CN101894242B - System and method for protecting information safety of mobile electronic equipment - Google Patents
System and method for protecting information safety of mobile electronic equipment Download PDFInfo
- Publication number
- CN101894242B CN101894242B CN2010102062856A CN201010206285A CN101894242B CN 101894242 B CN101894242 B CN 101894242B CN 2010102062856 A CN2010102062856 A CN 2010102062856A CN 201010206285 A CN201010206285 A CN 201010206285A CN 101894242 B CN101894242 B CN 101894242B
- Authority
- CN
- China
- Prior art keywords
- file
- user
- mobile electronic
- electronic device
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a system and a method for protecting information safety of mobile electronic equipment. The system comprises a management center, an encryption and authentication unit and an authentication tool, wherein the encryption and authentication unit is arranged in the mobile electronic equipment; the authentication tool is connected with the mobile electronic equipment when used; the authentication tool comprises identity information and permission information of a user; the management center is used for setting the permission of the authentication tool of each user and writing the permission into the corresponding authentication tool; the encryption and authentication unit comprises a file encryption module, a file decryption module and an internal authentication module; and the internal authentication module sends a request to the management center or the authentication tool, acquires commands, and allows the user having the permission to use an encrypted file. The system and the method for protecting the information safety of the mobile electronic equipment can be convenient for employees to normally do extra work under an intranet environment or without the intranet and to normally use notebook computers to deal with private affairs or enjoy entertainment functions under certain conditions.
Description
Technical field
The invention belongs to field of information security technology, relate to a kind of information safety protection system, relate in particular to a kind of information safety of mobile electronic equipment protection system; Simultaneously, the invention still further relates to a kind of information safety of mobile electronic equipment guard method.
Background technology
Along with the development of infotech, increasing enterprises and institutions adopt electronic technology to handle day-to-day work, and increasing file exists with the electronic document mode.Adopt the electronic document mode to store data and have advantages such as efficient height, cost are low, convenient transfer.But simultaneously, use electronic document mode storage data to increase the risk that information is abused, for example employee's job-hopping, corporate espionage etc.
In the face of this type of risk, enterprises and institutions can manage desktop machine through technology or system means in Intranet, isolate, use that such as sealing USB port, intranet and extranet encryption software is forced to encrypt etc.Because easy to carry, the mobile office of notebook is characteristics easily, determined its necessity that exists in intra-company, management has brought the very aspect of inconvenience but this is also to Intranet:
If adopt the management method of similar desktop computer, do not exist the risk of information loss this moment, but greatly limited the functions of use of notebook computer, the necessity of having strangled notebook computer to exist;
Force to encrypt if to notebook computer encryption software adopt to be installed, the employee can only be used for handling company affair, and the amusement function of notebook has just been lost and the employee can not be used for handling the private matters so;
If notebook computer is installed encryption software and is forced encryption; If the user surpasses its Preset Time outside service time; The user can not normally use encrypt file so, can not normally obtain new mandate (must pass through third party's instrument etc.) this moment;
Encrypt and do not carry away and encrypt (through in the Intranet environment, realizing) if only adopt with the authentication of administrative center in intra-company, this moment again not the aspect employee use encrypt file, be not easy to the employee and work overtime in the company outside or operate.
Summary of the invention
Technical matters to be solved by this invention is: a kind of information safety of mobile electronic equipment protection system is provided; Can make things convenient for employee's normal overtime in Intranet or disengaging Intranet environment, can normally use notebook computer to handle private matters or enjoyment amusement function simultaneously under certain condition again.
In addition; The present invention also provides a kind of information safety of mobile electronic equipment guard method; Can make things convenient for employee's normal overtime in Intranet or disengaging Intranet environment, can normally use notebook computer to handle private matters or enjoyment amusement function simultaneously under certain condition again.
For solving the problems of the technologies described above, the present invention adopts following technical scheme:
A kind of information safety of mobile electronic equipment protection system, said system comprise administrative center, are arranged at the encrypting and authenticating unit in the said mobile electronic device, the authentication instrument that is connected with mobile electronic device when using;
Said authentication instrument comprises user's identity information, rights of using information;
Said administrative center is in order to setting the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument;
Said encrypting and authenticating unit comprises:
-file encryption module in order to execute the file encryption operation, is carried out encipherment protection to enactment document;
-file decryption module in order to automatically file decryption is arrived internal memory through the backstage, does not influence the encrypted state of file on disk;
-internal authentication module in order to send request and to obtain order to administrative center or authentication instrument, allows the user with rights of using to use encrypt file; If no rights of using then can't be used encrypt file, but can use non-encrypted file.
As a kind of preferred version of the present invention, when said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device;
When said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
As a kind of preferred version of the present invention, said encrypting and authenticating unit further comprises logger module, is used for the file operation of recording user on this mobile electronic device, comprise newly-built, copy, move, rename and deletion action.
As a kind of preferred version of the present invention, said administrative center comprises:
User management module in order to carry out different settings to user or user group, makes things convenient for through centralized management that the keeper formulates in real time, the strategy of differentiation;
User identification module in order to the information through online collection user, is used for the identity of verified users and policy information is issued to the formulation user;
Authentication tool management module is provided with authentication instrument rights of using to the user, and said rights of using comprise service time, deciphering, and setting is exported as destination file;
Log query and administration module, searching and managing person's system's setting and user management operation, authorized operation, and the user is to the file operation of mobile electronic device.
As a kind of preferred version of the present invention, said user rs authentication instrument comprises:
Identification module in order to judge according to the user's name of the inside embedding and the title of encrypting and authenticating unit client, is realized corresponding one by one;
The control of authority module, the use of controlling client in order to the cycle that writes according to the inside and control of authority.
The information safety protecting method of a kind of above-mentioned information safety protection system, said method comprises the steps:
The file encryption-decryption step: the file encryption module is executed the file encryption operation, carries out encipherment protection to enactment document; The file decryption module arrives internal memory with file decryption automatically through the backstage, does not influence the encrypted state of file on disk;
The authority setting step: said administrative center sets the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument;
When said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device;
When said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
As a kind of preferred version of the present invention, when said mobile electronic device during, connect said administrative center at LAN, can only carry out the pressure cryptographic operation, the setting classified papers that the user handles in setting LAN must pass through the pressure encryption; Said administrative center is arranged in the server; Its step is following:
Said mobile electronic device normally is linked into the setting LAN through legal means, guarantees normally to be communicated with server;
The encrypting and authenticating unit of said mobile electronic device is verified to server through sending authorization information to administrative center;
If mobile electronic device is through checking, can normally use the encrypt file of setting in the LAN this moment; If checking is not passed through, can not use the encrypt file of setting in the LAN;
The user carries out normal running, the encrypted daily record that stays user's operation file in setting LAN simultaneously of file when preserving file.
As a kind of preferred version of the present invention, the user that the control desk at keeper's login management center is authorized needs authorizes, and its concrete steps are following:
Keeper's login management center, the correctness of system verification keeper identity and the opereating specification of its mandate;
The keeper chooses the user who needs mandate, sets its service time and operating right;
System judges that its user whether just at the use certificate instrument, will be provided with information if the authentication instrument is still not out of date and export as destination file; If the authentication instrument is expired or this user use certificate instrument not, then point out keeper's access identity verification tool and information will be set to be written in the authentication instrument;
The keeper sends to the mobile electronic device user with destination file or authentication instrument and stays the detail record of mandate.
As a kind of preferred version of the present invention, when the user carried the mobile electronic device out using, its expection Action Target and open corresponding authority can be judged by system, and its concrete steps are following:
The user opens mobile electronic device and normally opens encryption software (encrypting and authenticating unit) client-side program;
Client judges whether the authentication of normal use instrument is arranged on the mobile electronic device, if any then reading corresponding information; Then do not allow the user to use encrypt file if having, and guarantee the not encrypted protection of file of its operation;
Client judges according to the authentication tool information that reads, and in allowed band, then run user normally reads and operate classified papers like its cycle and authority; If not in its scope, the prompting user upgrades to the keeper and authorizes and get into the pattern that can't use encrypt file;
After entering can be used the pattern of encrypt file, program normal recordings user was to the operation of file, and file is carried out encipherment protection.
Beneficial effect of the present invention is: information safety of mobile electronic equipment protection system and method that the present invention proposes; Can make things convenient for employee's normal overtime in Intranet or disengaging Intranet environment, can normally use notebook computer to handle private matters or enjoyment amusement function simultaneously under certain condition again.Surpass its predetermined period when the user uses the cycle of encryption software outside, the present invention can also provide the solution of new mandate.
Description of drawings
Fig. 1 is a notebook computer client workflow diagram in the LAN.
Fig. 2 is an authorized notebook out using process flow diagram.
Fig. 3 uses the model selection process flow diagram outside for notebook.
Embodiment
Specify the preferred embodiments of the present invention below in conjunction with accompanying drawing.
Embodiment one
See also Fig. 1, the present invention has disclosed a kind of information safety of mobile electronic equipment protection system, and said system comprises administrative center, is arranged at the encrypting and authenticating unit in the said mobile electronic device, the authentication instrument that is connected with mobile electronic device when using.Said mobile electronic device can also can be electronic equipments such as mobile phone, PDA for moving notebook computer.
When said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device.
When said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
Below introduce the composition of each module of the present invention respectively.
[authentication instrument]
Said authentication instrument comprises user's identity information, rights of using information.In the present embodiment, said user rs authentication instrument comprises:
Identification module in order to judge according to the user's name of the inside embedding and the title of client, is realized corresponding one by one;
The control of authority module, the use of controlling client in order to the cycle that writes according to the inside and control of authority.
[administrative center]
Said administrative center is in order to setting the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument.
In the present embodiment, said administrative center comprises:
User management module in order to carry out different settings to user or user group, makes things convenient for through centralized management that the keeper formulates in real time, the strategy of differentiation;
User identification module in order to the information through online collection user, is used for the identity of verified users and policy information is issued to the formulation user;
Authentication tool management module is provided with authentication instrument rights of using to the user, and said rights of using comprise service time, deciphering, and setting is exported as destination file;
Log query and administration module, searching and managing person's system's setting and user management operation, authorized operation, and the user is to the file operation of mobile electronic device.
[encrypting and authenticating unit]
Said encrypting and authenticating unit comprises:
-file encryption module in order to execute the file encryption operation, is carried out encipherment protection to enactment document;
-file decryption module in order to automatically file decryption is arrived internal memory through the backstage, does not influence the encrypted state of file on disk;
-internal authentication module in order to send request and to obtain order to administrative center or authentication instrument, allows the user with rights of using to use encrypt file; If no rights of using then can't be used encrypt file, but can use non-encrypted file.
-logger module is used for the file operation of recording user on this mobile electronic device, comprise newly-built, copy, move, rename and deletion action.
More than introduced information safety of mobile electronic equipment protection system of the present invention; The present invention is when disclosing above-mentioned information safety of mobile electronic equipment protection system; Also disclose the information safety protecting method of above-mentioned information safety protection system, said method comprises the steps:
-file encryption-decryption step: the file encryption module is executed the file encryption operation, carries out encipherment protection to enactment document; The file decryption module arrives internal memory with file decryption automatically through the backstage, does not influence the encrypted state of file on disk;
-authority setting step: said administrative center sets the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument;
-when said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device;
-when said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
When said mobile electronic device during at LAN, connect said administrative center, can only carry out the pressure cryptographic operation, the setting classified papers that the user handles in setting LAN must pass through the pressure encryption; Said administrative center is arranged in the server; Its step is following:
-said mobile electronic device normally is linked into the setting LAN through legal means, guarantees normally to be communicated with server;
The encrypting and authenticating unit of-said mobile electronic device is verified to server through sending authorization information to administrative center;
If-mobile electronic device is through checking, can normally use the encrypt file of setting in the LAN this moment; If checking is not passed through, can not use the encrypt file of setting in the LAN;
-user carries out normal running, the encrypted daily record that stays user's operation file in setting LAN simultaneously of file when preserving file.
Said method further comprises: the user that the control desk at keeper's login management center is authorized needs authorizes, and its concrete steps are following:
-keeper login management center, the correctness of system verification keeper identity and the opereating specification of its mandate;
-keeper chooses the user who needs mandate, sets its service time and operating right;
-system judges that its user whether just at the use certificate instrument, will be provided with information if the authentication instrument is still not out of date and export as destination file; If the authentication instrument is expired or this user use certificate instrument not, then point out keeper's access identity verification tool and information will be set to be written in the authentication instrument;
-keeper sends to the mobile electronic device user with destination file or authentication instrument and stays the detail record of mandate.
When the user carried the mobile electronic device out using, its expection Action Target and open corresponding authority can be judged by system, and its concrete steps are following:
-user opens mobile electronic device and normally opens the encryption software client-side program;
-client judges whether the authentication of normal use instrument is arranged on the mobile electronic device, if any then reading corresponding information; Then do not allow the user to use encrypt file if having, and guarantee the not encrypted protection of file of its operation;
-client judges according to the authentication tool information that reads, and in allowed band, then run user normally reads and operate classified papers like its cycle and authority; If not in its scope, the prompting user upgrades to the keeper and authorizes and get into the pattern that can't use encrypt file;
-get into can use the pattern of encrypt file after, program normal recordings user is to the operation of file, and file is carried out encipherment protection.
In sum; Information safety of mobile electronic equipment protection system and method that the present invention proposes; Can make things convenient for employee's normal overtime in Intranet or disengaging Intranet environment, can normally use notebook computer to handle private matters or enjoyment amusement function simultaneously under certain condition again.Surpass its predetermined period when the user uses the cycle of encryption software outside, the present invention can also provide the solution of new mandate.
Embodiment two
In intra-company; The employee can not handle the private matters or use notebook to carry out amusement; Can only carry out the pressure cryptographic operation this moment; The employee must pass through the pressure encryption at the file that relates to company's vital strategic secrets that intra-company handles, and prevents that the employee from letting out core document through the mode of initiatively divulging a secret.Its step is following:
1) employee normally is linked into company Intranet the inside through legal means, guarantees normally to lead to server ping;
2) client on the notebook computer is verified to server through send authorization informations such as username and password to administrative center;
3) if notebook computer through checking, can normally use the encrypt file of enterprises at this moment; If checking is not passed through, can not use in-company agent-protected file;
4) employee normally operates, the encrypted daily record that stays the employee at intra-company's operation file simultaneously of file when preserving file.
The keeper can login personnel that control desk works overtime to needs and carry out authentication instrument (EKEY) and authorize, and its concrete steps are following:
1) keeper logins control center, the correctness of system verification keeper identity and the opereating specification of its mandate;
2) keeper chooses the user that need use EKEY outside, sets its service time and operating right;
3) system judges whether its user is using EKEY (time is not out of date), if EKEY is still not out of date information will be set and export as destination file; If EKEY is expired or this user does not use EKEY, then point out the keeper to insert EKEY and the information that will be provided with is written to EKEY the inside;
4) keeper sends to the notebook computer user with destination file or EKEY and stays the detail record of mandate.
When the user carried the notebook computer out using, its expection Action Target and open corresponding authority can be judged by system, and its concrete steps are following:
1) user opens computer and normally opens the encryption software client-side program;
2) client is judged the EKEY whether normal use is arranged on the notebook computer, if any then reading corresponding information; If do not have and then not carry out entertainment mode, do not allow the user to use encrypt file and guarantee the not encrypted protection of file of its operation;
3) client is judged according to the EKEY information that reads, and in allowed band, then run user normally reads and operate agent-protected file like its cycle and authority; If not in its scope, the prompting user upgrades to the keeper and authorizes and get into entertainment mode;
4) get into mode of operation after, program normal recordings user is to the operation of file, and file is carried out encipherment protection.
The present invention has also disclosed the information safety of mobile electronic equipment protection system when disclosing said method, this system comprises encryption software program, administrative center, user identity identification instrument (being the authentication instrument).Below disclose each ingredient respectively.
Wherein, the encryption software program comprises:
I, file encryption module: computer is executed the file encryption operation after encryption software is installed, and protects to in-company core document;
II, file decryption module: automatically file decryption is arrived internal memory through the backstage, do not influence user's use, do not influence the encrypted state of file on disk simultaneously;
III, internal authentication module: be used for the order etc. of sending request and obtaining administrative center to administrative center or other authentication instruments (EKEY etc.);
IV, logger module: be used for the file operation of recording user on this computer (newly-built, copy, move, rename and operation such as deletion).
Wherein, administrative center comprises:
I, user management module: carry out different settings to user or group, make things convenient for through centralized management that the keeper formulates in real time, the strategy of differentiation;
II, user identification module:, be used for the identity of verified users and policy information is issued to the formulation user through online collection user's information;
III, EKEY administration module: can the EKEY rights of using be set to the user,, and can setting be exported as destination file like time, deciphering etc.;
IV, log query and administration module: searching and managing person's system's setting and user management operation, keeper EKEY Authorized operation, and the file operation of user customer notebook computer etc.
Wherein, the user identity identification instrument comprises:
I, identification module: can judge according to the user's name of the inside embedding and the title of client, realize corresponding one by one;
II, control of authority module: the use that client is controlled in cycle that can write according to the inside and control of authority.
Here description of the invention and application is illustrative, is not to want with scope restriction of the present invention in the above-described embodiments.Here the distortion of the embodiment that is disclosed and change are possible, and the replacement of embodiment is known with the various parts of equivalence for those those of ordinary skill in the art.Those skilled in the art are noted that under the situation that does not break away from spirit of the present invention or essential characteristic, and the present invention can be with other form, structure, layout, ratio, and realize with other assembly, material and parts.Under the situation that does not break away from the scope of the invention and spirit, can carry out other distortion and change here to the embodiment that is disclosed.
Claims (8)
1. information safety of mobile electronic equipment protection system is characterized in that: said system comprises administrative center, is arranged at the encrypting and authenticating unit in the said mobile electronic device, the authentication instrument that is connected with mobile electronic device when using;
Said authentication instrument comprises user's identity information, rights of using information;
Said administrative center is in order to setting the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument;
Said encrypting and authenticating unit comprises:
-file encryption module in order to execute the file encryption operation, is carried out encipherment protection to enactment document;
-file decryption module in order to automatically file decryption is arrived internal memory through the backstage, does not influence the encrypted state of file on disk;
-internal authentication module in order to send request and to obtain order to administrative center or authentication instrument, allows the user with rights of using to use encrypt file; If no rights of using then can't be used encrypt file, but can use non-encrypted file;
When said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device;
When said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
2. information safety of mobile electronic equipment protection system according to claim 1 is characterized in that:
Said encrypting and authenticating unit further comprises logger module, is used for the file operation of recording user on this mobile electronic device, comprise newly-built, copy, move, rename and deletion action.
3. information safety of mobile electronic equipment protection system according to claim 1 is characterized in that:
Said administrative center comprises:
User management module in order to carry out different settings to user or user group, makes things convenient for through centralized management that the keeper formulates in real time, the strategy of differentiation;
User identification module in order to the information through online collection user, is used for the identity of verified users and policy information is issued to the formulation user;
Authentication tool management module is provided with authentication instrument rights of using to the user, and said rights of using comprise service time, deciphering, and setting is exported as destination file;
Log query and administration module, searching and managing person's system's setting and user management operation, authorized operation, and the user is to the file operation of mobile electronic device.
4. information safety of mobile electronic equipment protection system according to claim 1 is characterized in that:
Said user rs authentication instrument comprises:
Identification module in order to judge according to the user's name of the inside embedding and the title of encrypting and authenticating unit client, is realized corresponding one by one;
The control of authority module, the use of controlling client in order to the cycle that writes according to the inside and control of authority.
5. the information safety protecting method of the said information safety protection of one of claim 1 to 4 system is characterized in that, said method comprises the steps:
The file encryption-decryption step: the file encryption module is executed the file encryption operation, carries out encipherment protection to enactment document; The file decryption module arrives internal memory with file decryption automatically through the backstage, does not influence the encrypted state of file on disk;
The authority setting step: said administrative center sets the rights of using of each subscriber authentication instrument, and rights of using are write in the corresponding authentication instrument;
When said mobile electronic device connects said administrative center, through the encrypting and authenticating unit of administrative center's control mobile electronic device;
When said mobile electronic device was not connected with said administrative center, said information safety protection system had judged whether that effective authentication instrument connects; If have,, allow respective user to use encrypt file then through the encrypting and authenticating unit of authentication instrument control mobile electronic device; If do not have, then can't use encrypt file, but can use non-encrypted file.
6. information safety protecting method according to claim 5 is characterized in that:
When said mobile electronic device during at LAN, connect said administrative center, can only carry out the pressure cryptographic operation, the setting classified papers that the user handles in setting LAN must pass through the pressure encryption;
Said administrative center is arranged in the server; Its step is following:
Said mobile electronic device normally is linked into the setting LAN through legal means, guarantees normally to be communicated with server;
The encrypting and authenticating unit of said mobile electronic device is verified to server through sending authorization information to administrative center;
If mobile electronic device is through checking, can normally use the encrypt file of setting in the LAN this moment; If checking is not passed through, can not use the encrypt file of setting in the LAN;
The user carries out normal running, the encrypted daily record that stays user's operation file in setting LAN simultaneously of file when preserving file.
7. information safety protecting method according to claim 5 is characterized in that:
The user that the control desk at keeper's login management center is authorized needs authorizes, and its concrete steps are following:
Keeper's login management center, the correctness of system verification keeper identity and the opereating specification of its mandate;
The keeper chooses the user who needs mandate, sets its service time and operating right;
System judges that its user whether just at the use certificate instrument, will be provided with information if the authentication instrument is still not out of date and export as destination file; If the authentication instrument is expired or this user use certificate instrument not, then point out keeper's access identity verification tool and information will be set to be written in the authentication instrument;
The keeper sends to the mobile electronic device user with destination file or authentication instrument and stays the detail record of mandate.
8. information safety protecting method according to claim 5 is characterized in that:
When the user carried the mobile electronic device out using, its expection Action Target and open corresponding authority can be judged by system, and its concrete steps are following:
The user opens mobile electronic device and normally opens the encryption software client-side program;
Client judges whether the authentication of normal use instrument is arranged on the mobile electronic device, if any then reading corresponding information; Then do not allow the user to use encrypt file if having, and guarantee the not encrypted protection of file of its operation;
Client judges according to the authentication tool information that reads, and in allowed band, then run user normally reads and operate classified papers like its cycle and authority; If not in its scope, the prompting user upgrades to the keeper and authorizes and get into the pattern that can't use encrypt file;
After entering can be used the pattern of encrypt file, program normal recordings user was to the operation of file, and file is carried out encipherment protection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102062856A CN101894242B (en) | 2010-06-22 | 2010-06-22 | System and method for protecting information safety of mobile electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102062856A CN101894242B (en) | 2010-06-22 | 2010-06-22 | System and method for protecting information safety of mobile electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101894242A CN101894242A (en) | 2010-11-24 |
| CN101894242B true CN101894242B (en) | 2012-07-18 |
Family
ID=43103432
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102062856A Expired - Fee Related CN101894242B (en) | 2010-06-22 | 2010-06-22 | System and method for protecting information safety of mobile electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101894242B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102034059B (en) * | 2010-12-02 | 2013-09-04 | 东莞宇龙通信科技有限公司 | Method and device for managing application program and terminal |
| CN102281281A (en) * | 2011-05-27 | 2011-12-14 | 无锡华御信息技术有限公司 | Intelligent device access and authority control method in wireless network environment |
| CN102789563A (en) * | 2012-07-19 | 2012-11-21 | 无锡华御信息技术有限公司 | Protecting system for information safety of website background program and protecting method thereof |
| CN103401864A (en) * | 2013-07-30 | 2013-11-20 | 东莞宇龙通信科技有限公司 | Terminal and safe login method |
| CN104125223B (en) * | 2014-07-22 | 2017-07-21 | 浪潮电子信息产业股份有限公司 | A kind of security protection system of mobile device private data |
| CN110581832A (en) * | 2018-06-11 | 2019-12-17 | 鸿富锦精密工业(武汉)有限公司 | Interface data transmission method and electronic equipment thereof |
| CN109871426B (en) * | 2018-12-18 | 2021-08-10 | 国网浙江桐乡市供电有限公司 | Method for monitoring and identifying confidential data |
| CN109885989A (en) * | 2018-12-29 | 2019-06-14 | 航天信息股份有限公司 | A kind of method and system carrying out user authority management based on encryption lock |
| CN111611565A (en) * | 2020-05-11 | 2020-09-01 | 叶春林 | Autonomous reaching type safety verification system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1553349A (en) * | 2003-05-29 | 2004-12-08 | 联想(北京)有限公司 | Safety chip and information safety processor and processing method |
| CN101079090A (en) * | 2007-07-02 | 2007-11-28 | 北京飞天诚信科技有限公司 | Apparatus for reproducing personal application environment |
| CN101106455A (en) * | 2007-08-20 | 2008-01-16 | 北京飞天诚信科技有限公司 | Identity authentication method and intelligent secret key device |
| CN101159754A (en) * | 2007-09-28 | 2008-04-09 | 李华 | Internet application management system operating on intelligent mobile terminal |
-
2010
- 2010-06-22 CN CN2010102062856A patent/CN101894242B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1553349A (en) * | 2003-05-29 | 2004-12-08 | 联想(北京)有限公司 | Safety chip and information safety processor and processing method |
| CN101079090A (en) * | 2007-07-02 | 2007-11-28 | 北京飞天诚信科技有限公司 | Apparatus for reproducing personal application environment |
| CN101106455A (en) * | 2007-08-20 | 2008-01-16 | 北京飞天诚信科技有限公司 | Identity authentication method and intelligent secret key device |
| CN101159754A (en) * | 2007-09-28 | 2008-04-09 | 李华 | Internet application management system operating on intelligent mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101894242A (en) | 2010-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101894242B (en) | System and method for protecting information safety of mobile electronic equipment | |
| CN100568251C (en) | The guard method of security files under cooperative working environment | |
| CN101572660B (en) | Comprehensive control method for preventing leakage of data | |
| CN103561034B (en) | A kind of secure file shared system | |
| CN101364984B (en) | Method for guarantee safety of electronic file | |
| CN100449561C (en) | Divulging secrets prevention system of USB storage device date based on certificate and transparent encryption technology | |
| CN103530570A (en) | Electronic document safety management system and method | |
| US20050114672A1 (en) | Data rights management of digital information in a portable software permission wrapper | |
| CN103326999A (en) | File safety management system based on cloud service | |
| CN103413100B (en) | File security protection system | |
| CN201682524U (en) | Document transfer authority control system based on document filtering driver | |
| KR20050053569A (en) | Document preservation authority endowment method | |
| TWI499931B (en) | File management system and method | |
| KR101318170B1 (en) | data sharing system using a tablets apparatus and controlling method therefor | |
| CN102799831A (en) | Information safety protection system of application system based on database and information safety protection method | |
| CN112329050A (en) | File security management terminal and system | |
| CN102215214A (en) | Selective-transparent-encryption/decryption-based file protection method and system | |
| CN102667792A (en) | Method and device for accessing files of a secure fileserver | |
| CN107358097A (en) | A kind of method and system in open environment Computer protecting information safety | |
| TWI497342B (en) | Policy group based file protection system, file protection method thereof, and computer readable medium | |
| CN108399341A (en) | A kind of Windows dualized file managing and control systems based on mobile terminal | |
| CN110674538B (en) | Optical disk safety burning monitoring and warning method | |
| KR101315482B1 (en) | Secret information reading service system using by a writer authentication and the control method thereof | |
| TWI381285B (en) | Rights management system for electronic files | |
| CN106650492B (en) | A kind of multiple device file guard method and device based on security catalog |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20101124 Assignee: Wuxi Cinsec Information Technology Co., Ltd. Assignor: Shanghai Cinsec Information Technology Co., Ltd. Contract record no.: 2012320000967 Denomination of invention: System and method for protecting information safety of mobile electronic equipment Granted publication date: 20120718 License type: Exclusive License Record date: 20121009 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170908 Address after: 214125. -20-403, 58 embroidered Road, Binhu District, Binhu District, Jiangsu, Wuxi Patentee after: JIANGSU CINSEC INFORMATION TECHNOLOGY CO., LTD. Address before: 200433, room 1, building 335, No. 6006, National Road, Shanghai, Yangpu District Patentee before: Shanghai Cinsec Information Technology Co., Ltd. |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120718 Termination date: 20190622 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |