CN102375958B - The method of restricting accessing of files - Google Patents

The method of restricting accessing of files Download PDF

Info

Publication number
CN102375958B
CN102375958B CN201010261092.0A CN201010261092A CN102375958B CN 102375958 B CN102375958 B CN 102375958B CN 201010261092 A CN201010261092 A CN 201010261092A CN 102375958 B CN102375958 B CN 102375958B
Authority
CN
China
Prior art keywords
file
controller
limiting access
qualifications
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010261092.0A
Other languages
Chinese (zh)
Other versions
CN102375958A (en
Inventor
林坤德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Quanxing Technology Co ltd
Original Assignee
Apacer Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Apacer Technology Inc filed Critical Apacer Technology Inc
Priority to CN201010261092.0A priority Critical patent/CN102375958B/en
Publication of CN102375958A publication Critical patent/CN102375958A/en
Application granted granted Critical
Publication of CN102375958B publication Critical patent/CN102375958B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

A kind of method of restricting accessing of files, the method is performed by the controller in a Storage Media, and this Storage Media comprises an entity storage area, to store one or more file, this controller receives a special command and then performs a step judging the limiting access file specified by this special command, sets up a restrictive condition logical table and judge with the step, of each limiting access file corresponding the step whether this qualifications reaches, wherein, at least one qualifications of limiting access file access is stored in this restrictive condition logical table.When this controller after reaching this qualifications is deleted in this restrictive condition logical table and entity storage area should the content of limiting access file.

Description

The method of restricting accessing of files
Technical field
The present invention relates to a kind of method of restricting accessing of files, particularly utilize the controller of Storage Media to perform a special command, with the method to a limiting access file configuration access qualifications.
Background technology
Because conventional hard, solid state hard disc constantly develop, its speed and capacity all constantly promote, and price constantly reduces.And solid state hard disc can broad sense comprise portable nonvolatile memory, that is the Portable disk be commonly called as, the capacity of Portable disk is also enough to hold a large amount of data.Therefore, the development of Storage Media has helped the storage of numerical data, has carried and transmission.
Known storing technology is as No. 374161st, TaiWan, China patent announcement " having the Winchester disk drive of file configuration table storer ", the Winchester disk drive that this front case discloses comprises many sectors, and each sector comprises a starting region, a root directory area and a data area in order.And the feature of this Winchester disk drive is to comprise: one in order to write in data to Winchester disk drive and read/write head in order to read data from this Winchester disk drive, one in order to store the non-volatile file allocation list storer of a file configuration table information, and one in order to control the controller of the movement of this read/write head, the rotation of this Winchester disk drive and reading and writing data action.
From above-mentioned previous case, known hard disk comprises a controller, and hard disk can be divided into a region of data storage and a storage area, address by access space.Wherein this region of data storage is separated as many data storing blocks, and each data storing block has fixing address, and this storage area, address then stores the address stored by each data.Controller, when storing or read data, all needs to obtain the address corresponding with these data by this storage area, address and just can find corresponding data storing block from region of data storage.
But because numerical data is too convenient to copy, transmit and carry, compromise confidentiality on the contrary from the angle of protected data content, anyone directly copies, stores the data content of copyright by Portable hard-disk even, and has encroached on intellecture property.
And existing data confidentiality technology can consult No. I317502nd, TaiWan, China patent certificate " real-time data security method ", the method that this front case discloses operates on and utilizes a data folder institute carry to become in an operating system at a secret cut section place.The method comprises: the save command receiving a file, is received the save command of this article part by the file system of this operating system; Perform an encipheror; An additional real-time encryption and decryption control item is in the attribute of this file, and the real-time encryption and decryption control item added when setting up according to this secret cut section, adds this real-time encryption and decryption control item by this file; And execution storage operation.Further, the instructions of this previous case discloses encipheror and a symmetric key or unsymmetrical key can be used to be encrypted, and by the secret key decryption of correspondence.Moreover the method also can comprise an execution identity identification and add flow process, just can decipher after confirming identity.By said method, just can need be opened by checking at least one times by the file data of Choice encryption folder.
But the file of encryption still may be made after unlatching to be replicated outflow by key and maintaining secrecy of authentication, the mechanism of therefore maintaining secrecy still has the space updating innovation.
Summary of the invention
Easily be replicated to improve prior art file, outflow.Therefore the object of the present invention is to provide a kind of controller restriction file read-write number of times by storer or the technology of time, and arrive the read-write number of times that limits or deleting this file after the time, to limit the outflow of this file.
The present invention is a kind of method of restricting accessing of files, the method is performed by the controller in a Storage Media, and this Storage Media comprises an entity storage area to store one or more file, this controller receives a special command and then performs a step judging the limiting access file specified by this special command, sets up a restrictive condition logical table and judge with the step, of each limiting access file corresponding the step whether this qualifications reaches, wherein, at least one qualifications of the access of limiting access file is stored in this restrictive condition logical table.When after this qualifications of arrival, this controller is deleted in this restrictive condition logical table and entity storage area should the content of limiting access file.
By above-mentioned method, can limit file access times or can the access time, and exceeding access times or can delete the access time, to limit the outflow of this file.
Accompanying drawing explanation
Fig. 1 is the block schematic diagram of this Storage Media and information handling system;
Fig. 2 is the implementing procedure calcspar of this method.
Embodiment
The present invention is a kind of method of restricting accessing of files, below cooperation accompanying drawing is illustrated technology of the present invention.Refer to Fig. 1, Fig. 2, Fig. 1 shows a Storage Media 1 and an information handling system 2 is electrically connected.This Storage Media 1 can be disk hard disk or solid state hard disc or nonvolatile memory; This information handling system 2 can be desktop computer or notebook computer or a device for mobile communication.This Storage Media 1 comprises an entity storage area 14 to store one or more file, and has a controller in this Storage Media 1.The information handling system 2 connecting this Storage Media 1 has an application program, and to export the access command being compatible with this controller, and this application program also can produce the special command supported by this controller.Then the step that judges the limiting access file specified by this special command is first performed after this controller receives this special command.Then perform and set up a restrictive condition logical table 11 with to should the step of limiting access file, make the file specified by this special command all have a restrictive condition logical table 11 corresponding, and this restrictive condition logical table 11 store at least one qualifications to limit the access of this limiting access file.Then perform one and judge the step whether this qualifications reaches, wherein, this controller, need via this restrictive condition logical table 11 to obtain the file being stored in entity storage area 14 when receiving the access command for limiting access file.If do not reach this qualifications, this controller accesses this limiting access file from entity storage area 14; If reach qualifications, then this controller is deleted in this restrictive condition logical table 11 and entity storage area 14 should the content of limiting access file.Above-mentioned qualifications is the access times restriction of this limiting access file, or for restriction accessing file is stored in time limit of this Storage Media 1, this qualifications also can comprise the time limit that the access times restriction of limiting access file and limiting access file are stored in this Storage Media 1 simultaneously.The concrete enforcement pattern of this Storage Media 1 as shown in Figure 1, this Storage Media 1 also stores a logical address table 10, a logic turns physical address table 12, a physical address table 13, and this controller receives outside access command or special command and this logical address table 11 is provided by the logical address of the specified file of those orders.When this access command ask access be not limiting access file, can directly turn physical address table 12 with this logical address mapping (mapping) to this logic by access generic-document path 101 and obtain physical address, map (mapping) to the position of designated file in entity storage area 14 by this physical address table 13 again, thus be designated the content of file from the access of this entity storage area 14.When this access command ask access be a limiting access file, the logical address that this logical address table 10 provides will map (mapping) to restrictive condition logical table 11 by a limited-access accessing file path 100, and now judge by this controller the qualifications whether limiting access file reaches this restrictive condition logical table 11 and define.If do not arrive this qualifications, this logical address will map (mapping) again from this restrictive condition logical table 11 and turns physical address table 12 to this logic and obtain physical address, map (mapping) to the position of designated file in entity storage area 14 by physical address table 13 again, thus be designated the content of file from the access of this entity storage area 14.If after controller judges to reach this qualifications, this controller will delete this limiting access file all contents in this Storage Media 1, comprise this logical address table 10, this restrictive condition logical table 11, logic turn the content mapping this limiting access file in physical address table 12, physical address table 13, entity storage area 14 and all will be deleted by controller.Because this information handling system 2 may to multiple file output special command, therefore this Storage Media 1 sets up multiple restrictive condition logical table 11 each limiting access file corresponding.As shown in Figure 1, suppose, in this Storage Media 1, there are two limiting access files, therefore there are in this Storage Media 1 two corresponding each limiting access files of restrictive condition logical table 11.And two restrictive condition logical tables 11 can have different qualificationss, determine when the content of qualifications can assign special command by operator by information handling system 2.The implementing procedure of this controller as shown in Figure 2, first receives the order (as step square 31) of input, first determines whether special command (as step square 32) from this information handling system 2.If so, a restrictive condition logical table is then set up with corresponding limiting access file (as step square 33).If not, the order then representing this input is access command, now judge whether file specified by this order is restriction accessing file (as step square 34) further, if file specified by this order is not limiting access file, then can allow this file of direct access (as step square 35).If file specified by this order is restriction accessing file, controller will judge whether to reach this qualifications (as step square 36) by restrictive condition logical table 11.If do not arrive qualifications, then allow this limiting access file of access (as step square 37).If arrival qualifications, then delete should the content (as step square 38) of limiting access file by controller.
By above-mentioned method, can limit file access times or can the access time, and exceeding access times or can delete the access time, to limit the outflow of this file, the mechanism that further increases guarantees that secret can not leak.Above-mentioned controller also can limit this information handling system 2 and must install compatible software and just can access this limiting access file.
Although the present invention discloses as above with preferred embodiment; so itself and be not used to limit the present invention; a little change that any those skilled in the art does without departing from the spirit and scope of the present invention and retouching; all should be covered by the present invention, therefore protection scope of the present invention is when being as the criterion depending on the appended claim person of defining.

Claims (9)

1. the method for a restricting accessing of files, the information handling system (2) that described method defines a Storage Media (1) and is connected with described Storage Media (1), described Storage Media (1) comprises a logical address table (10), a logic turns physical address table (12), a physical address table (13), a controller and store an entity storage area (14) of one or more file, and it is characterized in that, the method for described restricting accessing of files comprises the following steps:
The special command of appointment one limiting access file is inputted to described controller from described information handling system;
Described controller judges the described limiting access file specified by described special command;
Described controller sets up a restrictive condition logical table (11) with the described limiting access file of correspondence, and described restrictive condition logical table (11) stores at least one qualifications limiting described limiting access file access;
The access command of described limiting access file is accessed to described controller from described information handling system input;
Described controller is when receiving described access command, described logical address table (10) provides a logical address of described limiting access file, and be mapped to described restrictive condition logical table (11) by a limited-access file path (100), judge whether described limiting access file reaches described qualifications by described controller;
If do not reach described qualifications, described logical address is mapped to described logic via described restrictive condition logical table (11) and turns physical address table (12) and obtain a physical address by described controller, map described physical address to described limiting access file in the position of described entity storage area (14) by this physical address table (13) again, and access described limiting access file from described entity storage area (14);
If reach qualifications, then described controller is deleted and is turned in described logical address table (10), described restrictive condition logical table (11), described logic the content corresponding to described limiting access file in physical address table (12), described physical address table (13) and entity storage area (14).
2. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications is the access times restriction of restriction accessing file.
3. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications is the time limit that restriction accessing file is stored in described Storage Media (1).
4. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications comprises the access times restriction of limiting access file simultaneously and limiting access file is stored in time limit of described Storage Media (1).
5. the method for restricting accessing of files according to claim 1, it is characterized in that, described Storage Media (1) connects an information handling system (2), to receive the access command or special command that described information handling system (2) produces.
6. the method for restricting accessing of files according to claim 5, is characterized in that, described information handling system (2) is desktop computer or notebook computer or device for mobile communication.
7. the method for restricting accessing of files according to claim 5, is characterized in that, described information handling system (2) has an application program, to export the access command or special command that are compatible with described controller.
8. the method for restricting accessing of files according to claim 1, is characterized in that, described Storage Media (1) is nonvolatile memory.
9. the method for restricting accessing of files according to claim 8, is characterized in that, described Storage Media (1) is disk hard disk or solid state hard disc.
CN201010261092.0A 2010-08-23 2010-08-23 The method of restricting accessing of files Active CN102375958B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010261092.0A CN102375958B (en) 2010-08-23 2010-08-23 The method of restricting accessing of files

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010261092.0A CN102375958B (en) 2010-08-23 2010-08-23 The method of restricting accessing of files

Publications (2)

Publication Number Publication Date
CN102375958A CN102375958A (en) 2012-03-14
CN102375958B true CN102375958B (en) 2015-09-16

Family

ID=45794549

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010261092.0A Active CN102375958B (en) 2010-08-23 2010-08-23 The method of restricting accessing of files

Country Status (1)

Country Link
CN (1) CN102375958B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015439B1 (en) * 2014-05-30 2015-04-21 SanDisk Technologies, Inc. Event lock storage device
CN105893280A (en) * 2015-01-26 2016-08-24 深圳市硅格半导体有限公司 Memory card data encryption method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1380999A (en) * 2000-04-25 2002-11-20 松下电器产业株式会社 Electronic device and production method therefor
CN1770696A (en) * 2004-11-03 2006-05-10 易载国际股份有限公司 Document access control managing method and system for digital copyright management

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4872512B2 (en) * 2006-08-02 2012-02-08 ソニー株式会社 Storage device, storage control method, and information processing device and method
CN101127067A (en) * 2007-09-13 2008-02-20 深圳市融合视讯科技有限公司 Electronic document attribute dynamic setting method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1380999A (en) * 2000-04-25 2002-11-20 松下电器产业株式会社 Electronic device and production method therefor
CN1770696A (en) * 2004-11-03 2006-05-10 易载国际股份有限公司 Document access control managing method and system for digital copyright management

Also Published As

Publication number Publication date
CN102375958A (en) 2012-03-14

Similar Documents

Publication Publication Date Title
US9529735B2 (en) Secure data encryption in shared storage using namespaces
US10381040B1 (en) Dynamic hybrid shingled magnetic recording device
US20090164709A1 (en) Secure storage devices and methods of managing secure storage devices
KR102017828B1 (en) Security management unit, host controller interface including the same, method for operating the host controller interface, and devices including the host controller interface
US20070028121A1 (en) Method of protecting confidential data using non-sequential hidden memory blocks for mass storage devices
US20100058066A1 (en) Method and system for protecting data
CN102955746A (en) Read-only mode mobile storage device and data access method thereof
CN103617404A (en) Storing device of safety partitions
TW200307868A (en) Method for partitioning memory mass storage device and device thereof
KR20180045039A (en) Security Subsystem
TWI459202B (en) Data processing method, memory controller and memory storage device
TW201329707A (en) Data protecting method, memory controller and memory storage apparatus
CN103257938B (en) Data guard method, Memory Controller and memorizer memory devices
CN109255262A (en) Data guard method and solid state hard disk
US9195847B2 (en) Storage system for supporting use of multiple keys
CN105700830B (en) A kind of solid state hard disc master control, solid state hard disc and the WORM storage methods of supporting WORM to store
CN102375958B (en) The method of restricting accessing of files
CN101354684A (en) Method and system for accessing finance data
CN100518061C (en) Disk memory system with once written and multiple read and design method thereof
TW201113702A (en) Data storage device and method
US20220123932A1 (en) Data storage device encryption
CN1797372B (en) Storing method and device in use for data process system
TWI424330B (en) Limit the way files are accessed
JP2013137717A (en) Nonvolatile storage device, access control program and storage control method
US20220327245A1 (en) Data storage device and method of access

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220725

Address after: 3507a, SEG Plaza, No. 1002, Huaqiang North Road, Fuqiang community, Huaqiang North Street, Futian District, Shenzhen, Guangdong Province

Patentee after: Shenzhen Quanxing Technology Co.,Ltd.

Address before: Taipei County, Taiwan, China

Patentee before: APACER TECHNOLOGY INC.

TR01 Transfer of patent right