CN102375958B - The method of restricting accessing of files - Google Patents
The method of restricting accessing of files Download PDFInfo
- Publication number
- CN102375958B CN102375958B CN201010261092.0A CN201010261092A CN102375958B CN 102375958 B CN102375958 B CN 102375958B CN 201010261092 A CN201010261092 A CN 201010261092A CN 102375958 B CN102375958 B CN 102375958B
- Authority
- CN
- China
- Prior art keywords
- file
- controller
- limiting access
- qualifications
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
A kind of method of restricting accessing of files, the method is performed by the controller in a Storage Media, and this Storage Media comprises an entity storage area, to store one or more file, this controller receives a special command and then performs a step judging the limiting access file specified by this special command, sets up a restrictive condition logical table and judge with the step, of each limiting access file corresponding the step whether this qualifications reaches, wherein, at least one qualifications of limiting access file access is stored in this restrictive condition logical table.When this controller after reaching this qualifications is deleted in this restrictive condition logical table and entity storage area should the content of limiting access file.
Description
Technical field
The present invention relates to a kind of method of restricting accessing of files, particularly utilize the controller of Storage Media to perform a special command, with the method to a limiting access file configuration access qualifications.
Background technology
Because conventional hard, solid state hard disc constantly develop, its speed and capacity all constantly promote, and price constantly reduces.And solid state hard disc can broad sense comprise portable nonvolatile memory, that is the Portable disk be commonly called as, the capacity of Portable disk is also enough to hold a large amount of data.Therefore, the development of Storage Media has helped the storage of numerical data, has carried and transmission.
Known storing technology is as No. 374161st, TaiWan, China patent announcement " having the Winchester disk drive of file configuration table storer ", the Winchester disk drive that this front case discloses comprises many sectors, and each sector comprises a starting region, a root directory area and a data area in order.And the feature of this Winchester disk drive is to comprise: one in order to write in data to Winchester disk drive and read/write head in order to read data from this Winchester disk drive, one in order to store the non-volatile file allocation list storer of a file configuration table information, and one in order to control the controller of the movement of this read/write head, the rotation of this Winchester disk drive and reading and writing data action.
From above-mentioned previous case, known hard disk comprises a controller, and hard disk can be divided into a region of data storage and a storage area, address by access space.Wherein this region of data storage is separated as many data storing blocks, and each data storing block has fixing address, and this storage area, address then stores the address stored by each data.Controller, when storing or read data, all needs to obtain the address corresponding with these data by this storage area, address and just can find corresponding data storing block from region of data storage.
But because numerical data is too convenient to copy, transmit and carry, compromise confidentiality on the contrary from the angle of protected data content, anyone directly copies, stores the data content of copyright by Portable hard-disk even, and has encroached on intellecture property.
And existing data confidentiality technology can consult No. I317502nd, TaiWan, China patent certificate " real-time data security method ", the method that this front case discloses operates on and utilizes a data folder institute carry to become in an operating system at a secret cut section place.The method comprises: the save command receiving a file, is received the save command of this article part by the file system of this operating system; Perform an encipheror; An additional real-time encryption and decryption control item is in the attribute of this file, and the real-time encryption and decryption control item added when setting up according to this secret cut section, adds this real-time encryption and decryption control item by this file; And execution storage operation.Further, the instructions of this previous case discloses encipheror and a symmetric key or unsymmetrical key can be used to be encrypted, and by the secret key decryption of correspondence.Moreover the method also can comprise an execution identity identification and add flow process, just can decipher after confirming identity.By said method, just can need be opened by checking at least one times by the file data of Choice encryption folder.
But the file of encryption still may be made after unlatching to be replicated outflow by key and maintaining secrecy of authentication, the mechanism of therefore maintaining secrecy still has the space updating innovation.
Summary of the invention
Easily be replicated to improve prior art file, outflow.Therefore the object of the present invention is to provide a kind of controller restriction file read-write number of times by storer or the technology of time, and arrive the read-write number of times that limits or deleting this file after the time, to limit the outflow of this file.
The present invention is a kind of method of restricting accessing of files, the method is performed by the controller in a Storage Media, and this Storage Media comprises an entity storage area to store one or more file, this controller receives a special command and then performs a step judging the limiting access file specified by this special command, sets up a restrictive condition logical table and judge with the step, of each limiting access file corresponding the step whether this qualifications reaches, wherein, at least one qualifications of the access of limiting access file is stored in this restrictive condition logical table.When after this qualifications of arrival, this controller is deleted in this restrictive condition logical table and entity storage area should the content of limiting access file.
By above-mentioned method, can limit file access times or can the access time, and exceeding access times or can delete the access time, to limit the outflow of this file.
Accompanying drawing explanation
Fig. 1 is the block schematic diagram of this Storage Media and information handling system;
Fig. 2 is the implementing procedure calcspar of this method.
Embodiment
The present invention is a kind of method of restricting accessing of files, below cooperation accompanying drawing is illustrated technology of the present invention.Refer to Fig. 1, Fig. 2, Fig. 1 shows a Storage Media 1 and an information handling system 2 is electrically connected.This Storage Media 1 can be disk hard disk or solid state hard disc or nonvolatile memory; This information handling system 2 can be desktop computer or notebook computer or a device for mobile communication.This Storage Media 1 comprises an entity storage area 14 to store one or more file, and has a controller in this Storage Media 1.The information handling system 2 connecting this Storage Media 1 has an application program, and to export the access command being compatible with this controller, and this application program also can produce the special command supported by this controller.Then the step that judges the limiting access file specified by this special command is first performed after this controller receives this special command.Then perform and set up a restrictive condition logical table 11 with to should the step of limiting access file, make the file specified by this special command all have a restrictive condition logical table 11 corresponding, and this restrictive condition logical table 11 store at least one qualifications to limit the access of this limiting access file.Then perform one and judge the step whether this qualifications reaches, wherein, this controller, need via this restrictive condition logical table 11 to obtain the file being stored in entity storage area 14 when receiving the access command for limiting access file.If do not reach this qualifications, this controller accesses this limiting access file from entity storage area 14; If reach qualifications, then this controller is deleted in this restrictive condition logical table 11 and entity storage area 14 should the content of limiting access file.Above-mentioned qualifications is the access times restriction of this limiting access file, or for restriction accessing file is stored in time limit of this Storage Media 1, this qualifications also can comprise the time limit that the access times restriction of limiting access file and limiting access file are stored in this Storage Media 1 simultaneously.The concrete enforcement pattern of this Storage Media 1 as shown in Figure 1, this Storage Media 1 also stores a logical address table 10, a logic turns physical address table 12, a physical address table 13, and this controller receives outside access command or special command and this logical address table 11 is provided by the logical address of the specified file of those orders.When this access command ask access be not limiting access file, can directly turn physical address table 12 with this logical address mapping (mapping) to this logic by access generic-document path 101 and obtain physical address, map (mapping) to the position of designated file in entity storage area 14 by this physical address table 13 again, thus be designated the content of file from the access of this entity storage area 14.When this access command ask access be a limiting access file, the logical address that this logical address table 10 provides will map (mapping) to restrictive condition logical table 11 by a limited-access accessing file path 100, and now judge by this controller the qualifications whether limiting access file reaches this restrictive condition logical table 11 and define.If do not arrive this qualifications, this logical address will map (mapping) again from this restrictive condition logical table 11 and turns physical address table 12 to this logic and obtain physical address, map (mapping) to the position of designated file in entity storage area 14 by physical address table 13 again, thus be designated the content of file from the access of this entity storage area 14.If after controller judges to reach this qualifications, this controller will delete this limiting access file all contents in this Storage Media 1, comprise this logical address table 10, this restrictive condition logical table 11, logic turn the content mapping this limiting access file in physical address table 12, physical address table 13, entity storage area 14 and all will be deleted by controller.Because this information handling system 2 may to multiple file output special command, therefore this Storage Media 1 sets up multiple restrictive condition logical table 11 each limiting access file corresponding.As shown in Figure 1, suppose, in this Storage Media 1, there are two limiting access files, therefore there are in this Storage Media 1 two corresponding each limiting access files of restrictive condition logical table 11.And two restrictive condition logical tables 11 can have different qualificationss, determine when the content of qualifications can assign special command by operator by information handling system 2.The implementing procedure of this controller as shown in Figure 2, first receives the order (as step square 31) of input, first determines whether special command (as step square 32) from this information handling system 2.If so, a restrictive condition logical table is then set up with corresponding limiting access file (as step square 33).If not, the order then representing this input is access command, now judge whether file specified by this order is restriction accessing file (as step square 34) further, if file specified by this order is not limiting access file, then can allow this file of direct access (as step square 35).If file specified by this order is restriction accessing file, controller will judge whether to reach this qualifications (as step square 36) by restrictive condition logical table 11.If do not arrive qualifications, then allow this limiting access file of access (as step square 37).If arrival qualifications, then delete should the content (as step square 38) of limiting access file by controller.
By above-mentioned method, can limit file access times or can the access time, and exceeding access times or can delete the access time, to limit the outflow of this file, the mechanism that further increases guarantees that secret can not leak.Above-mentioned controller also can limit this information handling system 2 and must install compatible software and just can access this limiting access file.
Although the present invention discloses as above with preferred embodiment; so itself and be not used to limit the present invention; a little change that any those skilled in the art does without departing from the spirit and scope of the present invention and retouching; all should be covered by the present invention, therefore protection scope of the present invention is when being as the criterion depending on the appended claim person of defining.
Claims (9)
1. the method for a restricting accessing of files, the information handling system (2) that described method defines a Storage Media (1) and is connected with described Storage Media (1), described Storage Media (1) comprises a logical address table (10), a logic turns physical address table (12), a physical address table (13), a controller and store an entity storage area (14) of one or more file, and it is characterized in that, the method for described restricting accessing of files comprises the following steps:
The special command of appointment one limiting access file is inputted to described controller from described information handling system;
Described controller judges the described limiting access file specified by described special command;
Described controller sets up a restrictive condition logical table (11) with the described limiting access file of correspondence, and described restrictive condition logical table (11) stores at least one qualifications limiting described limiting access file access;
The access command of described limiting access file is accessed to described controller from described information handling system input;
Described controller is when receiving described access command, described logical address table (10) provides a logical address of described limiting access file, and be mapped to described restrictive condition logical table (11) by a limited-access file path (100), judge whether described limiting access file reaches described qualifications by described controller;
If do not reach described qualifications, described logical address is mapped to described logic via described restrictive condition logical table (11) and turns physical address table (12) and obtain a physical address by described controller, map described physical address to described limiting access file in the position of described entity storage area (14) by this physical address table (13) again, and access described limiting access file from described entity storage area (14);
If reach qualifications, then described controller is deleted and is turned in described logical address table (10), described restrictive condition logical table (11), described logic the content corresponding to described limiting access file in physical address table (12), described physical address table (13) and entity storage area (14).
2. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications is the access times restriction of restriction accessing file.
3. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications is the time limit that restriction accessing file is stored in described Storage Media (1).
4. the method for restricting accessing of files according to claim 1, is characterized in that, described qualifications comprises the access times restriction of limiting access file simultaneously and limiting access file is stored in time limit of described Storage Media (1).
5. the method for restricting accessing of files according to claim 1, it is characterized in that, described Storage Media (1) connects an information handling system (2), to receive the access command or special command that described information handling system (2) produces.
6. the method for restricting accessing of files according to claim 5, is characterized in that, described information handling system (2) is desktop computer or notebook computer or device for mobile communication.
7. the method for restricting accessing of files according to claim 5, is characterized in that, described information handling system (2) has an application program, to export the access command or special command that are compatible with described controller.
8. the method for restricting accessing of files according to claim 1, is characterized in that, described Storage Media (1) is nonvolatile memory.
9. the method for restricting accessing of files according to claim 8, is characterized in that, described Storage Media (1) is disk hard disk or solid state hard disc.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010261092.0A CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010261092.0A CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102375958A CN102375958A (en) | 2012-03-14 |
| CN102375958B true CN102375958B (en) | 2015-09-16 |
Family
ID=45794549
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010261092.0A Active CN102375958B (en) | 2010-08-23 | 2010-08-23 | The method of restricting accessing of files |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102375958B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9015439B1 (en) * | 2014-05-30 | 2015-04-21 | SanDisk Technologies, Inc. | Event lock storage device |
| CN105893280A (en) * | 2015-01-26 | 2016-08-24 | 深圳市硅格半导体有限公司 | Memory card data encryption method and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380999A (en) * | 2000-04-25 | 2002-11-20 | 松下电器产业株式会社 | Electronic device and production method therefor |
| CN1770696A (en) * | 2004-11-03 | 2006-05-10 | 易载国际股份有限公司 | Document access control managing method and system for digital copyright management |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4872512B2 (en) * | 2006-08-02 | 2012-02-08 | ソニー株式会社 | Storage device, storage control method, and information processing device and method |
| CN101127067A (en) * | 2007-09-13 | 2008-02-20 | 深圳市融合视讯科技有限公司 | Electronic document attribute dynamic setting method |
-
2010
- 2010-08-23 CN CN201010261092.0A patent/CN102375958B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1380999A (en) * | 2000-04-25 | 2002-11-20 | 松下电器产业株式会社 | Electronic device and production method therefor |
| CN1770696A (en) * | 2004-11-03 | 2006-05-10 | 易载国际股份有限公司 | Document access control managing method and system for digital copyright management |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102375958A (en) | 2012-03-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9529735B2 (en) | Secure data encryption in shared storage using namespaces | |
| US10381040B1 (en) | Dynamic hybrid shingled magnetic recording device | |
| US20090164709A1 (en) | Secure storage devices and methods of managing secure storage devices | |
| KR102017828B1 (en) | Security management unit, host controller interface including the same, method for operating the host controller interface, and devices including the host controller interface | |
| US20070028121A1 (en) | Method of protecting confidential data using non-sequential hidden memory blocks for mass storage devices | |
| US20100058066A1 (en) | Method and system for protecting data | |
| CN102955746A (en) | Read-only mode mobile storage device and data access method thereof | |
| CN103617404A (en) | Storing device of safety partitions | |
| TW200307868A (en) | Method for partitioning memory mass storage device and device thereof | |
| KR20180045039A (en) | Security Subsystem | |
| TWI459202B (en) | Data processing method, memory controller and memory storage device | |
| TW201329707A (en) | Data protecting method, memory controller and memory storage apparatus | |
| CN103257938B (en) | Data guard method, Memory Controller and memorizer memory devices | |
| CN109255262A (en) | Data guard method and solid state hard disk | |
| US9195847B2 (en) | Storage system for supporting use of multiple keys | |
| CN105700830B (en) | A kind of solid state hard disc master control, solid state hard disc and the WORM storage methods of supporting WORM to store | |
| CN102375958B (en) | The method of restricting accessing of files | |
| CN101354684A (en) | Method and system for accessing finance data | |
| CN100518061C (en) | Disk memory system with once written and multiple read and design method thereof | |
| TW201113702A (en) | Data storage device and method | |
| US20220123932A1 (en) | Data storage device encryption | |
| CN1797372B (en) | Storing method and device in use for data process system | |
| TWI424330B (en) | Limit the way files are accessed | |
| JP2013137717A (en) | Nonvolatile storage device, access control program and storage control method | |
| US20220327245A1 (en) | Data storage device and method of access |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220725 Address after: 3507a, SEG Plaza, No. 1002, Huaqiang North Road, Fuqiang community, Huaqiang North Street, Futian District, Shenzhen, Guangdong Province Patentee after: Shenzhen Quanxing Technology Co.,Ltd. Address before: Taipei County, Taiwan, China Patentee before: APACER TECHNOLOGY INC. |
|
| TR01 | Transfer of patent right |