TW201001226A - Memory device - Google Patents

Abstract

The present invention is to provide a memory device capable of constituting a thin client system to which all possible antivirus measures are applied simply by connecting the memory device to an external connection terminal of a normal PC to undergo fingerprint authentication. The memory device is provided with a memory body 1a connectable to the external connection terminal provided to a PC 2, and a fingerprint authentication device 1b. The memory body 1a comprises a storage unit 12 composed of a setting registration information storage area 12a, an OS-application storage area 12b, activation information storage areas 12c and 12d, and a fingerprint registration information storage area 12e; and a control unit 11. The fingerprint authentication device 1b comprises a fingerprint sensor 13 and a fingerprint authentication unit 14. The setting registration information storage area 12a is controlled as a confidential area. The OS-application storage area 12b and the activation information storage areas 12c and 12d are controlled by the OS so that writing is prevented from the outside.

Description

201001226 VI. Description of the Invention: [Technical Field] The present invention relates to a memory device, and more particularly to a memory device that can use a standard PC to construct a Thin Aient System. [Prior Art] In recent years, with the progress of the company's 0A (〇ffice Aut_ti〇n, office body), the general staff can also be assigned to a personal PC, so the cost of the lead is upward. Increased tendency. Plus U installation or version of the tree to reduce the hardware dimension of the above I ί technology - a streamlined computer system, in order to achieve the reduction of the allocation to the general staff redundancy, do not need to be equipped with the security of the two sides of the work side Take, and get 彡 ===== Enterprise's area $ net 3 = use your own home pc 'through the Internet and this type of computer secret ^ ', the right, using a streamlined anti-virus countermeasures, there will be 彳% of the righteousness has not been executed on the outside of the company;: Placement: Do not hit = 201001226 Saki. In response to the above question, the detailed inspector of the county magistrate turned to the private enterprise t ρΪ's f industry may be able to implement a large number of large enterprises, because in fact == f the number of employees in the anti-virus countermeasures of PC, so the problem is to examine the employees themselves one by one At the same time, even if the company brings the PC with the security layer 7 out to the outside of the company, the company should not bring the company out of the company, but if it is infected with the virus, it will be in the company. Outside the so-called enterprise's feeding device suffered from the time of life, it also has a part of the insurance information on the Internet to correct the page to the company's PC lost, and it has been created: access to the enterprise's server, 1 ' child In the second person valley, it is easy to happen f + 箆 - person%, g', jin construction of a streamlined computer system, it will be leaked out of the company's external confidential information. [Patent Document 1] Japanese Laid-Open Patent Publication No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. No. Hei. In order to have this issue (4), in view of the previous issue, the purpose is to provide a PC placed in any place, as long as it meets the requirements of the fresh PC specification, the device is connected to the external connection terminal and performs touch authentication. After that, there is a second person other than the two, which is absolutely ineffective. To solve the problem of the lead, in order to achieve the above objectives, the description will be made with reference to the symbol of the symbol indicated in the drawing. The memory device according to the invention defined in the first paragraph of the patent application is connected to the standard. The external connection terminal provided on the PC2, 201001226, and by performing fingerprint authentication, can construct a memory device of the simplified computer system, and a memory device main body la can be connected to the external connection terminal and the fingerprint authentication device lb Used to perform the above fingerprint authentication. The memory device main body la is constructed by at least the memory unit 12 and the control unit n. The above-mentioned memory unit 12 is constructed by including a slave board _ area domain, a (four) system, a program storage domain 12b, a startup information, a program, a message, and a fingerprint registration information storage area 12e. The above-mentioned setting login information storage area l2a is used to store VPN (Virtual private Network) connection information and screen transfer setting information necessary for constructing a simplified computer system. The above-mentioned system-application storage area 12b can store at least the first operating system (Opting System) program and the applications necessary for constructing a compact computer system. The above startup information is used to start the above standard pc2. The above program 2 = Ten Commander startup information is read by the standard PC2, and the user is prompted to perform fingerprint authentication. The above information 'reads the above-mentioned operating system-application storage area 12b' from the stored above-mentioned program standard PC2. The above-mentioned inspection and storage area 12e is stored in the first operating system program or stored in the above-mentioned standard] type fingerprint application program. The control unit 2 refers to the above-mentioned settings and registers the stomach information storage area m: the fields 12C and 12d are controlled as the security area. After executing the program for cutting the A, the user uses the fingerprint to describe the fingerprint authentication device 1b to be executed by the user. The over-the-counter, the information storage area 12a and the above-mentioned operating system ms= are simultaneously executed to terminate the control operation of the above-mentioned activation information storage area security area. The fingerprint authentication device lb is used by the fingerprint sensor 13 and the fingerprint authentication unit 14 for reading fingerprint data. The fingerprint authentication unit 14 is configured to determine whether the fingerprint data read by the fingerprint sensor 13 and the fingerprint information stored in the 201001226 area 12e are consistent with each other, and the setting of the fingerprint storage area is 'Storing the above-mentioned (four) thief-type control into the secret category' The above-mentioned operating system-application storage area 12b and the above-mentioned startup information area 12e, 12d' are controlled by the above-mentioned first operating system program to be unable to externally write A firmware is built in the fingerprint registration information storage area 12e to control the data not to be written except the fingerprint data. The user i includes both the administrator who manages the memory device and the user who uses the memory device. In addition, the so-called silk area is biased, and it is made even if there is no reference to the area. Furthermore, the so-called cannot be external

Multi-system ^ Even if the user wants to refer to this area, there is no reference setting, and even if you use the Cro, DMA (Dkect Access), CGI fo^imon Gateway imerface) program, etc., hardware means, software means 4 to refer to This area also cannot be referenced to the status of this area. The memory according to the invention defined in the second application of the patent application scope is installed in the above-mentioned + please-special item 1 memory device towel, in the above 12c > 12d USB (Universal serial bus) and FD (Floppy (registered trademark) )Disk) startup information. The memory device according to the invention as defined in the third aspect of the patent application is the memory device of the first or second aspect of the above-mentioned patent application, wherein the activation information storage areas 12c, 12d have built-in At the start of the above-mentioned standards, it is not possible to refer to the above-mentioned operation secret---------------------------------- The memory device according to any one of claims 1 to 3, wherein the first operating system program starts the above standard using the first operating system program described above. PC2 The first operating system program cannot be controlled by external reference to the hard disk 21 of the above-mentioned standard PC 2. The memory of the invention as defined in the fifth aspect of the patent scope is as described in any one of the above-mentioned patent claims, in the first to fourth items, and the fingerprint is registered in the information storage area 12e, Divided into management 201001226 ΐ ϊΐΐ ϊΐΐ ΤΓ 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 Log in to the information storage area! (Application Program Interface) J,, 资·PC2 启_Technology has referenced the fingerprint information stored in the fingerprint registration 5 ^'s or has referenced the above seven slaves) The fingerprint registration information storage area 12e; 2 stored fingerprint data_be = in the first operating system program, when the standard pc is started, Ϊif is written in the information of the API interface, when the standard pC2 is started, ^ In the case of a loss of ',, ° fruit for the manager's fingerprint data, the start of the use of the manager and the reference result is a person (Use〇's fingerprint is simple] Ϊ装打打,程,式开始用户(U The processing of the desktop used by the ser is installed on the desktop of the manager, and the program for automatically reading the information stored in the login information storage area 12ai by the administrator is installed. The memory device according to any one of claims 1 to 6, wherein the memory device main body 1a is provided with a built-in user RFID ID 15 of the employee ID information. The memory device according to the invention defined in claim 8 is applicable to any one of items 1 to 7 of the above-mentioned patent application. In the memory device, the communication unit 16 for connecting to the network 3 is provided on the memory device main body 1a. 8 201001226 The invention effects of the above-described solution means will be indicated in the drawings of the embodiments attached thereto. The component symbol is used for explanation, and the invention according to the scope of the patent application 'when the standard PC 2 is started' stores the storage information storage area 12c, 12d of the memory unit 12 The startup statement PC2, which is started by the $pC2, executes a program that prompts the user to use the flutter after the activation information is loaded. After the program is executed, when the user uses the progenitor device ratio, the reader is read by the fingerprint sensor 13. Taking the fingerprint of the user=the factory through the fingerprint severance unit 14 and executing the above-mentioned fingerprint data stored in the fingerprint registration information storage area 12e of the storage unit 12, and determining the result, the control unit u Execute whether the external multi-test operation system and the system-application storage area 12b can be controlled. Therefore, if the fingerprint data of the fingerprint is not inconsistent with the fingerprint registration information storage area, the external reference operating system-application storage area cannot be used. 12b, even if the above-mentioned standard PC2 is loaded with the first operating system program stored in the above-mentioned operation type 健-type storage area (3), the above-mentioned standard: 障 梦 ; ί ; ; ; ; 于 于 于 于 于 于Even if the user who can use the memory device loses the record = the two people get it, the fingerprints other than the user cannot be stored by the shop. [4 (4) , the silk starts the pc, so = two ίίΐ problems arising from the confidential information outside the company. In addition, in the fingerprint registration information storage area of the hidden portion 12, fingerprint data that can be executed by the second operating system and the program can be stored, and the fingerprint data can be stored. The operating system of the meat memory department 12 - the application storage area (3) The application program necessary for the compact computer system 'and the storage information storage area l2a in the setting of the death memory can be stored丽丽线资讯画=2; Bei 0, right 旎 connects the memory device 1 to the PC used in the first operating system stored in the 201001226 program startup device 1 of the standard PC2, and the port is in use. The used PC or network ρ is connected to the external memory device and the wire shovel. The above-mentioned startup information storage areas 12c and 12d are controlled by the first method to be unable to write from the outside to the fingerprint registration t-storage. There is a tribute to the $2 built in the area, so there is no virus infection. <Direct',,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, Even if the second job "" and the pc2t=/ method are used to write an arbitrary memory to the memory device, the CPU 20 having the PC2 cannot access the above-mentioned settings: the above-mentioned operating system_application storage area 12b and the upper storage area. I2e, i2d (since the user can't refer to the area, the method of transferring the GPU2G access by the jin 2G method), so the disease-free silk dye is generated, and the blade body is built in the fingerprint registration information storage area 12e, and The method of writing data other than fingerprint data, so the area i method is written to the data other than the fingerprint greedy, so there is no virus infection?... Store str, surround =, 12d^ pre-stored on standard pc2 If the startup information of the installed bi〇s, even the old type of pc, can be installed with the first operating system program installed to start the standard PC. 201001226 According to the invention defined in the third application of the patent scope, Open storage area 12c, 12d built-in When the above-mentioned standard PC2 is activated, if it is not possible to participate in the above-mentioned operating system-application storage area 12b, it is possible to determine the invention defined in the fourth application of the patent scope in a short time by using ==2%= After using the above first operating system program to start the above standard PC2, the system program cannot be installed from the external reference to the above standard pc 2=, so the standard pf hard, Ϊϊί is started using the above-mentioned operating system program. The reference is to the hard disk 21. Therefore, it is more effective to infect the virus, and the invention of the fifth application of the patent scope is applied. Because the fingerprint information of the manager is stored in the management office, if the user of the device is stored in advance, Unable to connect to us to make unpredictable events such as 11 devices. Also, in the case of - ί?ί进: ί'ίϊ:, the manager does not need to log in on the purchase of the record, thus achieving high efficiency. The accuracy of the operation. The fact that the management certificate is set can be written === Deng: ϊΐ :, through the 桌面 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 事先 桌面 桌面 桌面 桌面 桌面 桌面 桌面 桌面Achieve high efficiency Industry Speed 201001226 f Ϊ Employee County Use 'When the user wants to use the room material from i, the door of the studio cannot be opened, and the device is recalled, so ίί人^= must reset the memory farm from the standard Pc _ leak 1 question = the user's work _ _ _ can prevent the technology (10) trace according to the standard communication unit 26 used, use the dial-up connection method to manage the settings Ϊ ΐ ΐ ΐ ΐ ϋΐΐΓϋ 的 , , , , , , , , The communication unit 16' is therefore inadvertently connected to the "wired area network of the V connection". The preferred embodiment of the present invention is implemented in the first embodiment of the present invention. Description, an illustration of the situation. ^ Dijon & implements a network 3 connection that builds a thin computer system. Moreover, t is not used by the user terminal C and the server 4 and the fingerprint recognition device is used to record the main body la line end 'by the user through the keyboard or mouse, etc., input to the user 3亀 to the side 4, the ship The operation of the internal storage terminal c requires the ship 5| 中 in the server 4 to execute the application. Then, execute the application plan data, and receive the information on the display of the connected (four) screen on the 4th, 2010-12226. Use the second picture to specify the memory device. Install the oblique view of ^ 1. The memory device 1 is formed as shown in Fig. 2(a), and can be a member of the reading device la and the authentication device lb. The device main body la and the fingerprint authentication device lb are connected by a cable. It is used for insertion into the external part of the standard PC2; 2 is set to the end of the T = 蟑, the fingerprint authentication device is for reading the human = ^ text · The external connection of the memory device main body la is inserted into the standard PC2 The UB material is such that the read and device main body la; f moves in the front direction shown in the second figure (4) and can be separated from the fingerprint authentication device 1b as shown in the second (b). - After being separated, as shown in Fig. 2 (8), the connector portion le provided at the front end portion of the memory device main body 1a can be inserted into the connector; the USB connection of the external connection terminal of the PC 2 is itched. The fingerprint authentication device 1b is provided with a concave portion ld disposed above, and a fingerprint sensing H 13 is disposed at a slightly central position of the concave portion μ. The fingerprint authentication device is configured such that a single finger of seven types is closely attached to the concave portion ld, and the fingerprint sensor 13 can be made to be slid by the finger in the direction of the arrow shown in the second (b). The fingerprint of the recessed Id male and the connected finger is read. Next, the third item, the needle S], and the simplified computer system using the memory device 1 according to the embodiment of the present invention will be described in detail, and the third embodiment is a block diagram of a simplified computer system. In the figure, the user terminal c formed by the memory device 1 and the PC 2 is connected to the server 4 via the network 3. The σ memory device 1 is constructed by the memory device main body 1a and the fingerprint authentication device 1b. Further, the memory device main body la is constructed by the CPU 1A, the control unit u, and the memory unit 12. The fingerprint authentication device 1b is constructed by the fingerprint sensor 13 and the fingerprint authentication unit 14. The control unit 11 transmits the data of the memory device 1 and the PC 2, and then controls the setting of the registration information storage area 12a and the operation system-application storage area 12b of the storage unit 12 which will be described later. Further, the activation information storage areas 12c, 12d of the memory unit 12 described in ^ 13 201001226 can be controlled as a security area. Further, whether or not the control of the setting registration information storage area and the operation system-application private storage area 12b of the external reference storage unit 12 can be performed is performed as a result of the fingerprint authentication at the time of startup of the PC 2, which is described later. The above-described activation information storage areas 12c, 12d control the control as confidential. ', ', ° ° ° memory unit 12, is a non-volatile memory such as rewritable flash memory that does not cause the data to disappear due to power off, setting the login information storage area 12a operating system - application The private storage area i2b, the startup resource, the health left f 12c, the startup information storage area 12d, and the fingerprint login information storage area are constructed. The registration information storage area 12a is provided with information necessary for the brain system such as the establishment of the marriage and marriage connection setting, the WN connection setting, and the face transfer setting information. This area is a writable or readable area, but the second operating system (Linux (registered trademark)-based OS) program stored in the operating system-application storage area 12b is managed to become a user. Reference to the privacy zone. Therefore, in this area, you can freely write arbitrary data. The user-operating system-application storage area 12b is a system-operating system (Linux (registered trademark) - this wealth, 4) that stores the entire system of the computer system that can perform input/output functions and memory management. The general program, the word processing software or the trial application "丄. This area is borrowed from the first - the operating system is a state that cannot be written by the user. 资二^讯=区3, to '健存有Starts the USB-HDD (Hard Disk Drive) information for the PC2, and starts the domain storage with the startup information for the PC2. FD 。. Start the treasury storage area 12c, 12d PC1 is started when the program of each pc2 start-up authentication device 1b is built, and the system is stored in the & industry system - if the above-mentioned operating system program is stored, the application storage area i2b 14 201001226 is not available. The command to terminate. In the 曰 登录 login information storage area 12e, the # | login program is stored, and the program is older than the ==== = field is a writable person or a read (four) area, but Outside of Lin Caiyu's information @ The detector is when the user connects the two ends of the human fingerprint to the fingerprint authentication device lb, the recess ld m = fingerprint 'executes the fingerprint authentication unit 14: out; =: refers to 1: the read finger; the text 4 The material it means: poor #; i3 12 22, 7 = CPpU2 〇, hard disk 21, R 〇 M (Read 〇 _ _ _ _ 17) 25 and the communication department 26 is constructed. The input β area stores the main start record ( MBR, MasterBoot such as Wind.: (After f, or, then f (4) in MRP Μ * Festival quotation ^), Macintosh (registered trademark), etc.) 批 偏 ' ' Production a 7 . B〇〇t 1〇ader). In addition, the hard disk 21 is not able to be externally referenced by the above-mentioned general program when the standard operating system program is started by the third operating system program. Therefore, it is externally referenced. In the case of starting the standard pc2, it is impossible to store m〇s from the ROM 22'. ^L^23 ' is used to display the processing results, etc. The data used for temporary storage is turned off when the power is turned off. The memory 'input unit 25 can be a mouse or a keyboard, etc. 15 201001226, etc., such as domain fine, fine area network, dialing certificate department ^ authentication unit 41,昼 转 认 可 可 可 可 可 可 可 可 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域 区域Terminal C VPN connection. The code is allowed to be served between the user terminal c and the server 4. The ID and password sent by the user terminal C and c are allowed to be registered in advance. It is judged that the user terminal C is allowed to pass between the user terminal C and the ship 4, and the application 43a, the file 43b, and the like which are unnecessary for the user to work using the user terminal C are stored in the H卩Sif. The implementation of the method of _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ The flowchart of Fig. 6 is a silk diagram of the processing at the time of the description. When the user uses the system, the memory device 1 involved in the configuration constructs a compact computer system and logs in as described in 3m. This is because if you did not perform fingerprint login, you can use the above-mentioned operating system program to start pc2. Set 1 罟 = month finger, pattern registration process 'users will memory PC ^ power supply (_ su. Next '2 cut, display the above mentioned on the PC23 display 23, the user is making the job or slip The mouse's output m is stored in the memory device i _ note, _ 12 of the fairy 16 201001226 • y 1 = pS ^ S3). In response to the program executed by the user, the user reads the hand to be logged in, and reads the fingerprint Id of the fingerprint authentication device 1b and causes the fingerprint sensor 13 to read the fingerprint of the finger. When the fingerprint data is read, the fingerprint data is stored by the fingerprint authentication unit 14, and the image storage area i2e is recorded (step § 4). In addition, even if ρ〇2 is infected with a virus, since the firmware is built in the fingerprint registration information storage area 12e to control the area from being stored except the fingerprint information, there is no virus infection in this area. . Furthermore, the control unit U can control the above-mentioned settings, the information storage area and the above-mentioned operating system-application storage area=2b control cannot be externally referenced, and the storage of the domain is controlled, and the domains 12c and 12d are controlled to be kept secret. Area, this control cannot be released as long as the fingerprint authentication is unsuccessful. Therefore, even if the user makes access to the input unit f of the miscellaneous disc or the singer = the above-mentioned finger of the memory unit 12, and the area other than the mosquito boarding storage area 12e, the access cannot be accessed, so in the memory unit. 12 The fingerprints are not registered in the area other than the poor storage area 12e. After the completion of the registration, the user activates the power supply of the memory device main unit 1a of the PC 2 to the USB port of the PC 2, and restarts the power supply of 5 (step S1G). Next, the user can change the m〇s stored in the R〇M22 by the input unit 25' of the job or mouse to set up the search. The change point is 'the first priority mode is changed by the first priority of the first-operation system program. Specifically, the BIOS setting information for changing the boot priority order to - or USB - FD is performed in such a manner that the first operating system program can be executed first (step S11). After changing the BIOS setting information, the user starts PC2 again (step S12). When PC2 is restarted, the CPU2 in PC2 reads out the BIOS stored in R〇M22. The read BIOS reads out the MBR21a stored in the front sector of the hard disk 21 in the pC2, and outputs the setting information of the BI〇s to the boot program stored in the MBR 21a. The boot program that receives the setting information of BI〇s is based on the operating system program set by the BIOS to start the priority order, and sequentially searches the area where the copyright system program is stored (step Si3) <> 201001226 when the priority order is started When the first one is not a USB-HDD or a USB-FD, the second operating system program described above is executed (step S14). If the boot priority is USB-HDD or USB-FD, the boot program is searched by the control unit u for searching in the memory unit 12 of the memory device main 1a of the USB port of the pc2. Save ^ USB - HDD or USB - FD boot information. When performing a search, if the boot priority is USB-HDD, the boot message will be read, and the boot information of the memory area 12c will be read. If it is USB_FD, the boot information storage area 12d will be read. Start the news. When the activation information stored in either of the activation information storage area 12c or 12d is read to the above-described power-on procedure = the scream of the H-device lb is reached to the display 23 (step S15). In addition, the above booting process is in a standby state before the end of the process. 23 Record 'The contents of the above program are kept on the display and moved to the next step. If j is entered, the next step can be moved (step S16). In the case of the above-mentioned program, the user touches the recess id of the fingerprint authentication device and allows the fingerprint sensor 13 to read the fingerprint of the finger. Output to ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ ϊ The state, the execution program storage area - internal communication 'reference operating system - application shell program is its capital 18 201001226 12b according to the control department U, and can not be opened by the above," then the above boot program, can be based on the valve test ^ When the above operation is performed, the command of the PC 2 is started to terminate the startup of the pC2 (step s (8). Right / the registered fingerprints match, the fingerprint authentication unit 14 associates the result with the control unit 11 of the result. The system-application J* is a command that can be referred to by the above-mentioned boot program, and executes an instruction to start processing again in the program. In addition, the above-mentioned command is executed to form a login information storage area from the external reference. 12a, 启动 启动 启动 资讯 资讯 资讯 资讯 资讯 资讯 资讯 资讯 资讯 资讯 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动 启动The above-mentioned first-running system program is generally used to extract the above-mentioned first operating system program = 1'^ the above-mentioned first-fourth (four) unified program (step two. When the operating system program is executed, first, the first operating system program desktop can be displayed after the first operating system (fuial) The display 23 in the PC 2 (step S20). The terminal 5 of the wheel 5 is connected to the network 3, so that the _ disk or the mouse or the like is required to make the connection processing request (step S21). Specifically i: The input unit 25 of the keyboard or the mouse or the like selects various CPUs 10 for connecting the connection to the network 3 such as the connection of the Liantian two-line area network connection and the wired area network connection to establish the selected connection. The information of the child code or the like is transmitted to the CPU 10 in the memory device 1 for execution. The user selects the various settings for the connection establishment 19 201001226 information processing, sends the difference data to PC2, and captures the RAM24 in pc2 (step, step S23) 'displays the processing content on the display 〇 Although the user connects to the server 4 via the network 3 when the network connection is established, the input unit 25 such as a keyboard or a mouse is used to perform the νρΝ connection processing request (step S25). The user uses the input unit 25 such as a keyboard or a mouse to execute the VPN program stored in the operation unit _ _ program storage area i2b of the memory unit 12, and uses a keyboard or a mouse to respond to the program. The part 25 inputs the IP address of the ship 4, and then, after inputting the password and the password, the information input thereto can be transmitted to the cpui port in the memory device. ^ The machine 4 uses the input information to send the processed poor material to the PC2, and then to the PC2 _ from the fun, and establishes the connection between the communication unit 26 and the network 3 (step S26), through The communication unit % requests the VPN connection request data (id, password) for the feeding service (step S27). When the communication unit 40 of the server 4 receives the vpN connection request via the network 3 = the WN authentication unit 41 of the servo H 4, whether or not the VPN connection is performed between the user terminal c and the user terminal c (step s28) . Further, in the N authentication unit 41, the ID and password for which access is permitted are stored first. The Ministry of Information 4 (M) transmits the authentication result data processed by the VPN authentication unit 41 to the user terminal C (step S29). Upon receiving the cp (10) that has been allowed to access the result, it can be performed on the display 23. The processing (step S30) sends the authentication result data to (step S31), and the result is displayed on the display 23 (step magic 2). No. 4 ΐ line - when establishing, the maker performs the servo storage through _ 3! Since the processing of the application 43a, the Tan 43b, and the like is performed using the keyboard and the input unit 25 of the mouse 4, the face transfer processing request is executed (step 3). = The user is input using a keyboard or a mouse. The part 25 performs the operation of the memory, the screen transfer stored in the application storage area (3), and inputs the IP address of the feeding state 4 using the input unit 25 such as a keyboard or a mouse. After inputting the ID and password, the information input 20 201001226 is sent to the CPU 10 in the memory device 1. The CPU 10 is configured to execute the processing of the information input by the user, send the processing data to the PC 2, and operate to the PC 2 In the RAM 24 (step S34), the transfer is transmitted through the communication unit 26. The data is requested to the server 4 (ID, password) (step S35). When the communication unit 40 of the server 4 receives the facet transfer request through the network 3, the face transfer authentication unit 42 of the server 4 determines Whether or not the screen transfer is permitted between the user terminal C and the user terminal C is performed in the authentication process (step S36). Further, in the facet transfer 5, the forcible portion 42 "pre-stores the Liao which allows access" and the password. The port communication unit 40 transmits the authentication processed in the face transfer authentication unit 42 to the user terminal C (step S37). The CPU 10 that has received the authentication result that has been allowed to access performs processing for displaying the result on the display 23 (step S38), and sends the authentication to PC2 (pour S39) to display the result on the display. And == S40) When the screen transfer establishment is completed, the user can execute the application 43a and the file processing request stored in the server 4 using the input unit 25 such as a keyboard or a mouse (step S41). The CPU 10, which has received the processing request data, sends the user's request data to the PC 2 (step S42), and the processing is transmitted to the server 4 via the communication unit 26 (step S43). " When the communication unit 40 of the server 4 receives the processing temple through the network 3, in response to the processing request data, the execution server 4; the vomiting secret type 43a, or the termination program is deleted or saved. Processing (step S44). Or advance 40 (4) 4 to deal with the handling of the required materials, the general case

S45^> transmitting the screen data of the processing content to the user terminal C. The CPU 10 receiving the face data is configured to execute the face data display in the 201001226 process (step S46), and the screen resource _ is used by ρα_) Iif ? is displayed on the display 23 (step s48). In addition, in the case of ί, the steps of the step of repeating the steps such as " ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ The order (step S49) when the system executes the above-mentioned command for the execution of the program, the Internet connection information within _24 is stored; the memory is stored in the _24; The singer rushes to the sixth place and records the condition of the field 12a (step S51). A health (four) process is performed, and in the end, in order to use the input part of the keyboard or mouse, Rong Xi, fish green ^ connection, wireless local area network connection, wired area network connection j connection (four) Various settings, but if you remember, _ 12 settings login ^ ,, stored Internet connection information, because its information = buy through CPU10 f, so no need to proceed as steps S2, S25, step S33 is also Establish VPN connection and 昼^^ = Use the input unit 25 of the keyboard or mouse to perform Ip address, ID and = input. However, if the setting of the memory unit 12 is registered, the WN connection information is stored. If you transfer the slave information, the 〇>mo is read, so there is no need to perform the steps of step S25 and step (4), and the method of adding and changing the fingerprint registration will be described using the seventh figure. A diagram of the processing when a new fingerprint is added or changed. When the user connects the memory device main 1a of the memory device 1 to the jack of the PC 2, the user turns on the power of the PC 2 (step S1). If the BI〇s setting is the first priority, if not the USB-HDD or usb-fd, the second operating system program will be executed, and the desktop of the second operating system program is displayed to the display benefit 23 in the PC2 ( Step 8101). If the USB-HDD or USB-FD is the first priority, the program will be executed to start the (10) program of the first operating system, such as De WlHS (Login trademark) ), etc., the desktop of the first operating system program is not displayed to the display 23 in the PC 2 (step si〇2). 2 = When the i-side is displayed on the display 23, the memory unit 12 program stored in the recording cassette is read using the keyboard or the input ^25 of the mouse ^ (step S1G3). In response to the program that it executes,

= 2, the finger slides along its concave portion ld, so that the fingerprint sensor 13 4 is buckled with a button. After the fingerprint data is read from the fingerprint sensor 13, the fingerprint-processing of A is performed on the fingerprint riding _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ In response to the above program content, the single finger of the hand recorded by the neighboring f slides on the authentication device 1 id, so that the fingerprint sensor 13 can read s, and can also delete the previously registered fingerprint, and the invention according to the above description In the related embodiment, when the standard p is activated, the startup information storage area 记忆12 of the memory unit 12 starts the startup information for the PC2, and the MBR2la stored in the standard ρ(:2 hard disk u=sector) The stored boot program is read in: 2 Startup capital execution and use of the above fingerprint authentication device = The process _ 'When the user uses the fingerprint authentication device ib, the above-mentioned user-ΐίΐΐ material is read by the fingerprint sensor 13 'through fingerprint authentication In step 14, whether the fingerprint data obtained by the above item and the finger of the memory unit 12 and tTVi-ΐί^* ί are used to control whether the camera program can be referred to as (four) system-storage area i2b. Therefore, if the user Fingerprint data not with 2 23 201001226 Read the program in the above-mentioned operation system, even if the above-mentioned boot-up operation system (Linux, (the information stored in the login service ^ storage area 12b, still cannot refer to the second d 〇 s) program The user who lost the memory by the third person lost the memory device ΚΓ Α , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , The recording system that can be executed in the above-mentioned second operating system can store fingerprint data if it is fingerprinted. It can be stored in the storage system. 作业12 operating system - application storage area ^ ϊ ί ί ί _ computer system The necessary application (the VPN program depends on the external computer system thief's external connection to the first operating system program to start pc2, then you can build === system. So, whether it is used in the company's internal PC ΐ , or the Pc used by the Internet cafe, if the standard PC specification memory device 1 is connected to the external connection terminal, the construction can be simplified and the above-mentioned setting login information storage area 12a is formed by the first generation to create a secret area. system applications The program storage 'or bQ and the above-mentioned startup information storage areas 12c, 12d are borrowed from the above-mentioned first operating system = can not be written from outside, and the fingerprint registration information storage area S α is built in the above-mentioned fingerprint registration information storage area S α to control not to be written. Information other than human fingerprint data, 24 201001226 = Make fresh PC2 sensational, because of the memory of the l > law $ into the body of the body 'there is no virus infection. 骂 骂 任 任 任 任 任The control unit 11 is controlled so as not to be able to read from the external reference storage area 12a and the above-mentioned operating system--and the recording-before-in-line registration-information storage area 12e has a built-in ==“even if it is increased==two standard PC2 jobs (four) Cp (four) If there is no money, the above operating system-application is accessed (the user cannot access 4ii; = ί and Γ1 ΐΐ access command), so there is no virus infection problem, and the day is in the fingerprint login information storage area 】 2e built-in has not been written in addition to the information required by the information, so the regional benefits are written into the data other than the Japanese-style information, so there is no virus infection. Further, in the above-described startup information storage areas 12c and 12d, the PC of the type in which the suffix of the PC2 must exist can also start the standard PC by the first operating system program that the singular device is installed. In addition, since it is created in the above-described startup information storage areas 12c and 12d, when the standard PC 2 is started, it is impossible to refer to the navigation of the operating system-application storage unit 12b, and the fresh pc2 is terminated. In a short period of time, it can be judged whether the fingerprint authentication of the standard PC2 is successful or failed. Further, since the control is such that the standard PC2 is started by using the first operating system program, the above-mentioned operating system program cannot be externally referenced. The hard disk 2 is set on the standard PC2. Therefore, after the standard PC2 is started, the hard disk 21 cannot be externally referenced. Therefore, the risk of the memory device being infected with the virus can be avoided. In the embodiment, as shown in FIG. 8, the memory unit 12 ι 25 201001226 矾, 士型八利1 N text is registered in the tribute storage area 12e2. , the secret manager of the device 1 can be used to log in to the information storage area 12el. If the text is used in advance, the user can use the memory of the user. i's unpredictable ^ The manager becomes unnecessary to work on all the memory devices, and the work of logging in to the fingerprints can be done. In addition, as shown in Fig. 9, it can also be used by the user ( User) Set the login information to be stored in 卩+ Λ~ If you want to play your book, say 曰2, °σ or 12a; 2. Through the above division, line information, 面面转网connection information, (4) even = ' The administrator will use the _ network connection to make the ^ set 1 = send the setting #讯先财管理 administrator set Wei District ί

Tfi ^ ΐ^ ίίΐΐ^ 'VPN table, said ^= The desktop on the desktop for the administrator's desktop. The input unit 25 of the mouse or the like, the read-in management person can execute the Internet connection for the administrator who uses the keyboard or the slide storage, and the program for transferring the setting information by the body storage area strict 12a. Connected to the 5, PN connection information and 昼 登录 login information storage area 12, f first made into _ control into the API t used for writing, written in PC2 =1, the data storage other than Wenbei News At the time, the state of the fingerprint information of the manager's fingerprint registration area 12 201001226 is stored; or the state of the fingerprint information of the user information deduction and the information storage area 123⁄4 has been read. Thereby, the manager month & starts the pc2 by the process steps described in FIG. 5, and the difference is the step S20 shown in FIG. 6, when the first operating system program is executed, first, the above A GUI program of an operating system program (for example, _ _ wifld〇ws (registered commerce), etc.) is activated, and reads the control of the fingerprint of the fingerprint registration information storage area 12e, and uses the API to perform confirmation to confirm whether the fingerprint of the person manager has been read. Login information storage domain 12ei fingerprint information; or read user user (User) fingerprint login shell, storage (1 domain 12e2 fingerprint information 4 reader management fingerprint login information J, domain 12ei fingerprint information ' Let PC2_Monitor 23 display the above-mentioned 4-2!! The manager of the secret program (4)*face' If the reader user ((4)) only prints the fingerprint information of the information storage area %, the first operating system = The user (User) displays the display 23 in the desktop pc2. The used desktop is displayed on the display 11, and the administrator uses the keyboard or the π mouse-specific input unit 25 to execute the executable read manager setting login=domain. Management of Erguangjin Storage Using the Internet connection information, °ν ΐ send the command to set the information. So, CPU20 ^, 仃 取 取 (4) slaves log in to the domain of the domain = Internet network information, ypN connection information and According to the process, even if the manager does not perform the processing of step S21, step S25, and step S33 of Fig. 6 ^=:=〇, it is still possible =: ifi it In the case of the memory device 1, it is not necessary to perform the same setting operation for all the memory devices 1 in the same manner, and thus, in other embodiments, the efficiency can be improved as in the tenth embodiment. On the main body la, it is also possible to install a built-in l, f no, in the above-mentioned 咖 之 之 is is is is is ω ω ω ω ω ω ω ω ω ω ω ω 工 工 工 工 工 工 工 工 工In the meantime, if: 2, the card reader near the doorway reads the memory device l, then there is no 27 201001226 organic Π ί: ί: two inner r and then can prevent 1 technology = has not been set in the standard used % of the communication part of PC2, the connection of the body 2 ^ ; ^^ ̄ ί ί ί ί ί ί ί ί ί Further, in the above-described embodiment, it is assumed that the USB device of the external connection terminal is 11 and '2' but may be connected to the USB bee = ff^T) ^ + (} ^ ( ί 商商,) 4)), unsold in need of a Cong memory, in the above embodiment, the memory is shocked] inserted ^ g 埠 for use, but if it can be connected to the first position For the connection form of the former paragraph secret, _ can not move the excellent ^ H note (four) set out 11, 12 although the thief set the main body 1a, the device 1b is separated, but can also use the undivided method, although Make the _ hand's single hand „ in the recess ld = above the fingerprint authentication device lb, the finger slides to make the fingerprint sensor 13 read in close contact with the recess =, but let the finger reduce the acquisition of the finger _ method can also The description of the embodiment of the present invention is carried out by using the other PCs and the PC2 axis, but of course, the table crane computer can be used to implement the present invention. 28 201001226 Further, the memory device 1 and the UL system described above have CPTJ1. That is, the CPU 10 is provided, and the CPU 2 set to the PC 2 can also be used. However, if the test, the poison intrusion 贞 UX is suitable for the CPU 10 that can reliably carry out anti-virus measures. [Embodiment of the drawings] Fig. 1 is an explanatory view showing a case where a simplified electric system is constructed by using an embodiment related to the present invention. Fig. 2(a) is a perspective view of a memory device according to an embodiment of the present invention. Fig. 2(b) is a diagram showing the separation state of the memory device according to the embodiment of the present invention. Figure 3 is a block diagram showing the construction of a compact system using the embodiments of the present invention. , , 4 is used to explain the flow chart when processing fingerprint login. Figure 5 is a flow chart for explaining the processing when the user terminal is activated. The f 6 diagram is used to illustrate the flow chart for processing a compact computer system. Figure 7 is a flow chart for explaining the process of newly adding or changing the fingerprint registration. 8 shows a memory portion of another embodiment of the present invention. Fig. 9 is a view showing a memory unit according to still another embodiment of the present invention. Fig. 1 is a block diagram showing a case where a simplified computer system is constructed by using another embodiment of the present invention. Fig. 11 is a block diagram showing the case of constructing a compact computer system by using the re-embodiment of the present invention. [Main component symbol description] 1h, 丨2: Memory device la,, 13⁄4: Memory device main body lb: Fingerprint authentication device lc: Cable 29 201001226 le : Connector part Id : Concave part

2 : PC 3 : Network 4 : Server

10, 20 : CPU 11 : Control unit 12 ' 12! ' 122 · Memory unit 12a : Setting registration information storage area 12a!: Administrator setting login information storage area 12az : User setting user registration information storage area 12b : Operating system and application storage area 12c, 12d: startup information storage area 12e: fingerprint registration information storage area 12e: manager fingerprint registration information storage area 12e2: user fingerprint login information storage area 13: fingerprint sensor 14 : Fingerprint authentication unit 15 : RFID tag 16 : Communication unit 21 : Hard disk 21 a : Master startup record (MBR)

22 : ROM 23 : Display

24 : RAM 25 : input unit 26 : communication unit 40 : communication unit 41 : VPN authentication unit 42 : face transfer authentication unit 30 201001226 43 : memory unit 43a : application program 43b : file C : user terminals S1 - S4 , S10 - S19, S20-S52, S100-S105: Step 31 of each step

Claims (1)

201001226 VII, the scope of application for patents: f 5 PC (Personal Computer) ^. Prepared - outside.卩Connecting the terminal, and through the fingerprint-printing device, the memory device of the computer system can be connected to the external connection terminal: a device body and a fingerprint authentication device capable of performing the fingerprint authentication are provided by the main system The memory unit and the control unit are configured, wherein the memory/one-hit login to the poor memory storage area is used to store at least the VPN necessary for constructing the system (Vi^alPr〇vateN, the transfer information, etc.; - operating system - a program storage area for storing at least - the operating system required to operate the system; the slave tribute storage area for storing at least the standard PC - Tr 贝 讯 ;; stored in the startup information is read by the standard pc after the use of the certification money - the program and the program will be - fingerprint login information storage area for storage - fingerprint data, The fingerprint data registration program of the second Pc 2 second operating system program is executed; the storage control is unable to externally refer to the setting login information; ===: the execution has prompted the " = = certificate j, when the user's fingerprint authentication, according to the = part reference to the setting login information storage area and the operation, the system - the application of the private storage area control, while executing whether the information storage area is controlled into a secret area Control, wherein, the fingerprint authentication device comprises: 32 201001226 a pattern, a device for reading fingerprint data; and a fingerprint portion, a portion for performing a fingerprint read by the fingerprint sensor Judging whether the data is consistent with the fingerprint data stored in the U-fingerprint storage area, the login information storage area is borrowed from the first operating system program area, the operating system, the bribe storage area, and the startup capital. The first-operation system program is controlled so that the body cannot be shouted from the external write area, and the rib control is not written to the memory device described in item 1, wherein the boot device 5 USB (Universal serial bus) - FD ^Py (Login trademark) Disk) startup information. The memory device of item 1 or 2, wherein in the storage area, when the standard pc is started, when the application storage area cannot be used, the startup of the standard PC is performed; The memory device described in the item, after you start the standard pc with the operating system program, the first party ί进^= can not be installed from the external reference _ standard PC hard disk bowl item to the 4th In the item, the memory device described in any of the items and the user fingerprints are stored in the storage area, and the manager's fingerprint is stored in advance. (4), # ;===录: Moved in the built-in pair of > L _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ When writing in the standard, refer to the finger stored in the administrator's fingerprint login information storage area, or refer to the user (User) to log in the Wei storage area = stored fingerprint information, in the first operating system program. , at the & Pf - at startup - the reader is written to the API information, in the Quasi-Pc ^ Riji installation When the reference manager's inspection data, start the desktop for the use of the user; ^ When referring to the user's finger and grain data, start a user's ^face = mileage 'On the desktop for the administrator, install the program that automatically reads the information stored in the management information storage area. The memory device according to any one of the preceding claims, wherein the master system of the pro-It device has an RFID (Radion Frequency Identification) tag that calls the user (IV) IID information. • As described in the first to seventh items of the patent application scope, wherein the main system of the memory device has a communication unit for connecting to the network. 34