CN102375958A - Method for restricting accessing of files - Google Patents
Method for restricting accessing of files Download PDFInfo
- Publication number
- CN102375958A CN102375958A CN2010102610920A CN201010261092A CN102375958A CN 102375958 A CN102375958 A CN 102375958A CN 2010102610920 A CN2010102610920 A CN 2010102610920A CN 201010261092 A CN201010261092 A CN 201010261092A CN 102375958 A CN102375958 A CN 102375958A
- Authority
- CN
- China
- Prior art keywords
- restriction
- file
- controller
- qualifications
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method for restricting the accessing of files, which is executed by a controller in a storage medium, and the storage medium comprises an entity storage area for storing one or more files; after receiving a special command, the controller executes a step of judging a restrictively-accessed file specified by the special command, a step of establishing a restricted condition logic table to correspond to each restrictively-accessed file, and a step of judging whether restricted conditions are achieved, wherein at least a restricted condition for restricting the accessing of the restrictively-accessed files is stored in the restricted condition logic table; and after the restricted conditions are achieved, the controller deletes contents corresponding to the restrictively-accessed file in the restricted condition logic table and the entity storage area.
Description
Technical field
The present invention relates to a kind of method that limits file access, particularly utilize the controller of Storage Media to carry out a special command, with method a restriction accessing file setting access qualifications.
Background technology
Because conventional hard, solid state hard disc constantly develop, its speed and capacity all constantly promote, and price constantly reduces.But and solid state hard disc broad sense comprise portable nonvolatile memory, that is the carry-on dish that is commonly called as, the capacity of dish also is enough to hold lot of data with oneself.Therefore, the development of Storage Media helped numerical data storage, carry and transmit.
No. the 374161st, the storing technology of convention such as TaiWan, China patent announcement " having the Winchester disk drive of file configuration table storer "; The Winchester disk drive that case is disclosed before being somebody's turn to do comprises many sectors, and each sector comprises that in order one starts zone, root directory zone and a data area.And this Winchester disk drive is characterised in that and comprises: one in order to write on data to a Winchester disk drive and in order to the read/write head of reading of data on this Winchester disk drive; One in order to storing the non-volatile file allocation list storer of a file configuration table information, and one in order to control the moving of this read/write head, the rotation of this Winchester disk drive and the controller of reading and writing data action.
Can know that by above-mentioned previous case the hard disk of convention comprises a controller, but and the hard disk access space divided into a region of data storage and storage area, an address.Wherein this region of data storage is divided into many data storing blocks by the district, and each data storing block has fixing address, and this storage area, address has then stored the stored address of each data.Controller all needs to obtain just can find corresponding data storing block from region of data storage with this data corresponding address through this storage area, address when storage or reading of data.
But because numerical data too is convenient to duplicate, transmit and carry, damaged confidentiality on the contrary from the angle of protected data content, anyone can directly duplicate, store the data content of copyright through the Portable hard disk even, and has encroached on intellecture property.
And existing data confidentiality technology can be consulted TaiWan, China patent certificate I317502 number " real-time data security method ", and the method that this preceding case discloses operates in the operating system of utilizing data folder institute carry to become a secret cut section place.This method comprises: receive the save command of a file, received the save command of this document by the file system of this operating system; Carry out an encipheror; In the attribute of additional real-time encryption and decryption control item to this document, the real-time encryption and decryption control item that is added when setting up according to this secret cut section is with additional this real-time encryption and decryption control item of this document; And execution storage operation.Further, the instructions of this previous case discloses encipheror and can use a symmetrical key or the unsymmetrical key to encrypt, and by the secret key decryption of correspondence.Moreover this method can comprise that also one carries out the additional flow process of identity identification, through just deciphering after the affirmation identity.Through said method, the file data folder that is selected encryption needs just can open through checking at least once.
But still possibly make the file of encryption after unlatching, be replicated outflow through maintaining secrecy of key and authentication, the mechanism of therefore maintaining secrecy still has the space of updating innovation.
Summary of the invention
Be replicated easily, outflow in order to improve the prior art file.Therefore the object of the present invention is to provide a kind of controller restriction file read-write number of times or technology of passing through in the storer of time, and arrive the read-write number of times that is limited or deleting this document after the time, outflow with restriction this document.
The present invention is a kind of method that limits file access; This method is carried out by the controller in the Storage Media; And this Storage Media comprises that an entity stores zone is to store one or more files; This controller receive a special command then carry out one judge the restriction accessing file that this special command is specified step, set up a restrictive condition logical table and judge the step whether this qualifications reaches with the step, of corresponding each restriction accessing file; Wherein, stored at least one qualifications of the access of restriction accessing file in this restrictive condition logical table.After arriving this qualifications, this controller is deleted in this restrictive condition logical table and entity stores zone limiting the content of accessing file.
Through above-mentioned method, but can limit the access times or the access time of file, but and surpassing the deletion of access times or access time, with the outflow of restriction this document.
Description of drawings
Fig. 1 is the block schematic diagram of this Storage Media and information handling system;
Fig. 2 is the implementing procedure calcspar of this method.
Embodiment
The present invention is a kind of method that limits file access, below conjunction with figs. is explained technology of the present invention.See also Fig. 1, Fig. 2, Fig. 1 shows a Storage Media 1 and an information handling system 2 electrically connects.This Storage Media 1 can be disk hard disk or solid state hard disc or nonvolatile memory; This information handling system 2 can be desktop computer or a notebook computer or a device for mobile communication.This Storage Media 1 comprises entity stores zone 14 storing one or more files, and has a controller in this Storage Media 1.The information handling system 2 that connects this Storage Media 1 has an application program, is compatible with the access command of this controller with output, and this application program also can produce a special command of being supported by this controller., then at first carries out by this controller the step of the specified restriction accessing file of this special command of judgement after receiving this special command.Then carry out and set up a restrictive condition logical table 11 with to limiting the step of accessing file; Make the specified file of this special command all have a restrictive condition logical table 11 corresponding, and this restrictive condition logical table 11 has stored at least one qualifications to limit the access of this restriction accessing file.Then carry out one and judge the step whether this qualifications reaches, wherein, this controller needs via this restrictive condition logical table 11 to obtain the file that is stored in entity stores zone 14 when receiving the access command that is directed against the restriction accessing file.If do not reach this qualifications, this controller should limit accessing file from entity stores zone 14 accesses; If reach qualifications, then this controller is deleted in this restrictive condition logical table 11 and entity stores zone 14 limiting the content of accessing file.Above-mentioned qualifications is the access times restriction of this restriction accessing file; Perhaps be stored in the time limit of this Storage Media 1 for the restriction accessing file, this qualifications also can comprise the access times restriction that limits accessing file simultaneously and limit the time limit that accessing file is stored in this Storage Media 1.The practical implementation appearance attitude of this Storage Media 1 is as shown in Figure 1; This Storage Media 1 has also stored a logical address table 10, a logic changes physical address table 12, a physical address table 13, and this controller receives outside access command or special command and makes this logical address table 11 that the logical address of being ordered specified file by those is provided.When access that this access command is asked is not the restriction accessing file; Can directly change physical address table 12 with this logical address mapping (mapping) to this logic and obtain physical address through access generic-document path 101; Again through this physical address table 13 mapping (mapping) to the position of designated file in entity stores zone 14, thereby the content of the designated file of these entity stores zone 14 accesses certainly.When access that this access command is asked is a restriction accessing file; The logical address that this logical address table 10 is provided will arrive restrictive condition logical table 11 through a limited-access accessing file path 100 mappings (mapping), and judge by this controller whether restriction accessing file reaches this restrictive condition logical table 11 defined qualificationss this moment.If this qualifications of no show; This logical address will be shone upon (mapping) again from this restrictive condition logical table 11 changes physical address table 12 and obtains physical address to this logic; Again through physical address table 13 mapping (mapping) to the position of designated file in entity stores zone 14, thereby the content of the designated file of these entity stores zone 14 accesses certainly.After if the controller judgement reaches this qualifications; This controller will be deleted this restriction accessing file all contents in this Storage Media 1, comprise that the content of this restriction accessing file of mapping in this logical address table 10, this restrictive condition logical table 11, logic commentaries on classics physical address table 12, physical address table 13, the entity stores zone 14 is all deleted the Be Controlled device.Because this information handling system 2 possibly exported special commands to a plurality of files, so this Storage Media 1 is set up a plurality of restrictive condition logical table 11 corresponding each restriction accessing file.As shown in Figure 1, suppose to have in this Storage Media 1 two restriction accessing files, so have two restrictive condition logical table 11 correspondences in this Storage Media 1 and respectively limit accessing file.And two restrictive condition logical tables 11 can have different qualificationss, and the content of qualifications determines in the time of can assigning special command through information handling system 2 by the operator.The implementing procedure of this controller is as shown in Figure 2, at first receives the order (like step square 31) of input from this information handling system 2, judges whether earlier to be special command (like step square 32).If then set up a restrictive condition logical table and limit accessing file (like step square 33) with correspondence.If not; The order of then representing this input is an access command; Further judge that whether the specified file of this order is restriction accessing file (like step square 34), if this orders specified file and unrestricted accessing file, then can allow direct access this document (like step square 35) this moment.If should be the restriction accessing file by the specified file of order, controller will judge whether to reach this qualifications (like step square 36) through restrictive condition logical table 11.If the no show qualifications then allows this restriction accessing file of access (like step square 37).If arrive qualifications, then by the content (like step square 38) of controller deletion to limiting accessing file.
Through above-mentioned method, but can limit the access times or the access time of file, but and surpassing the deletion of access times or access time, with the outflow of restriction this document, more increased by a mechanism and guaranteed that secret can not leak.But above-mentioned controller also can limit this information handling system 2 just this restriction accessing file of access of compatible software must be installed.
Though the present invention discloses as above with preferred embodiment; Right its is not in order to limit the present invention; Any those skilled in the art is not breaking away from a little change and the retouching of being done in the spirit and scope of the present invention; All should be covered by among the present invention, so protection scope of the present invention is as the criterion when looking appended the claim person of defining.
Claims (11)
1. method that limits file access, said method define the entity stores zone (14) that a Storage Media (1) comprises a controller and stores one or more files, and it is characterized in that said controller receives a special command and then carries out:
Judge the step of the restriction accessing file that said special command is specified;
Set up the step of a restrictive condition logical table (11) with the said restriction accessing file of correspondence, said restrictive condition logical table (11) stores at least one qualifications of restriction accessing file access;
Judge the step whether said qualifications reaches, wherein, said controller needs via said restrictive condition logical table (11) to obtain the file that is stored in entity stores zone (14) when receiving an access command that is directed against the restriction accessing file;
If do not reach said qualifications, said controller is from the said restriction accessing file of entity stores zone (14) access;
If reach qualifications, then said controller deletion in said restrictive condition logical table (11) and entity stores zone (14) corresponding to the content of said restriction accessing file.
2. the method for restriction file access according to claim 1; It is characterized in that; Said Storage Media (1) also stores a logical address table (10), a physical address table (13); Said logical address table (10) receives outside access command or special command and provides by the logical address of the specified file of said order, and said logical address is mapped in the physical address in the physical address table (13), and said physical address shines upon the position of designated file in entity stores zone (14).
3. the method for restriction file access according to claim 2 is characterized in that, also comprising a logic in the said Storage Media (1) changes physical address table (12), and said logic commentaries on classics physical address table is mapped as physical address with the logical address of designated file.
4. the method for restriction file access according to claim 3; It is characterized in that; When reaching qualifications, said controller is also deleted the content of changeing the said restriction accessing file of mapping in the physical address table (12) in said logical address table (10), physical address table (13) and logic.
5. the method for restriction file access according to claim 1 is characterized in that, said qualifications is the access times restriction of restriction accessing file.
6. the method for restriction file access according to claim 1 is characterized in that, said qualifications is stored in the time limit of said Storage Media (1) for the restriction accessing file.
7. the method for restriction file access according to claim 1 is characterized in that, said qualifications comprises the access times restriction that limits accessing file simultaneously and limits the time limit that accessing file is stored in said Storage Media (1).
8. the method for restriction file access according to claim 1 is characterized in that, said Storage Media (1) connects an information handling system (2), to receive access command or the special command that said information handling system (2) produces.
9. the method for restriction file access according to claim 8 is characterized in that, said information handling system (2) is desktop computer or notebook computer or device for mobile communication.
10. the method for restriction file access according to claim 8 is characterized in that, said information handling system (2) has an application program, is compatible with the access command or the special command of said controller with output.
11. the method for restriction file access according to claim 1 is characterized in that, said Storage Media (1) is disk hard disk or solid state hard disc or nonvolatile memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010261092.0A CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010261092.0A CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102375958A true CN102375958A (en) | 2012-03-14 |
| CN102375958B CN102375958B (en) | 2015-09-16 |
Family
ID=45794549
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010261092.0A Active CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102375958B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105893280A (en) * | 2015-01-26 | 2016-08-24 | 深圳市硅格半导体有限公司 | Memory card data encryption method and system |
| CN106462720A (en) * | 2014-05-30 | 2017-02-22 | 桑迪士克科技有限责任公司 | Event lock storage device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380999A (en) * | 2000-04-25 | 2002-11-20 | 松下电器产业株式会社 | Electronic device and production method therefor |
| CN1770696A (en) * | 2004-11-03 | 2006-05-10 | 易载国际股份有限公司 | Document access control managing method and system for digital copyright management |
| US20080034223A1 (en) * | 2006-08-02 | 2008-02-07 | Sony Corporation | Storage device and storage method, and information-processing device and information-processing method |
| CN101127067A (en) * | 2007-09-13 | 2008-02-20 | 深圳市融合视讯科技有限公司 | Electronic document attribute dynamic setting method |
-
2010
- 2010-08-23 CN CN201010261092.0A patent/CN102375958B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380999A (en) * | 2000-04-25 | 2002-11-20 | 松下电器产业株式会社 | Electronic device and production method therefor |
| CN1770696A (en) * | 2004-11-03 | 2006-05-10 | 易载国际股份有限公司 | Document access control managing method and system for digital copyright management |
| US20080034223A1 (en) * | 2006-08-02 | 2008-02-07 | Sony Corporation | Storage device and storage method, and information-processing device and information-processing method |
| CN101127067A (en) * | 2007-09-13 | 2008-02-20 | 深圳市融合视讯科技有限公司 | Electronic document attribute dynamic setting method |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106462720A (en) * | 2014-05-30 | 2017-02-22 | 桑迪士克科技有限责任公司 | Event lock storage device |
| CN106462720B (en) * | 2014-05-30 | 2019-06-11 | 桑迪士克科技有限责任公司 | Event latch storage device |
| CN105893280A (en) * | 2015-01-26 | 2016-08-24 | 深圳市硅格半导体有限公司 | Memory card data encryption method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102375958B (en) | 2015-09-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9529735B2 (en) | Secure data encryption in shared storage using namespaces | |
| KR102017828B1 (en) | Security management unit, host controller interface including the same, method for operating the host controller interface, and devices including the host controller interface | |
| US10381040B1 (en) | Dynamic hybrid shingled magnetic recording device | |
| US20040103288A1 (en) | Apparatus and method for securing data on a portable storage device | |
| US20090164709A1 (en) | Secure storage devices and methods of managing secure storage devices | |
| US20070028121A1 (en) | Method of protecting confidential data using non-sequential hidden memory blocks for mass storage devices | |
| US20060218412A1 (en) | Data encryption in a data storage device | |
| CN103617404A (en) | Storing device of safety partitions | |
| CN102955746A (en) | Read-only mode mobile storage device and data access method thereof | |
| JP2007207239A (en) | Storage device for providing flexible protected access for security applications | |
| CN103257938B (en) | Data guard method, Memory Controller and memorizer memory devices | |
| JP5489201B2 (en) | Secure direct platter access | |
| CN102184143A (en) | Data protection method, device and system for storage device | |
| CN105700830B (en) | A kind of solid state hard disc master control, solid state hard disc and the WORM storage methods of supporting WORM to store | |
| CN101354684A (en) | Method and system for accessing finance data | |
| CN102375958B (en) | The method of restricting accessing of files | |
| CN100518061C (en) | Disk memory system with once written and multiple read and design method thereof | |
| CN102012874A (en) | USB (universal serial bus) storage device provided with resource manager | |
| KR100990973B1 (en) | Apparatus of processing data using raw area of removable storage device | |
| TWI424330B (en) | Limit the way files are accessed | |
| CN201886784U (en) | USB (Universal Serial Bus) storage equipment with resource manager | |
| TWI781464B (en) | Computing devices for encryption and decryption of data | |
| CN101770431A (en) | Storage device capable of certifying and data protection method | |
| CN104169894A (en) | Apparatus and method for implementing secure storage area | |
| KR20170101432A (en) | Data protection apparatus of storage device and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220725 Address after: 3507a, SEG Plaza, No. 1002, Huaqiang North Road, Fuqiang community, Huaqiang North Street, Futian District, Shenzhen, Guangdong Province Patentee after: Shenzhen Quanxing Technology Co.,Ltd. Address before: Taipei County, Taiwan, China Patentee before: APACER TECHNOLOGY INC. |
|
| TR01 | Transfer of patent right |