CN101350034A - Mobile memory apparatus and method for visiting file - Google Patents
Mobile memory apparatus and method for visiting file Download PDFInfo
- Publication number
- CN101350034A CN101350034A CNA2008102221770A CN200810222177A CN101350034A CN 101350034 A CN101350034 A CN 101350034A CN A2008102221770 A CNA2008102221770 A CN A2008102221770A CN 200810222177 A CN200810222177 A CN 200810222177A CN 101350034 A CN101350034 A CN 101350034A
- Authority
- CN
- China
- Prior art keywords
- file
- movable storage
- management module
- storage device
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a movable storage device and a method for visiting files, wherein the movable storage device comprises a file control mapper which is used to receive a request that a user visits file maps, to search a file protector which is corresponding to a file, to send a command which starts the file protector to an equipment management module, and is also used to control application programs to visit the file which is corresponding to the file maps, the equipment management module which is used to start the file protector according to a start command, and the file protector which is used to monitor the application programs of visiting files to guarantee the safety of the file visiting process, wherein the file protector operates before a corresponding file, and the file maps are used to preserve the access attribute information of the corresponding file. The invention can improve the safety of the file in the visited process.
Description
Technical field
The present invention relates to the mobile storage technical field, the method for particularly a kind of movable storage device and file access.
Background technology
Present movable storage device has been widely used in the middle of people's the live and work as flash disk etc.Be different from traditional magnetic disk media, have as the movable storage device of storage medium with electronic chip that volume is little, in light weight, the control flexible characteristic.Movable storage device generally comprises the two large divisions, be control module and storage unit, when movable storage device and main frame carried out data interaction, control module and main frame were saved in data movable storage device or reading of data from movable storage device then by the interface swap data.
Data have two kinds of organizational forms in movable storage device, a kind of is the form relevant with operating system, as support the FAT/FAT32 file layout of Windows system and the file layout of supporting linux system, this form has generally formed standard, can share between the different equipment; Second kind of form is and the concrete relevant privately owned form of application that owing to lack unified standard, data can not be shared between different application.
Usually, the data in the movable storage device write by operating system, for the data that write in the movable storage device, when opening by certain operating system, also are to present to the user with the form of file or folder.As seen, during data in the application access movable storage device in the operating system, operating system can be transmitted data pellucidly between application program and movable storage device.
But, owing to objectively need, the file of some need to be keep secret is edited under security context except meeting, sometimes also can under non-safe environment, edit, because operating system is transmitted file the danger that so just exists file content to be leaked in the editing process between application program and movable storage device.Therefore, the application safety of raising file becomes urgent day by day requirement at present.
In the prior art,, write in the process of movable storage device, file is encrypted by the mode of hardware or software at file in order to improve safety of files; When reading file, decipher again.But present this scheme can only guarantee the security of file in storing process, and in access process, file is easily by malicious modification or illegally steal, and safety of files can't be protected,
Summary of the invention
In view of this, the invention provides a kind of flash memory device, can improve file in accessed process safe.
The present invention also provides a kind of method of file access, can improve file in accessed process safe.
Technical scheme of the present invention is achieved in that
The invention provides a kind of movable storage device, comprising:
The document control mapper is used to receive the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module; Also be used for controlling application program and visit described file map corresponding file;
Device management module is used for according to described startup command startup file protector;
The file protection device is used to monitor the application program of access file, guarantees the security of file access process; Described file protection device moves prior to respective file;
File map is used to preserve the access attribute information of respective file.
The present invention also provides a kind of method of file access, comprising:
The document control mapper receives the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module;
Device management module is according to described startup command startup file protector; The application program of file protection device monitoring access file guarantees the security of file access process;
Document control mapper controlling application program is visited described file map corresponding file.
As seen, the movable storage device that the present invention proposes and the method for file access, in movable storage device, preserve file, file protection device and file map, and document control mapper and device management module are set in movable storage device, be used to coordinate and manage this three kinds of entities; Because having only file map is visible to the user; can only operate at the corresponding file reflection during user capture file; and user's operation file reflection is understood at first startup file protector; by the application program of file protection device monitoring access file, thus the security of assurance file access process.
Description of drawings
Fig. 1 is the mutual relationship synoptic diagram of file of the present invention, file protection device and file map;
Fig. 2 is that file of the present invention, file protection device and file map are by the interactional synoptic diagram of document control mapper;
Fig. 3 is the method flow diagram of embodiment of the invention access file.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the present invention is described in more detail.
The present invention proposes a kind of movable storage device, comprising:
The document control mapper is used to receive the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module; Also be used for controlling application program and visit described file map corresponding file;
Device management module is used for according to described startup command startup file protector;
The file protection device is used to monitor the application program of access file, guarantees the security of file access process; Described file protection device moves prior to respective file;
File map is used to preserve the access attribute information of respective file.
The present invention is provided with corresponding file reflection and file protection device for different files, wherein:
File is the file of match operation system file format standard, has different forms according to the difference of using, and as word, EXCEL and PDF, these files comprise the needed useful information of user.
The file protection device is the application program that is associated with file layout, is used for protecting specific application file, generally is binary format, can be carried out by computing machine.
File and file protection device generally are in protected state, and the user conducts interviews by special purpose interface.Promptly under static state, illegal program does not know how to visit these data, can't visit and revise these data yet.
File map is a kind of special file, has identical filename and file layout with associated with, but different with the content of associated with, has only comprised the access attribute information of file, is the sign of application access associated with.File map is visible to the user, the incident of associated with meeting operation response system operation file.
In the present invention, file and file protection device are invisible to the user, and file map to the user as seen.Therefore, the embodiment of the invention can be divided into the storage unit of movable storage device different zones, i.e. general area and hidden area.Wherein, the file of preserving in the general area is visible to the user, and the file that the user clicks or double-clicks wherein will cause computing machine to read this document; The file of preserving in the hidden area is sightless to the user, and the data in the hidden area are controlled visit by special purpose interface by the control module of movable storage device.File and file protection device are stored in the hidden area, and file map is stored in general area.
Referring to Fig. 1, Fig. 1 is the mutual relationship synoptic diagram of file of the present invention, file protection device and file map.Wherein:
File map is file " representative ", and representation file and operating system are directly mutual, with file be one-to-one relationship, file map 1 representation file 1, file map 2 representation files 2 ..., file map N representation file N.Application program operation file reflection will practical operation arrive corresponding file, as the reflection 1 that opens file, and the file of finally opening is a file 1; If deleted file reflection 1, file map 1 corresponding file 1 also will be deleted.
The relation of file protection device and file is: the file protection device is that a class file is protected; protected file has identical or close attribute; therefore file and file protection device are not to concern one to one, may the corresponding file protection device of a plurality of files.The file protection device is a binary file, move in system, and the main index of file described here also can be protected binary file according to file.
In the present invention, the interaction of above-mentioned three kinds of files realizes that by the document control mapper document control mapper is positioned at the control module of movable storage device.When the user thinks operation file N, if operation corresponding file reflection N, because file map N is visible to the user.The document control mapper can directly read the memory location at the pairing file N of file map N place after the operation requests that receives file map N, and whether decision triggers the corresponding file protector according to relating attribute.After the document control mapper triggered the file protection device, the file protection device can be the running environment of file build safety prior to running paper.Like this, file promptly is placed in the protected environment, thereby has got rid of the danger that file is destroyed by illegal program in by the process with visit, guarantees safety of files.
Referring to Fig. 2, Fig. 2 is that file of the present invention, file protection device and file map are by the interactional synoptic diagram of document control mapper.Among Fig. 2, what solid line was represented is that data flow to movable storage device from application program, and what dotted line was represented is that data flow to application program from movable storage device.Whole process comprises the steps:
Step 201: since visible to the user be file map, and file is invisible for the user, when the user needs access file N, sends the order of visit corresponding file reflection N, indication document control mapper operation file reflection.
Step 202: the document control mapper is indicated according to this, searches corresponding file map N, and the video order of N of operation file is sent to file map N.
Step 203: file map N receives order, returns solicit operation file N to the document control mapper.
After this, if be pre-existing in file N corresponding file protector N, then file protection device N will be activated prior to file N, for the visit of file N provides safe environment.Be step 204~step 208: the document control mapper is startup file N corresponding file protector N at first, transfers the content of file N afterwards, access file N success.
If corresponding file protector N does not exist, then the document control mapper can report main frame this access file failure.
In the present invention, the file protection device can also be used for after startup, requires user's input validation information, judges according to the affirmation information of user's input whether this user is allowed to open file, when allowing, and circular document control mapper.
In the movable storage device that the present invention proposes, in the hidden area of storage unit, store device management module, invisible to the user.Device management module and is set up passage with the document control mapper after movable storage device inserts main frame or user's operation when this device management module is operated.File is not shielded in original state; safety requirements according to file; when needs are given the file dynamic protection; device management module writes file the hidden area of movable storage device; and generate this document corresponding file reflection in the general area of movable storage device storage unit; the file map that generates has filename identical with agent-protected file and extension name, meets user's operating habit like this, is convenient to the later operational administrative of user.In addition, device management module also with the acting in conjunction of document control mapper, guarantee the synchronous operation of file protection device and file.
The embodiment of the invention also proposes a kind of method of file access, comprising:
The document control mapper receives the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module;
Device management module is according to described startup command startup file protector; The application program of file protection device monitoring access file guarantees the security of file access process;
Document control mapper controlling application program is visited described file map corresponding file.
May further include before this method: device management module is set up passage with described document control mapper after movable storage device inserts main frame or user's operation when this device management module is operated.
This method may further include: device management module and the acting in conjunction of document control mapper guarantee the synchronous operation of file protection device and respective file.
Because file is not shielded in original state, therefore can further include before said method: device management module writes movable storage device with file, generates described file corresponding file reflection.
In the said method, after the device management module startup file protector, and before the application program of file protection device monitoring access file, may further include:
The file protection device judges according to the affirmation information of user's input whether described user is allowed to open file, when allowing, and circular document control mapper.
Below introduce in detail process according to the inventive method access file, referring to Fig. 3, Fig. 3 is the method flow diagram of embodiment of the invention access file.This method comprises:
Step 301: the user initiates the request of access file during by the host access file.It is emphasized that herein " file " is the general name of ordinary file and file map (file map can be regarded a kind of special file as).
Step 302: the document control mapper judges that the file of this visit is ordinary file or file map, concrete mode is: can comprise character string specific and that generally can not occur in ordinary file in advance in file map, as " 0X0a0a0B0B ", by judging that whether comprising this specific character string in this document judges that this document is ordinary file or file map, that is: when not comprising specific character string, what judge the requirement visit is file, execution in step 303; When comprising specific character string, what judge the requirement visit is file map, execution in step 304.
Step 303: according to way conventional in the prior art,, directly open file, finish current flow process as adopting the reading order of SCSI.
Step 304: the document control mapper is searched the pairing file protection device of this document reflection respective file, if the corresponding file protector exists, then execution in step 305; If the corresponding file protector does not exist, then this visit failure of file map device report main frame finishes current flow process.
Step 305: the document control mapper sends the order that starts described file protection device, and (device management module has moved on main frame when movable storage device inserts main frame to device management module; and initiatively set up passage with the document control mapper), device management module is according to described startup command startup file protector.
Step 306: after the file protection device starts; can require user's input validation information; affirmation information according to user's input judges whether this user is allowed to open file; when allowing; the document control mapper of notice movable storage device; file content is mapped to file map, and the identifier of the application program that opens file is sent to the document control mapper, guarantee correctly opening of file.
Step 307: document control mapper load document, file access success.
As fully visible, movable storage device and file access method that the embodiment of the invention proposes, in movable storage device, preserve file, file protection device and file map, and document control mapper and device management module are set in movable storage device, be used to coordinate and manage this three kinds of entities; Because having only file map is visible to the user; can only operate at corresponding file during the user capture file; and user's operation file reflection is understood at first startup file protector, by the application program of file protection device monitoring access file, thus the security of assurance file access process.Device management module also with the acting in conjunction of document control mapper, guarantee the synchronous operation of file protection device and respective file.In addition, in the present invention, the memory module of movable storage device is divided into general area and hidden area, general area storage file reflection, to the user as seen; Hidden area storage file and file protection device; invisible to the user; and; the hidden area generally is in protected state; be used for conducting interviews by special purpose interface, therefore under static state, illegal program does not know how to visit the hidden area; also just can't revise and destroy the file in the hidden area, guarantee safety of files.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to and replace and improvement etc., all should be included within protection scope of the present invention.
Claims (12)
1, a kind of movable storage device is characterized in that, described movable storage device comprises:
The document control mapper is used to receive the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module; Also be used for controlling application program and visit described file map corresponding file;
Device management module is used for according to described startup command startup file protector;
The file protection device is used to monitor the application program of access file, guarantees the security of file access process; Described file protection device moves prior to respective file;
File map is used to preserve the access attribute information of respective file.
2, movable storage device according to claim 1 is characterized in that, described document control mapper is positioned at the control module of movable storage device.
3, movable storage device according to claim 1 is characterized in that, described device management module is set up passage with described document control mapper after movable storage device inserts main frame or user's operation when described device management module is operated; Described device management module is stored in the hidden area of movable storage device storage unit, and is invisible to the user.
According to claim 1 or 3 described movable storage devices, it is characterized in that 4, described device management module also is used for and the acting in conjunction of described document control mapper, guarantee the synchronous operation of file protection device and respective file.
According to claim 1 or 3 described movable storage devices, it is characterized in that 5, described device management module also is used for file is write movable storage device, generate described file corresponding file reflection.
6, movable storage device according to claim 1 is characterized in that, described file protection device is used for also judging according to the affirmation information of user's input whether described user is allowed to open file that when allowing, circular document is controlled mapper.
7, movable storage device according to claim 1 is characterized in that, described file protection device is stored in the hidden area of movable storage device storage unit, and is invisible to the user;
Described file map is stored in the general area of movable storage device storage unit, to the user as seen;
The file of described visit is stored in the hidden area of movable storage device storage unit, and is invisible to the user; The content of described file dynamically is mapped to file map.
8, a kind of method of file access is characterized in that, described method comprises:
The document control mapper receives the request of user capture file map, and locating file corresponding file protector sends the order that starts described file protection device to device management module;
Device management module is according to described startup command startup file protector; The application program of file protection device monitoring access file guarantees the security of file access process;
Document control mapper controlling application program is visited described file map corresponding file.
9, method according to claim 8, it is characterized in that, further comprise before the described method: device management module is set up passage with described document control mapper after movable storage device inserts main frame or user's operation when described device management module is operated.
10, method according to claim 8 is characterized in that, described method further comprises: described device management module and the acting in conjunction of document control mapper guarantee the synchronous operation of file protection device and respective file.
11, method according to claim 8 is characterized in that, further comprise before the described method: described device management module writes movable storage device with file, generates described file corresponding file reflection.
12, method according to claim 8 is characterized in that, after the described device management module startup file protector, and further comprises before the application program of file protection device monitoring access file:
The file protection device judges according to the affirmation information of user's input whether described user is allowed to open file, when allowing, and circular document control mapper.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102221770A CN101350034B (en) | 2008-09-10 | 2008-09-10 | Mobile memory apparatus and method for visiting file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102221770A CN101350034B (en) | 2008-09-10 | 2008-09-10 | Mobile memory apparatus and method for visiting file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101350034A true CN101350034A (en) | 2009-01-21 |
| CN101350034B CN101350034B (en) | 2012-05-23 |
Family
ID=40268825
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008102221770A Expired - Fee Related CN101350034B (en) | 2008-09-10 | 2008-09-10 | Mobile memory apparatus and method for visiting file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101350034B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479307A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Mobile device and video file hiding method of mobile device |
| CN104137114A (en) * | 2012-02-03 | 2014-11-05 | 苹果公司 | Centralized operation management |
| CN105488436A (en) * | 2015-12-25 | 2016-04-13 | 北京奇虎科技有限公司 | Mobile storage equipment access method and device |
| CN106529261A (en) * | 2016-10-25 | 2017-03-22 | 公安部第三研究所 | UKey and method used for synchronization of offline business data |
| CN111428272A (en) * | 2020-04-21 | 2020-07-17 | 深圳融安网络科技有限公司 | Secure access method and device of mobile storage device and storage medium |
| CN114186280A (en) * | 2022-02-14 | 2022-03-15 | 统信软件技术有限公司 | File access method, computing device and readable storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100464313C (en) * | 2005-05-20 | 2009-02-25 | 联想(北京)有限公司 | Mobile memory device and method for accessing encrypted data in mobile memory device |
| CN1794210A (en) * | 2006-01-05 | 2006-06-28 | 北京中讯锐尔科技有限公司 | Data safety storage and processing method of mobile storage equipment |
| CN100464315C (en) * | 2006-05-22 | 2009-02-25 | 中国软件与技术服务股份有限公司 | Mobile memory divulgence protection method and system |
-
2008
- 2008-09-10 CN CN2008102221770A patent/CN101350034B/en not_active Expired - Fee Related
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479307A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Mobile device and video file hiding method of mobile device |
| CN104137114A (en) * | 2012-02-03 | 2014-11-05 | 苹果公司 | Centralized operation management |
| CN104137114B (en) * | 2012-02-03 | 2017-03-08 | 苹果公司 | Centralized operation management |
| US10122759B2 (en) | 2012-02-03 | 2018-11-06 | Apple Inc. | Centralized operation management |
| CN105488436A (en) * | 2015-12-25 | 2016-04-13 | 北京奇虎科技有限公司 | Mobile storage equipment access method and device |
| CN105488436B (en) * | 2015-12-25 | 2019-05-10 | 北京奇虎科技有限公司 | A kind of movable storage device access method and device |
| CN106529261A (en) * | 2016-10-25 | 2017-03-22 | 公安部第三研究所 | UKey and method used for synchronization of offline business data |
| CN111428272A (en) * | 2020-04-21 | 2020-07-17 | 深圳融安网络科技有限公司 | Secure access method and device of mobile storage device and storage medium |
| CN111428272B (en) * | 2020-04-21 | 2023-06-06 | 深圳融安网络科技有限公司 | Secure access method and device for mobile storage device and storage medium |
| CN114186280A (en) * | 2022-02-14 | 2022-03-15 | 统信软件技术有限公司 | File access method, computing device and readable storage medium |
| CN114186280B (en) * | 2022-02-14 | 2022-05-20 | 统信软件技术有限公司 | File access method, computing device and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101350034B (en) | 2012-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4806557B2 (en) | Storage device and computer system for managing logs | |
| JP4578119B2 (en) | Information processing apparatus and security ensuring method in information processing apparatus | |
| CN101350034B (en) | Mobile memory apparatus and method for visiting file | |
| CN112269547B (en) | Active and controllable hard disk data deleting method and device without operating system | |
| JP2017126314A (en) | Computer program, secret management method, and system | |
| WO2008063384A2 (en) | Systems and methods for document control using public key encryption | |
| US9639713B2 (en) | Secure endpoint file export in a business environment | |
| CN100419620C (en) | Method for command interaction and two-way data transmission on USB mass storage equipment by program and USB mass storage equipment | |
| JP4806751B2 (en) | File access destination control apparatus, method and program thereof | |
| JP2007183703A (en) | Storage device preventing falsification of data | |
| CN100447765C (en) | Mapping method for mobile memory device | |
| EP2081127A1 (en) | Controller for controlling logical volume-related settings | |
| JP4585925B2 (en) | Security design support method and support device | |
| KR20150027567A (en) | Integrated document management system | |
| CN102280134B (en) | Method for improving data security in removable storage device | |
| CN114756841A (en) | Personal private disk system and management method based on Windows virtual folder technology | |
| CN100424650C (en) | Method and device for saving and restoring application environment of personal information in computer | |
| KR102615556B1 (en) | Security system and method for real-time encryption or decryption of data using a key management server | |
| KR20130079004A (en) | Mobile data loss prevention system and method for providing virtual security environment using file system virtualization on smart phone | |
| JP4807289B2 (en) | Information processing apparatus, file processing method, and program | |
| US11874954B2 (en) | Electronic data management device, electronic data management system, and non-transitory computer-readable recording medium | |
| JP2021174432A (en) | Electronic data management method, electronic data management device, and program and storage medium for the same | |
| JP5047664B2 (en) | Electronic document management apparatus, computer program, and electronic document management method | |
| JP2010072885A (en) | Data management method for electronic computer and program therefor | |
| CN112988672B (en) | User data protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: CHINA POTEVIO CO., LTD. Free format text: FORMER OWNER: PUTIAN IT TECH INST CO., LTD. Effective date: 20130917 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20130917 Address after: 100080, No. two, 2 street, Zhongguancun Electronic Science and Technology Park, Beijing Patentee after: CHINA POTEVIO CO.,LTD. Address before: 100080 Beijing, Haidian, North Street, No. two, No. 6, No. Patentee before: PETEVIO INSTITUTE OF TECHNOLOGY Co.,Ltd. |
|
| ASS | Succession or assignment of patent right |
Owner name: PUTIAN IT TECH INST CO., LTD. Free format text: FORMER OWNER: CHINA POTEVIO CO., LTD. Effective date: 20131202 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20131202 Address after: 100080 Beijing, Haidian, North Street, No. two, No. 6, No. Patentee after: PETEVIO INSTITUTE OF TECHNOLOGY Co.,Ltd. Address before: 100080, No. two, 2 street, Zhongguancun Electronic Science and Technology Park, Beijing Patentee before: CHINA POTEVIO CO.,LTD. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120523 Termination date: 20210910 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |