CN102195780A - Electronic key system - Google Patents
Electronic key system Download PDFInfo
- Publication number
- CN102195780A CN102195780A CN2010101337476A CN201010133747A CN102195780A CN 102195780 A CN102195780 A CN 102195780A CN 2010101337476 A CN2010101337476 A CN 2010101337476A CN 201010133747 A CN201010133747 A CN 201010133747A CN 102195780 A CN102195780 A CN 102195780A
- Authority
- CN
- China
- Prior art keywords
- service recorder
- user
- authentication
- database
- connects
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an electronic key system, which comprises a user and a personal mobile unit. The user has a connecting port and an identification database, wherein the connecting port is connected with the identification database; and the identification database stores a plurality of identification keys. The personal mobile unit is provided with an identification module storing a login key, and can be connected with the connecting port of the user, so that the identification module is connected with the identification database of the user. The user acquires the login key, and compares the login key with the plurality of identification keys by an identification comparison program. The personal mobile unit is used for providing highly-secure identification operations, and the information security protection is effectively improved.
Description
Technical field
The present invention is about a kind of electron key system, particularly about a kind of electron key system of strengthening information security control and record use situation.
Background technology
Along with popularizing of computer automation system, incident is numerous information security issues, though many important system (for example: Corporate Finance system, personal data system, system of the police or army's method, system etc.) all have personnel's rights management, but conventional cipher is easier to stolen, and in a single day stolen also being not easy realized.
Generally speaking, please refer to shown in Figure 1, the traditional forms of enterprises or company's row number utilize a central gateway 91 to connect a servo driver end 92 (Server) respectively and a plurality of user holds 93 (Users) to carry out various information security controls, to reach the use of concentrating restriction relevant information network.Yet, just present this user holds the trend of 93 mobiles, add the notion of mobile office chamber, the employee uses portable computer to increase in the chance of the central gateway keyholed back plate scope access information of nonbusiness, thus, to cause many Information Access regulations can't effectively continue monitoring, and then cause many information to outflow easily.
Again, in the existing safeguard procedures for intra-company's data, take the central outlets control type mostly at present, it mainly is established in company's network export abroad.Yet the management and control mode of this type can't prevent that the individual from carrying outside after the inner utilization mobile media duplicates data, carries outside after more can't avoiding the inside terminals machine to utilize printer that data are printed, and then causes central keyholed back plate the dead angle to occur.
It is in above-mentioned reason, the variety of problems that it is necessary further to improve information security really and is met with.
Summary of the invention
The objective of the invention is to, solve in the existing information security control technology, can't effectively continue monitor message access and then the technical problem that causes information to outflow easily.
For achieving the above object, the invention provides a kind of electron key system, comprise: user end has a connectivity port and an identity authentication database, this connectivity port connects this identification authentication data storehouse, and this identification authentication data storehouse stores a plurality of authentication gold keys; And people's mobile unit, having identity authentication module storage one and login golden key, this individual's mobile unit can connect the connectivity port of this user's end, so that this authentication module connects the identification authentication data storehouse of this user's end; Wherein, this user holds collection, and this logins golden key, and carries out an authentication comparison program and compare this and login golden key and should the golden keys of a plurality of authentications.
The present invention further provides a kind of electron key system, comprise: a server unit, have an identity authentication database, this identification authentication data storehouse stores a plurality of authentication gold keys; One user end connects this server unit, and has a connectivity port; And people's mobile unit, having identity authentication module storage one and login golden key, this individual's mobile unit can connect the connectivity port of this user's end, so that this authentication module is held the identification authentication data storehouse that connects this server unit by this user; Wherein, this logins golden key this server unit collection, and carries out an authentication comparison program and compare this and login golden key and should the golden keys of a plurality of authentications.
Beneficial effect of the present invention is, utilizes the rights of using of user's end of restricted passage authentication, reaching the effect that promotes protecting information safety, and can reach and continues the effect that keyholed back plate and record use situation.Utilize this authentication module to provide after the authentication operation of high security earlier, this user holds the restriction of manipulating to utilize this information control module to provide respectively again, utilize this information logging modle to write down the respectively use situation of this user's end at any time simultaneously, and then reach the effect of effective lifting protecting information safety.
Description of drawings
Fig. 1 is known information security control system Organization Chart.
Fig. 2 is an electron key system Organization Chart of the present invention.
Fig. 3 is that electron key system of the present invention connects the situation schematic diagram.
Fig. 4 writes down flow chart for the keyholed back plate of logining of electron key system of the present invention.
Fig. 5 is that the service recorder of electron key system of the present invention upgrades flow chart.
Description of reference numerals:
1-server unit; 11-identification authentication data storehouse; 12-information keyholed back plate database; 13-service recorder database; 2-people's mobile unit; The 21-authentication module; 22-information control module; 23-service recorder module; 3-user's end; 31-identification authentication data storehouse; 32-service recorder database; The 4-central gateway; The 91-central gateway; The 92-servo driver end; 93-user's end.
Embodiment
For above-mentioned and other purpose of the present invention, feature and advantage can be become apparent, preferred embodiment of the present invention cited below particularly, and cooperate appended graphicly, be described in detail below:
" connection " of the present invention can comprise modes such as connection of entity circuit or wireless connections, and its detailed connected mode is appreciated that by those skilled in the art.
Please refer to shown in Figure 2ly, the electron key system of preferred embodiment of the present invention mainly for strengthening information security control and record uses situation, effectively promotes protecting information safety, in the hope of improving the problems that present information security meets with.
Electron key system of the present invention utilizes a server unit 1 (Server) to connect a plurality of users respectively by a plurality of individual mobile units 2 and holds 3 (Users) conduct execution framework.This server unit 1 holds 3 individual mobile unit 2 to be connected to each other by a central gateway 4 and this user respectively, at any time gathering respectively for this server unit 1, this user holds 3 operation information, immediate inquiring respectively this user is held 3 use situation, and then can reach the purpose of effective monitoring; And this server unit 1 also can be used as this user and holds the communication conduit between any two ends in 3.This individual's mobile unit 2 except the authentication and rights of using regulation that this user can be provided hold 3 high securities, the security monitoring management that more provides this user to hold 3 operation notes.More in detail, in the present embodiment, respectively should individual's mobile unit 2 preferable utilize a common serial bus joint (USB interface) to be arranged at respectively respectively this user holds 3; Yet this individual's mobile unit 2 also can be connected to this user by other forms of connectivity port and hold 3.This user holds 3 for having the electronic product that this USB interface connectivity port or other forms of connectivity port connect for this individual's mobile unit 2, for example: PC, terminating machine, personal digital assistant or mobile phone etc.
Please refer to Fig. 2 and shown in Figure 3, the server unit 1 of preferred embodiment of the present invention comprises an identity authentication database 11, an information keyholed back plate database 12 and a service recorder database 13.Wherein:
This identification authentication data storehouse 11 a plurality of in order to store " authentications gold keys ", the reference frame of holding 3 login authentications for this user respectively.This information keyholed back plate database 12 connects these identification authentication data storehouses 11, in order to corresponding to respectively should " authentication gold key " storing one " rights of using data " respectively, for the use restriction when respectively this user holds 3 to operate.Wherein, this server unit 1 can increase, deletes or revise this " authentication gold key " at any time newly and reach " rights of using data ", with the various user demands of correspondence.
This service recorder database 13 connects this identification authentication data storehouse 11, in order to corresponding to respectively should " authentication gold key " storing one " service recorder data " respectively, inquires about specific people's service recorder at specific " authentication gold key " for this server unit 1.
Referring again to Fig. 2 and shown in Figure 3, the individual mobile unit 2 of preferred embodiment of the present invention comprises an identity authentication module 21, an information control module 22 and a service recorder module 23.Wherein:
This authentication module 21 connects this identification authentication data storehouse 11, in order to store one " logining golden key ", carries out an authentication comparison program for this identification authentication data storehouse 11.More in detail, utilize this server unit 1 to gather by this central gateway 4 earlier and be somebody's turn to do " logining golden key ", make this identification authentication data storehouse 11 " logining golden key " carry out this authentication comparison program with this a plurality of " authentication gold keys "; Then, through this authentication comparison program and after confirming should " logining golden key " to meet any authentication of these a plurality of " the golden keys of authentication ", promptly allow the user who is connected with this individual's mobile unit 2 to hold 3 to operate.
In other words, be stored in " logining golden key " in this authentication module 21 and can be selected from one of them of these a plurality of " authentication gold keys ", and this authentication comparison program only need be compared this and " logins golden key " any among a plurality of with this " the golden key of authentication " is identical.By this, so for this server unit 1 and respectively this user hold 3 preliminary safeguard function is provided, it has promoted the fail safe of entire system really, and then improves effectively that conventional cipher leaks easily and stolen problem of deriving.
Again, please refer to shown in Figure 3, in another embodiment, respectively this user holds 3 can be provided with an identity authentication database 31, this identification authentication data storehouse 31 also stores these a plurality of " authentication gold keys ", and connect this user at this individual's mobile unit 2 and held 3 o'clock, this identification authentication data storehouse 31 connects this authentication module 21.By this, this user holds 3 also can carry out this authentication comparison program, to confirm any authentication of a plurality of " authentication gold keys " that " logining golden key " among this authentication module 21 whether can be by this identification authentication data storehouse 31, making the present invention not only login in the net territory provides outside the safeguard function, has more supported the safeguard function that unit is logined.
In addition, when this individual's mobile unit 2 breaks away from and this user when holding connection status between 3, this user holds 3 to automatically lock, to forbid that this user holds 3 various user modes, be connected in this user once more up to this individual's mobile unit 2 and hold 3, and hold after 3 the authentication comparison program by this server unit 1 or user once more, this user holds 3 could continue to carry out again.Again, this server unit 1 can be sent to this identification authentication data storehouse 31 with " the authentication gold key " that stores in this identification authentication data storehouse 11 immediately by this central gateway 4, carry out more new element for this identification authentication data storehouse 31, guarantee the correctness of " the authentication gold key " of storage in this identification authentication data storehouse 31.
Referring again to Fig. 2 and shown in Figure 3, this information control module 22 connects this authentication module 21 and information keyholed back plate database 12, in order to according to should " authentication gold key " providing corresponding " rights of using data ", so as to utilize specific " rights of using data " regulation respectively this user hold 3 in data duplicate, network uses or relevant limit such as program execution.For example, should " rights of using data " can hold 3 particular commands, for example: forbid any data are copied in the carry-on dish of USB or any storage facilities, forbid connecting all websites part website of restriction (or forbid connecting), forbid carrying out specific program and forbid that non-essential communications protocol enters this central gateway 4 etc. in order to limit this user.In view of the above, effectively keyholed back plate respectively this user hold 3 use situation, it can reach the effect that promotes protecting information safety really.
In other words, because one of them of this " logining golden key " a plurality of with this " authentication gold keys " is identical, therefore, this information control module 22 stores " authentication gold key " corresponding " rights of using data " identical with this.Thus, when this user holds 3 to be provided with this identification authentication data storehouse 31 for carrying out this authentication comparison program, then no matter whether this user holds 3 to be connected to each other with this server unit 1, this user holds 3 when desire is carried out various command or program, still must be limited according to these " rights of using data ".And, this server unit 1 can be sent to this information control module 22 with up-to-date " rights of using data " immediately by this central gateway 4, for these information control module 22 immediate updatings respectively this user hold 3 use restriction, further reach the effect of lifting information keyholed back plate.
This service recorder module 23 connects this service recorder database 13, should " service recorder data " in order to write down at any time that this user holds 3 all use situations and set up, gathering for this server unit 1 should " service recorder data " and be stored in this service recorder database 13.Wherein, should " service recorder data " comprise this user of record at least and for example hold 3: printer uses situation, the form that all are being opened, the program of carrying out at present, the present network address of browsing, memory to use situation and archives to use situation etc.In view of the above, corresponding " service recorder data " can be gathered according to specific " authentication gold key " in this server unit 1, with inquiry specific people's service recorder.In addition, this server unit 1 more further instantaneous acquiring respectively this user hold 3 picture, this user holds 3 present use situations to understand respectively.
Again, referring again to shown in Figure 3, in another embodiment, respectively this user holds 3 can be provided with a service recorder database 32 simultaneously, and holds 3 o'clock this individual's mobile unit 2 these users of connection, and this service recorder database 32 connects these service recorder modules 23.By this, even this user holds 3 not to be connected with this server unit 1, this user holds 3 still can gather these " service recorder data " and be stored in this service recorder database 32, and hold 3 by this central gateway 4 when being connected with this server unit 1 this user, hold 3 up-to-date " service recorder data " to be sent to this server unit 1 by this user, carry out more new element immediately for this service recorder database 13 from this service recorder database 32.
Please refer to Fig. 3 and shown in Figure 4, when this user holds 3 to desire to login operation, this user holds 3 to judge whether this individual's mobile unit 2 connects with self earlier, if be judged as "Yes", 31 in this identification authentication data storehouse 11 or identification authentication data storehouse are gathered and should " logining golden key " be carried out this authentication comparison program; If be judged as "No", wait for that then this individual's mobile unit 2 and this user hold 3 to connect.
Judging, promptly allow the user who is connected with this individual's mobile unit 2 to hold 3 to login operation, and utilize " the rights of using data " that store in this information control module 22 to stipulate that this user holds 3 use restriction by after this authentication comparison program; Yet, when judging, forbid that this user holds 3 to manipulate not by this authentication comparison program.
Hold 3 to carry out operating period this user, this user holds 3 to judge at any time whether performed order or program violate these " rights of using data ", and when judging that " rights of using data " are somebody's turn to do in violation, forbids that this user holds 3 to carry out; Again and, this service recorder module 23 writes down this user at any time and holds 3 use situation or violate item.Whether again, this user does not hold 3 to continue judge whether self publishes yet, or not and these individual's mobile unit 2 disengaging connection status, hold 3 can continue to manipulate or login authentication again to determine this user.
Please refer to Fig. 2, Fig. 3 and shown in Figure 5, its service recorder for the electron key system of preferred embodiment of the present invention upgrades flow chart, hold 3 by under the situation of this authentication comparison program the user who is provided with this individual's mobile unit 2, this user holds 3 can judge whether " the service recorder data " that are not sent to this server unit 1 are as yet arranged in this service recorder database 32, if be judged as "Yes", this user hold 3 must be really and this server unit 1 connect, this user holds 3 " the service recorder data " that do not transmit in this service recorder database 32 can be sent to this server unit 1 and upgrade for this service recorder database 13; If be judged as "No", this user holds 3 lasting records to be somebody's turn to do " service recorder data ", upgrades operation for this service recorder database 32.
The major technique of electron key system of the present invention is characterised in that: utilize this authentication module 21 to carry out after the authentication operation of high security earlier, utilize again this information control module 22 according to should " rights of using data " regulation respectively this user hold 3 performance constraint, utilize this service recorder module 23 to write down this user respectively at any time simultaneously and hold 3 use situation, so that this server unit 1 can utilize this service recorder database 13 to inquire about specific user at any time and hold 3 use situation, it not only significantly promotes the fail safe login operation and the use restriction of operation, more can manage this user respectively concentratedly and hold 3 use situation, it effectively reaches the effect that promotes protecting information safety really.
The above description of this invention is illustrative, and nonrestrictive, and those skilled in the art is understood, and can carry out many modifications, variation or equivalence to it within spirit that claim limits and scope, but they will fall within the scope of protection of the present invention all.
Claims (14)
1. an electron key system is characterized in that, comprises:
One user end has a connectivity port and an identity authentication database, and this connectivity port connects this identification authentication data storehouse, and this identification authentication data storehouse stores a plurality of authentication gold keys; And
People's mobile unit has identity authentication module storage one and logins golden key, and this individual's mobile unit can connect the connectivity port of this user's end, so that this authentication module connects the identification authentication data storehouse of this user's end;
Wherein, this user holds collection, and this logins golden key, and carries out an authentication comparison program and compare this and login golden key and should the golden keys of a plurality of authentications.
2. electron key system as claimed in claim 1, it is characterized in that, this individual's mobile unit comprises an information control module in addition, this information control module connects this authentication module, and this information control module stores rights of using data according to logining the identical authentication gold key of golden key with this, the use restriction when operating as this user's end.
3. electron key system as claimed in claim 1 or 2, it is characterized in that, this user holds and comprises a service recorder database in addition, this service recorder database connects this connectivity port, so that this service recorder database connects this identification authentication data storehouse, in order to store service recorder data respectively, to store the use situation of this user's end corresponding to this authentication gold key respectively.
4. electron key system as claimed in claim 3 is characterized in that, this individual's mobile unit comprises a service recorder module in addition, and this service recorder module connects this service recorder database, in order to set up this service recorder data.
5. an electron key system is characterized in that, comprises:
One server unit has an identity authentication database, and this identification authentication data storehouse stores a plurality of authentication gold keys;
One user end connects this server unit, and has a connectivity port; And
People's mobile unit has identity authentication module storage one and logins golden key, and this individual's mobile unit can connect the connectivity port of this user's end, so that this authentication module is held the identification authentication data storehouse that connects this server unit by this user;
Wherein, this logins golden key this server unit collection, and carries out an authentication comparison program and compare this and login golden key and should the golden keys of a plurality of authentications.
6. electron key system as claimed in claim 5, it is characterized in that, this individual's mobile unit comprises an information control module in addition, this information control module connects this authentication module, and this information control module stores rights of using data according to logining the identical authentication gold key of golden key with this, the use restriction when operating as this user's end.
7. electron key system as claimed in claim 6, it is characterized in that, this server unit comprises an information keyholed back plate database in addition, and this information keyholed back plate database connects this identification authentication data storehouse, in order to store this rights of using data respectively corresponding to this authentication gold key respectively.
8. as claim 5,6 or 7 described electron key systems, it is characterized in that, this user holds and comprises an identity authentication database in addition, the identification authentication data storehouse of this user's end connects this connectivity port, so that the identification authentication data storehouse of this user's end connects this authentication module, and the identification authentication data storehouse of this user's end stores this a plurality of authentication gold keys.
9. electron key system as claimed in claim 8, it is characterized in that, this server unit comprises a service recorder database in addition, this service recorder database connects the identification authentication data storehouse of this server unit, in order to store service recorder data respectively, to store the use situation of this user's end corresponding to this authentication gold key respectively.
10. electron key system as claimed in claim 9 is characterized in that, this individual's mobile unit comprises a service recorder module in addition, and this service recorder module connects this service recorder database, in order to set up this service recorder data.
11. electron key system as claimed in claim 10, it is characterized in that, this user holds and comprises a service recorder database in addition, and this service recorder database connects the identification authentication data storehouse of this service recorder module and this user end, in order to store these a plurality of service recorder data.
12. electron key system as claimed in claim 7, it is characterized in that, this server unit comprises a service recorder database in addition, this service recorder database connects the identification authentication data storehouse of this server unit, in order to store service recorder data respectively, to store the use situation of this user's end corresponding to this authentication gold key respectively.
13. electron key system as claimed in claim 12 is characterized in that, this individual's mobile unit comprises a service recorder module in addition, and this service recorder module connects this service recorder database, in order to set up this service recorder data.
14. electron key system as claimed in claim 13, it is characterized in that, this user holds and comprises a service recorder database in addition, and this service recorder database connects the identification authentication data storehouse of this service recorder module and this user end, in order to store these a plurality of service recorder data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101337476A CN102195780A (en) | 2010-03-15 | 2010-03-15 | Electronic key system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101337476A CN102195780A (en) | 2010-03-15 | 2010-03-15 | Electronic key system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102195780A true CN102195780A (en) | 2011-09-21 |
Family
ID=44603207
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101337476A Pending CN102195780A (en) | 2010-03-15 | 2010-03-15 | Electronic key system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102195780A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488379A (en) * | 2015-11-27 | 2016-04-13 | 贵州航天风华精密设备有限公司 | Identity key for test process of classified computer or spacecraft product |
| CN113111326A (en) * | 2021-04-22 | 2021-07-13 | 环鸿电子(昆山)有限公司 | Production management method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050210271A1 (en) * | 2003-11-28 | 2005-09-22 | Lightuning Tech. Inc. | Electronic identification key with portable application programs and identified by biometrics authentication |
| CN1734387A (en) * | 2004-08-03 | 2006-02-15 | 宏碁股份有限公司 | Right identification method using plug-in device and system applying the method |
| CN101488952A (en) * | 2008-12-10 | 2009-07-22 | 华中科技大学 | Mobile storage apparatus, data secured transmission method and system |
-
2010
- 2010-03-15 CN CN2010101337476A patent/CN102195780A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050210271A1 (en) * | 2003-11-28 | 2005-09-22 | Lightuning Tech. Inc. | Electronic identification key with portable application programs and identified by biometrics authentication |
| CN1734387A (en) * | 2004-08-03 | 2006-02-15 | 宏碁股份有限公司 | Right identification method using plug-in device and system applying the method |
| CN101488952A (en) * | 2008-12-10 | 2009-07-22 | 华中科技大学 | Mobile storage apparatus, data secured transmission method and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488379A (en) * | 2015-11-27 | 2016-04-13 | 贵州航天风华精密设备有限公司 | Identity key for test process of classified computer or spacecraft product |
| CN113111326A (en) * | 2021-04-22 | 2021-07-13 | 环鸿电子(昆山)有限公司 | Production management method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7213334B2 (en) | Blockchain-based quality tracking method and system for prefabricated parts in lifetime | |
| TWI449397B (en) | Near field communication electronic device, login system using the same and method thereof | |
| CN103366107A (en) | Method, device and mobile phone for protecting access permission of application program | |
| CN101667934B (en) | Centralized supervision device and supervision method of USB interface equipment networking | |
| CN103544749A (en) | Cloud control access control management system and authentication method thereof | |
| CN101599832A (en) | A kind of personal identification method and system that realize the network system login | |
| CN102831493A (en) | Mobile terminal real-time management system and method | |
| CN103485604A (en) | One-time password electronic lock | |
| CN103020542A (en) | Technology for storing secret information for global data center | |
| CN102195780A (en) | Electronic key system | |
| CN201465116U (en) | Safe mobile storage device by using mobile communication network | |
| CN108229890A (en) | Match system is washed in a kind of intelligent hotel logistics | |
| CN202309767U (en) | Middleware system for Internet of things | |
| CN203206256U (en) | A mobile storage device | |
| CN110223462A (en) | A kind of shared billing system of tax control tray | |
| CN109615742A (en) | A kind of wireless entrance guard control method and device based on LoRaWAN | |
| CN108803448A (en) | A kind of smart office system | |
| CN104122849A (en) | Computer room wireless monitoring method and system, handheld device and computer room device | |
| CN105184706A (en) | Patent application approval system | |
| CN104281966B (en) | Make out an invoice software repeated usage system and method | |
| CN102456045A (en) | Database cluster encrypting method and system | |
| CN201556212U (en) | Handheld ID card authentication device | |
| CN205038678U (en) | Invoice is opened and management system | |
| CN1976279B (en) | Automatic monitoring and cleaning intelligent key system and working method thereof | |
| CN112448972A (en) | Data exchange and sharing platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110921 |