to guarantee storage equipment competence profile.
The method of the medical instrument access privilege control to external storage equipment, wherein sign and test by MD5
The consistency to guarantee storage equipment competence profile is signed, authority configuration document is set in storage equipment in advance, to permission
Configuration documentation carries out MD5 signature, then is verified by MD5 signature of the Medical Devices host to authority configuration document.
The method of the medical instrument access privilege control to external storage equipment, wherein in advance in storage equipment
The authority configuration document of middle setting band signature, detailed process is as follows: in storage equipment two file autorun.inf of setting with
usr.ico;Wherein, usr.ico is for changing storage equipment in the display icon of PC computer;And in autorun.inf file
Information indicate storage equipment possessed by access authority and MD5 signing messages;
In addition, storage equipment and Medical Devices host abide by an agreement document jointly, the specific format of the agreement document with
Content is as follows:
1. [autorun];
2. ICON=usr.ico, 0;
3. ACCOUNT=user/admin;
4. KEY=password;
5. SERIAL=storage equipment Serial Number;
6. SINGN=MD5 check code;
Wherein, the 2nd row indicates that storage equipment is shown as usr.ico icon after the identification of PC computer;
3rd row indicates that storage equipment is that perhaps user or admin may be selected in administrator right to normal user permission;
4th row indicates agreement password, for the autorun.inf document of encrypted memory device, stores equipment and Medical Devices master
It is confidential to use identical password;
5th row indicates the sequence number of storage equipment;
6th row indicates the check code generated after 1-5 row information MD5 check code, is used as signature;
Wherein, the document of the 1st, 2,3,4,5 row composition, is named as information shelves;The document of 1st, 2,3,6 row composition, is named as label
Name shelves are simultaneously stored in autorun.inf file.
The method of the medical instrument access privilege control to external storage equipment, wherein to storage equipment permission
Configuration documentation carries out MD5 signature, specifically includes the following steps:
Step A0: 1,2,3,4,5 rows composition blank information shelves newly-built information shelves: are extracted from agreement document;
Step A1: perfect information shelves: the access authority (user or admin) that specified current storage devices are endowed is assigned to newly
The ACCOUNT field of information shelves is built, the sequence number for extracting storage equipment is assigned to the SERIAL field of newly-built information shelves, use and doctor
The password for treating device Host agreement is assigned to the KEY field of newly-built information shelves;
Step A2: md5 encryption is carried out to the information shelves after improving: the information shelves MD5 algorithm for encryption after improving is generated 16
MD5 check code;
Step A3: generate signature: according to improve after information shelves and MD5 check code sort out signature;
Step A4: signature name at autorun.inf file, being put into togerther in storage equipment together with usr.ico file, complete
At the authorization of storage equipment.
The method of the medical instrument access privilege control to external storage equipment, wherein the tool of the step A3
Body process is as follows:
Step a31: creation signature: the 1st, 2,3,6 row is extracted from agreement document, generates blank signature;
Step a32: it improves signature: according to the information shelves after improving, the ACCOUNT value complement of newly-built signature being charged whole;?
The MD5 check code that step A2 is generated fills out the SINGN field for being assigned to newly-built signature, obtains signature.
The method of the medical instrument access privilege control to external storage equipment, wherein, will in the step A4
Autorun.inf file and usr.ico file are put into togerther under the root of storage equipment and stash or be cured to storage
In equipment, wherein the solidification of USB flash disk can be realized with USB flash disk production tool.
The method of the medical instrument access privilege control to external storage equipment, wherein Medical Devices host pair
Store equipment in competence profile carry out MD5 sign test: the step S2 and step S3 specifically includes the following steps:
Step s21: it whether there is autorun.inf file in Medical Devices host judgement storage equipment, be to execute step s22-
Step s27, no, execution step S5;
Step s22: Medical Devices host reads the autorun.inf file in storage equipment, and extracts autorun.inf file
ACCOUNT and SINGN field, save;
Step s23: Medical Devices host reads the sequence number SERIAL in storage equipment;
Step s24: the rule arranged according to information shelves, Medical Devices host autorun.inf the file information, depositing of reading
Equipment Serial Number SERIAL information and agreement password KEY are stored up, restores and generates information shelves;
Step s25: the information shelves after recovery are generated new MD5 check code with md5 encryption by Medical Devices host;
Step s26: Medical Devices host compares autorun.inf in newly-generated MD5 check code and the storage equipment extracted
Whether the SINGN field value of file is consistent, is, executes step s27, no, executes step S5;
Step s27: Medical Devices host extracts the ACCOUNT field value of autorun.inf file in storage equipment, according to reading
To permission to the corresponding function in the open Medical Devices host OSD menu of storage equipment, and assign storage equipment and medical treatment set
The standby corresponding access authority of host.
Beneficial effects of the present invention: the present invention is by providing the medical instrument access authority control of a kind of pair of external storage equipment
The method of system is assigned to gathering around for current storage devices by storing one in the equipment competence profile with MD5 signature
The access right grade that the person of having has Medical Devices.When Medical Devices host is to the competence profile sign test in storage equipment
Pass through, it will corresponding access right in owner's open configuration file to current storage devices;When Medical Devices host does not have
There is the sign test failure for recognizing competence profile or configuration file in storage equipment, then Medical Devices host, which directly pops up, is somebody's turn to do
Equipment is stored, the menu lock function of Medical Devices host will not release.By the way that the permission signed with MD5 is arranged in storage equipment
Configuration file realizes the access right management of Medical Devices, solves the problems, such as the access right of current medical instrument.
Detailed description of the invention
Fig. 1 is the step flow chart of the method in the present invention to the medical instrument access privilege control of external storage equipment.
Fig. 2 is the schematic diagram for carrying out MD5 authorization encryption in the present invention to document in storage equipment.
Specific embodiment
Embodiments of the present invention are described below in detail, the example of the embodiment is shown in the accompanying drawings, wherein from beginning
Same or similar element or element with the same or similar functions are indicated to same or similar label eventually.Below by ginseng
The embodiment for examining attached drawing description is exemplary, and for explaining only the invention, and is not considered as limiting the invention.
In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", " length ", " width ",
" thickness ", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside", " up time
The orientation or positional relationship of the instructions such as needle ", " counterclockwise " is to be based on the orientation or positional relationship shown in the drawings, and is merely for convenience of
The description present invention and simplified description, rather than the device or element of indication or suggestion meaning must have a particular orientation, with spy
Fixed orientation construction and operation, therefore be not considered as limiting the invention.In addition, term " first ", " second " are only used for
Purpose is described, relative importance is not understood to indicate or imply or implicitly indicates the quantity of indicated technical characteristic.
" first " is defined as a result, the feature of " second " can explicitly or implicitly include one or more feature.?
In description of the invention, the meaning of " plurality " is two or more, unless otherwise specifically defined.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected or can mutually communicate;It can be directly connected, it can also be by between intermediary
It connects connected, can be the connection inside two elements or the interaction relationship of two elements.For the ordinary skill of this field
For personnel, the specific meanings of the above terms in the present invention can be understood according to specific conditions.
In the present invention unless specifically defined or limited otherwise, fisrt feature second feature "upper" or "lower"
It may include that the first and second features directly contact, also may include that the first and second features are not direct contacts but pass through it
Between other characterisation contact.Moreover, fisrt feature includes the first spy above the second feature " above ", " above " and " above "
Sign is right above second feature and oblique upper, or is merely representative of first feature horizontal height higher than second feature.Fisrt feature exists
Second feature " under ", " lower section " and " following " include that fisrt feature is directly below and diagonally below the second feature, or is merely representative of
First feature horizontal height is less than second feature.
Following disclosure provides many different embodiments or example is used to realize different structure of the invention.In order to
Simplify disclosure of the invention, hereinafter the component of specific examples and setting are described.Certainly, they are merely examples, and
And it is not intended to limit the present invention.In addition, the present invention can in different examples repeat reference numerals and/or reference letter,
This repetition is for purposes of simplicity and clarity, itself not indicate between discussed various embodiments and/or setting
Relationship.In addition, the present invention provides various specific techniques and material example, but those of ordinary skill in the art can be with
Recognize the application of other techniques and/or the use of other materials.
As shown in Figure 1, the method for the medical instrument access privilege control of a kind of pair of external storage equipment, specifically includes following
Step:
Step S1: after Medical Devices host identification storage equipment, load store equipment;
Step S2: it whether there is competence profile in Medical Devices host judgement storage equipment, be to execute step S3- step
S4, it is no, execute step S5;
Step S3: Medical Devices host reads the permission in storage equipment in competence profile, according to the permission pair read
The corresponding function in the open Medical Devices host OSD menu of equipment is stored, assigns storage equipment to doctor according to the permission read
Treat the corresponding access authority of device Host;
Step S4: authorization is completed;
Step S5: Medical Devices host system prompts user's error message, and pops up storage equipment.
In order to avoid not no access authority storage equipment owner by the permission in the storage equipment with access authority
Configuration file copies in the storage equipment of not access authority, and the illegal access authority for obtaining Medical Devices host, this is externally
In the method for connecing the medical instrument access privilege control of storage equipment, pass through MD5(MD5 Message-Digest
Algorithm, MD5 Message Digest 5) signing with sign test guarantees to store the consistency of equipment competence profile.
Specifically, guarantee the consistency of storage equipment competence profile with sign test by MD5 signature, mainly in advance
Authority configuration document is set in storage equipment, MD5 signature is carried out to authority configuration document, then by Medical Devices host to power
The MD5 signature of limit configuration documentation is verified.Main process is as follows:
One, authority configuration document is set in storage equipment in advance:
Two files autorun.inf and usr.ico are set in storage equipment;Wherein, usr.ico is set for changing storage
The standby display icon in PC computer can differentiate permission that the storage equipment has by icon with more intuitive.And
Information in autorun.inf file indicates access authority and MD5 signing messages possessed by storage equipment.
In addition, storage equipment and Medical Devices host abide by an agreement document, the specific lattice of the agreement document jointly
Formula and content are as follows:
1. [autorun];
2. ICON=usr.ico, 0;
3. ACCOUNT=user/admin;
4. KEY=password;
5. SERIAL=storage equipment Serial Number;
6. SINGN=MD5 check code;
Wherein, the 2nd row indicates that storage equipment is shown as usr.ico icon after the identification of PC computer;
3rd row indicates that storage equipment is that perhaps user or admin may be selected in administrator right to normal user permission;
4th row indicates agreement password, for the autorun.inf document of encrypted memory device, stores equipment and Medical Devices master
It is confidential that using identical password, (effect that this password is arranged is: to entire autorun.inf file encryption.Because if making
With the MD5 algorithm of standard, the 1st, 2,3,5 row information people can be taken by certain methods, the signature generated in this way by MD5
It is the same;If the 4th capable not external disclosure is added, because different passwords, which is added, can all generate different MD5 check codes
(16 hexadecimal digits), other people are impossible to generate MD5 signature required for host verifies.Again because MD5 adds
Close is individual event, so being the information that can not restore original text according to this signature number);
5th row indicates the sequence number of storage equipment;
6th row indicates the check code generated after 1-5 row information MD5 check code, is used as signature;
Wherein, the document of the 1st, 2,3,4,5 row composition, is named as information shelves;The document of 1st, 2,3,6 row composition, is named as label
Name shelves are simultaneously stored in autorun.inf file.
Two, MD5 signature is carried out to authority configuration document, detailed process is as follows (as shown in Figure 2):
Step A0: 1,2,3,4,5 rows composition blank information shelves newly-built information shelves: are extracted from agreement document;
Step A1: perfect information shelves: the access authority (user or admin) that specified current storage devices are endowed is assigned to newly
The ACCOUNT field of information shelves is built, the sequence number for extracting storage equipment is assigned to the SERIAL field of newly-built information shelves, use and doctor
The password for treating device Host agreement is assigned to the KEY field of newly-built information shelves;
Step A2: md5 encryption is carried out to the information shelves after improving: the information shelves MD5 algorithm for encryption after improving is generated 16
MD5 check code;
Step A3: generate signature: according to improve after information shelves and MD5 check code sort out signature;
Step A4: signature name at autorun.inf file, being put into togerther in storage equipment together with usr.ico file, complete
At the authorization of storage equipment.
Wherein, detailed process is as follows by the step A3:
Step a31: creation signature: the 1st, 2,3,6 row is extracted from agreement document, generates blank signature;
Step a32: it improves signature: according to the information shelves after improving, the ACCOUNT value complement of newly-built signature being charged whole;?
The MD5 check code that step A2 is generated fills out the SINGN field for being assigned to newly-built signature, obtains signature.
Wherein, in the step A4, autorun.inf file and usr.ico file are put into togerther to the root of storage equipment
It stashes or is cured under catalogue in storage equipment, wherein the solidification of USB flash disk can be realized with USB flash disk production tool.
Three, it is verified by MD5 signature of the Medical Devices host to authority configuration document: the step S2 and step S3
Specifically includes the following steps:
Step s21: it whether there is autorun.inf file in Medical Devices host judgement storage equipment, be to execute step s22-
Step s27, no, execution step S5;
Step s22: Medical Devices host reads the autorun.inf file in storage equipment, and extracts autorun.inf file
ACCOUNT and SINGN field, save;
Step s23: Medical Devices host reads the sequence number SERIAL in storage equipment;
Step s24: the rule arranged according to information shelves, Medical Devices host autorun.inf the file information, depositing of reading
Equipment Serial Number SERIAL information and agreement password KEY are stored up, restores and generates information shelves;
Step s25: the information shelves after recovery are generated new MD5 check code with md5 encryption by Medical Devices host;
Step s26: Medical Devices host compares autorun.inf in newly-generated MD5 check code and the storage equipment extracted
Whether the SINGN field value of file is consistent, is, executes step s27, no, executes step S5;
Step s27: Medical Devices host extracts the ACCOUNT field value of autorun.inf file in storage equipment, according to reading
To permission to the corresponding function in the open Medical Devices host OSD menu of storage equipment, and assign storage equipment and medical treatment set
The standby corresponding access authority of host.
Competence profile of the technical program by one in storage equipment with MD5 signature is currently stored to be assigned to
The access right grade that the owner of equipment has Medical Devices.When Medical Devices host is to the authority configuration in storage equipment
File sign test passes through, will corresponding access right in owner's open configuration file to current storage devices;When medical treatment is set
Standby host does not recognize the sign test failure of competence profile or configuration file in storage equipment, then Medical Devices host is straight
It connects and pops up the storage equipment, the menu lock function of Medical Devices host will not release.By being signed in storage equipment setting band MD5
The competence profile of name realizes the access right management of Medical Devices, and the access right for solving current medical instrument asks
Topic.
Currently, medical device product (the second class, the third class medical device product of electronic data interchange) is not to using
Person realizes rights management, and the technical program has carried out that supplement is perfect to the white space, with the storage equipment with encryption information
It authorizes certain personnel to the access right of Medical Devices, has both protected the privacy information of patient, also increase Medical Devices
Using safe.
In medical device product, permission control is carried out to system with the storage equipment with encryption information, protects data
The safety of exchange, i.e., medical host can only carry out unidirectional or two-way data exchange with the storage equipment of authorization;It cures simultaneously
Treatment host is open to give the storage corresponding permission of equipment owner to control host;It stores the configuration file of equipment and stores equipment
Sequence number binding is encrypted using MD5 individual event, ensure that the one-to-one correspondence of storage equipment and access authority.
In the description of this specification, reference term " embodiment ", " certain embodiments ", " schematically implementation
What the description of mode ", " example ", " specific example " or " some examples " etc. meant to describe in conjunction with the embodiment or example
Particular features, structures, materials, or characteristics are contained at least one embodiment or example of the invention.In this specification
In, schematic expression of the above terms are not necessarily referring to identical embodiment or example.Moreover, the specific spy of description
Sign, structure, material or feature can be combined in any suitable manner in any one or more embodiments or example.
It should be understood that the application of the present invention is not limited to the above for those of ordinary skills can
With improvement or transformation based on the above description, all these modifications and variations all should belong to the guarantor of appended claims of the present invention
Protect range.
Claims (8)
1. the method for the medical instrument access privilege control of a kind of pair of external storage equipment, which is characterized in that specifically include following
Step:
Step S1: after Medical Devices host identification storage equipment, load store equipment;
Step S2: it whether there is competence profile in Medical Devices host judgement storage equipment, be to execute step S3- step
S4, it is no, execute step S5;
Step S3: Medical Devices host reads the permission in storage equipment in competence profile, according to the permission pair read
The corresponding function in the open Medical Devices host OSD menu of equipment is stored, assigns storage equipment to doctor according to the permission read
Treat the corresponding access authority of device Host;
Step S4: authorization is completed;
Step S5: Medical Devices host system prompts user's error message, and pops up storage equipment.
2. the method for the medical instrument access privilege control according to claim 1 to external storage equipment, feature exist
In, by MD5 signature with sign test come guarantee store equipment competence profile consistency.
3. the method for the medical instrument access privilege control according to claim 2 to external storage equipment, feature exist
In, by MD5 signature with sign test come guarantee store equipment competence profile consistency, in advance storage equipment in be arranged power
Configuration documentation is limited, MD5 signature is carried out to authority configuration document, then sign by MD5 of the Medical Devices host to authority configuration document
Name is verified.
4. the method for the medical instrument access privilege control according to claim 3 to external storage equipment, feature exist
In setting is with the authority configuration document signed in storage equipment in advance, and detailed process is as follows: being arranged two in storage equipment
File autorun.inf and usr.ico;Wherein, usr.ico is for changing storage equipment in the display icon of PC computer;And
Information in autorun.inf file indicates access authority and MD5 signing messages possessed by storage equipment;
In addition, storage equipment and Medical Devices host abide by an agreement document jointly, the specific format of the agreement document with
Content is as follows:
[autorun];
ICON=usr.ico, 0;
ACCOUNT=user/admin;
KEY=password;
SERIAL=storage equipment Serial Number;
SINGN=MD5 check code;
Wherein, the 2nd row indicates that storage equipment is shown as usr.ico icon after the identification of PC computer;
3rd row indicates that storage equipment is that perhaps user or admin may be selected in administrator right to normal user permission;
4th row indicates agreement password, for the autorun.inf document of encrypted memory device, stores equipment and Medical Devices master
It is confidential to use identical password;
5th row indicates the sequence number of storage equipment;
6th row indicates the check code generated after 1-5 row information MD5 check code, is used as signature;
Wherein, the document of the 1st, 2,3,4,5 row composition, is named as information shelves;The document of 1st, 2,3,6 row composition, is named as label
Name shelves are simultaneously stored in autorun.inf file.
5. the method for the medical instrument access privilege control according to claim 4 to external storage equipment, feature exist
In, MD5 signature is carried out to storage equipment authority configuration document, specifically includes the following steps:
Step A0: 1,2,3,4,5 rows composition blank information shelves newly-built information shelves: are extracted from agreement document;
Step A1: perfect information shelves: the access authority that specified current storage devices are endowed is assigned to newly-built information shelves
ACCOUNT field, the sequence number for extracting storage equipment are assigned to the SERIAL fields of newly-built information shelves, with Medical Devices host
The password of agreement is assigned to the KEY field of newly-built information shelves;
Step A2: md5 encryption is carried out to the information shelves after improving: the information shelves MD5 algorithm for encryption after improving is generated 16
MD5 check code;
Step A3: generate signature: according to improve after information shelves and MD5 check code sort out signature;
Step A4: signature name at autorun.inf file, being put into togerther in storage equipment together with usr.ico file, complete
At the authorization of storage equipment.
6. the method for the medical instrument access privilege control according to claim 5 to external storage equipment, feature exist
In detailed process is as follows by the step A3:
Step a31: creation signature: the 1st, 2,3,6 row is extracted from agreement document, generates blank signature;
Step a32: it improves signature: according to the information shelves after improving, the ACCOUNT value complement of newly-built signature being charged whole;?
The MD5 check code that step A2 is generated fills out the SINGN field for being assigned to newly-built signature, obtains signature.
7. the method for the medical instrument access privilege control according to claim 5 to external storage equipment, feature exist
In, in the step A4, by autorun.inf file and usr.ico file be put into togerther storage equipment root under hide
Get up or is cured in storage equipment.
8. according to the method for the medical instrument access privilege control of described in any item pairs of external storage equipments of claim 5-7,
It is characterized in that, Medical Devices host carries out MD5 sign test: the step S2 and step to the competence profile in storage equipment
S3 specifically includes the following steps:
Step s21: it whether there is autorun.inf file in Medical Devices host judgement storage equipment, be to execute step s22-
Step s27, no, execution step S5;
Step s22: Medical Devices host reads the autorun.inf file in storage equipment, and extracts autorun.inf file
ACCOUNT and SINGN field, save;
Step s23: Medical Devices host reads the sequence number SERIAL in storage equipment;
Step s24: the rule arranged according to information shelves, Medical Devices host autorun.inf the file information, depositing of reading
Equipment Serial Number SERIAL information and agreement password KEY are stored up, restores and generates information shelves;
Step s25: the information shelves after recovery are generated new MD5 check code with md5 encryption by Medical Devices host;
Step s26: Medical Devices host compares autorun.inf in newly-generated MD5 check code and the storage equipment extracted
Whether the SINGN field value of file is consistent, is, executes step s27, no, executes step S5;
Step s27: Medical Devices host extracts the ACCOUNT field value of autorun.inf file in storage equipment, according to reading
To permission to the corresponding function in the open Medical Devices host OSD menu of storage equipment, and assign storage equipment and medical treatment set
The standby corresponding access authority of host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910304527.6A CN110032840B (en) | 2019-04-16 | 2019-04-16 | Method for controlling access authority of medical apparatus of external storage device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910304527.6A CN110032840B (en) | 2019-04-16 | 2019-04-16 | Method for controlling access authority of medical apparatus of external storage device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110032840A true CN110032840A (en) | 2019-07-19 |
| CN110032840B CN110032840B (en) | 2022-12-02 |
Family
ID=67238591
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910304527.6A Active CN110032840B (en) | 2019-04-16 | 2019-04-16 | Method for controlling access authority of medical apparatus of external storage device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110032840B (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101105830A (en) * | 2006-07-14 | 2008-01-16 | 佳能株式会社 | Information processing apparatus, information processing method, peripheral apparatus, and authority control system |
| CN102685142A (en) * | 2012-05-23 | 2012-09-19 | 华为技术有限公司 | File authority control method, device and system |
| CN103620616A (en) * | 2013-03-28 | 2014-03-05 | 华为技术有限公司 | Access control right management method and device |
| CN103810418A (en) * | 2014-01-08 | 2014-05-21 | 北京怡和嘉业医疗科技有限公司 | Sleep breathing diagnosis and treatment device and function right control method and system thereof |
| US20140143543A1 (en) * | 2012-11-20 | 2014-05-22 | Google Inc. | Delegate authorization in cloud-based storage system |
| US8751795B2 (en) * | 2010-09-14 | 2014-06-10 | Mo-Dv, Inc. | Secure transfer and tracking of data using removable non-volatile memory devices |
| CN104657671A (en) * | 2013-11-19 | 2015-05-27 | 研祥智能科技股份有限公司 | Access authority management method and system for mobile storage device |
| CN104766021A (en) * | 2014-01-04 | 2015-07-08 | 深圳富泰宏精密工业有限公司 | Authority control system and method |
| CN105141614A (en) * | 2015-09-07 | 2015-12-09 | 北京北信源软件股份有限公司 | Method and device for controlling access permission of mobile storage device |
| CN105871558A (en) * | 2016-05-30 | 2016-08-17 | 科德数控股份有限公司 | Numerical control system authority management method based on USB flash disk physical serial number |
| CN107003831A (en) * | 2014-11-11 | 2017-08-01 | 时空防御系统有限责任公司 | The safety estimation system and method controlled for security document |
| CN107944296A (en) * | 2017-11-30 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of cloud storage system and its user authority control method, equipment, storage medium |
| CN109344605A (en) * | 2018-09-10 | 2019-02-15 | 惠尔丰电子(北京)有限公司 | A kind of authority control method and its control system of intelligence POS machine |
-
2019
- 2019-04-16 CN CN201910304527.6A patent/CN110032840B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101105830A (en) * | 2006-07-14 | 2008-01-16 | 佳能株式会社 | Information processing apparatus, information processing method, peripheral apparatus, and authority control system |
| US8751795B2 (en) * | 2010-09-14 | 2014-06-10 | Mo-Dv, Inc. | Secure transfer and tracking of data using removable non-volatile memory devices |
| CN102685142A (en) * | 2012-05-23 | 2012-09-19 | 华为技术有限公司 | File authority control method, device and system |
| US20140143543A1 (en) * | 2012-11-20 | 2014-05-22 | Google Inc. | Delegate authorization in cloud-based storage system |
| CN103620616A (en) * | 2013-03-28 | 2014-03-05 | 华为技术有限公司 | Access control right management method and device |
| CN104657671A (en) * | 2013-11-19 | 2015-05-27 | 研祥智能科技股份有限公司 | Access authority management method and system for mobile storage device |
| CN104766021A (en) * | 2014-01-04 | 2015-07-08 | 深圳富泰宏精密工业有限公司 | Authority control system and method |
| CN103810418A (en) * | 2014-01-08 | 2014-05-21 | 北京怡和嘉业医疗科技有限公司 | Sleep breathing diagnosis and treatment device and function right control method and system thereof |
| CN107003831A (en) * | 2014-11-11 | 2017-08-01 | 时空防御系统有限责任公司 | The safety estimation system and method controlled for security document |
| CN105141614A (en) * | 2015-09-07 | 2015-12-09 | 北京北信源软件股份有限公司 | Method and device for controlling access permission of mobile storage device |
| CN105871558A (en) * | 2016-05-30 | 2016-08-17 | 科德数控股份有限公司 | Numerical control system authority management method based on USB flash disk physical serial number |
| CN107944296A (en) * | 2017-11-30 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of cloud storage system and its user authority control method, equipment, storage medium |
| CN109344605A (en) * | 2018-09-10 | 2019-02-15 | 惠尔丰电子(北京)有限公司 | A kind of authority control method and its control system of intelligence POS machine |
Non-Patent Citations (4)
| Title |
|---|
| 姜传鑫: "JSF应用系统整合实现", 《电脑编程技巧与维护》 * |
| 林燕君: "如何将组策略应用于Win2K局域网管理", 《华南金融电脑》 * |
| 童强等: "基于云计算技术的电视台融合媒体内容管理平台建设与探索", 《中国广播电视学刊》 * |
| 谈诚等: "针对APT攻击中恶意USB存储设备的防护方案研究", 《信息网络安全》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110032840B (en) | 2022-12-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2572310B1 (en) | Computer motherboard having peripheral security functions | |
| CN102063591B (en) | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform | |
| US11507284B2 (en) | Storage device and control method | |
| CN101950342B (en) | Device and method for managing access control permission of integrated circuit card | |
| CN108629206B (en) | Secure encryption method, encryption machine and terminal equipment | |
| CN103649964A (en) | Secure hosted execution architecture | |
| CN101334827A (en) | Magnetic disc encryption method and magnetic disc encryption system for implementing the method | |
| CN106127077A (en) | A kind of method protecting user privacy information and terminal | |
| CN101673330A (en) | BIOS-based computer security protection method and system | |
| CN106156607B (en) | SElinux secure access method and POS terminal | |
| CN105760746A (en) | Authority management method, authority distribution method and equipment | |
| CN104680055A (en) | Control method for performing management on U disk after access into industrial control system network | |
| CN110032840A (en) | A kind of method of the medical instrument access privilege control of pair of external storage equipment | |
| CN107958523A (en) | A kind of high security access control system and control method | |
| JP2009129413A (en) | Shared management method of portable storage device, and portable storage device | |
| CN107645382A (en) | A kind of identity marking equipment and its method of work | |
| CN106095468A (en) | A kind of computer starting method and device | |
| CN111815821A (en) | IC card security algorithm applied to intelligent door lock | |
| CN101894234A (en) | COS general file access control system | |
| CN110688663A (en) | Execution command protection method and device, android device and storage medium | |
| CN105827651B (en) | A kind of access control method of SCADA system | |
| CN110929283B (en) | Hierarchical protection system of UEFI BIOS and corresponding implementation method | |
| CN103778073B (en) | Data guard method, device for mobile communication and memorizer memory devices | |
| Zhang et al. | A system architecture design scheme of the secure chip based on SoC | |
| CN205983617U (en) | Access control system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 528253 Room 503, Floor 5, Building A, Jingu Zhichuang Industrial Community, No. 2, Yong'an North Road, Dawu Community, Guicheng Street, Nanhai District, Foshan City, Guangdong Province (residence declaration) Patentee after: Guangdong Oupu Mandi Technology Co.,Ltd. Address before: 528251 504, block a, Jingu optoelectronics, No.1, Yong'an North Road, Nanhai District, Foshan City, Guangdong Province Patentee before: GUANGDONG OPTOMEDIC TECHNOLOGY CO.,LTD. |