CN104751036B - A kind of computer information safe system - Google Patents
A kind of computer information safe system Download PDFInfo
- Publication number
- CN104751036B CN104751036B CN201510170407.3A CN201510170407A CN104751036B CN 104751036 B CN104751036 B CN 104751036B CN 201510170407 A CN201510170407 A CN 201510170407A CN 104751036 B CN104751036 B CN 104751036B
- Authority
- CN
- China
- Prior art keywords
- information
- computer
- module
- network
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of computer information safe systems,Wherein,Computer motherboard is connected with computer peripheral,Whether the information that subscriber authentication controller is used to verify user has legal identity,Network security module for identification and judge network whether safety,Whether port security control module opens to the outside world for control computer system external interface,Information tracking module is for accessing,Record accesses the information with download with tracking computer system,Anti-tampering module is electromagnetically shielded for preventing electromagnetic exposure from classified information being caused to be revealed,The present invention is by being arranged subscriber authentication controller,Network information security module,Port security control module,Information tracking module,It is electromagnetically shielded anti-tampering module and data backup module,From multiple angles,Many aspects are monitored and protect to the information of computer information safe system,Improve the security performance of use and the transmission of computer information safe.
Description
Technical field
The present invention relates to a kind of computer system, specially a kind of computer information safe system belongs to computer and letter
Cease technical field.
Background technology
Computer and computer network have become important information carrier and the transmission of enterprise, government and various other tissues
Working efficiency is greatly improved in channel, and the storage and processing of magnanimity information is made to be achieved.Computer and computer network are given
The work and life of people brings huge convenience, but also occurs the information security issue being widely noticed therewith.Number letter
Why breath safety than traditional data file security is more exposed to concern, is on the one hand since digital information itself is with being easy to
The characteristic of duplication, using this characteristic, information is susceptible to be difficult to control and what is traced steals prestige knee, is on the other hand, due to
Remote information access facility possessed by computer network makes information be easy the threat for being destroyed, changing and being stolen.It is very bright
It is aobvious, it can ensure that the safety of enterprise, government or other organization internal digital informations has been related to calculating to greatest extent
Can machine and computer network really become the key factor for the large-scale application for having essential meaning.
A kind of computer information safe system provided by the invention, by the way that subscriber authentication controller, network is arranged
Information security module, port security control module, information tracking module, the anti-tampering module of electromagnetic shielding and data backup module,
The information of computer information safe system is monitored and is protected from multiple angles, many aspects, substantially increases computer
The security performance of use and the transmission of information security, improves the security performance of the departments such as government, enterprise classified information.
Invention content
A kind of computer information safe system provided by the invention, which is characterized in that it includes computer motherboard, computer
Peripheral equipment, subscriber authentication controller, network information security module, port security control module, information tracking module, electricity
The anti-tampering module of magnetic screen and data backup module, wherein the computer motherboard is connected with the computer peripheral,
Whether the information that the subscriber authentication controller is used to verify user there is legal identity, the network security module to be used for
It identifies and judges whether network is safe, and whether the port security control module is external for control computer system external interface
Open, described information tracking module is used to access, records the information for accessing and downloading with tracking computer system, the electromagnetism
Anti-tampering module is shielded for preventing electromagnetic exposure from classified information being caused to be revealed, the data backup module is for storing and backing up
Vital document.
Further, preferably, the subscriber authentication controller includes fingerprint or pattern sample devices, computer
System safe opening unit, from lock unit and alarm unit, the fingerprint or pattern sample devices are photoelectricity sampling equipment, when
When the information that the photoelectricity sampling equipment is acquired is legal, the computer system security opening unit drives trusted computer automatically
Security system is ceased to automatically turn on, it is described to be locked automatically from lock unit when the acquired information of photoelectricity sampling setting is illegal
The fixed computer information safe system, and the alarm unit is driven to send out the buzzing prompting sound of alarm;The network information peace
Full module includes netkey generator, netkey controller, netkey decipher and Network Isolation switch, the net
Network key generator is generated using the unique Product sequence number of AT05SC card microcontrollers as seed, and according to certain rule
128 user encryption keys, whether generation of the netkey controller for authentication secret be legal, and judges inputted close
Whether key is correct, and the netkey decipher is used to decrypt verification information input by user and carry out pair with encryption key
Than the Network Isolation switch includes data information filter, network state detection circuit and network connection block device, the number
According to the Method for Filtering Abnormal Information that signal filter detects the network state detection circuit, and the network connection is driven to block
Network is carried out blocking isolation by device;The port security control module includes that port controller, port encryption equipment and data pass
Defeated encrypted master, wherein the port controller is used to control the keying of the computer information safe system interface, described
Setting, the data transmission encryption is encrypted by the interface to the computer information safe system in port encrypted master
Controller carries out application cryptoguard to the data transmitted needed for the interface, and carries out the equipment that data interaction is connect with interface
After having the password successful matching applied with the port encrypted master, the transmission and transmission of data-interface could be realized.
Further, preferably, described information tracking module includes resource control unit and data follow-up auditing unit,
In, the resource control unit carries out real-time online scanning, monitoring and record to computer-internal static resource, when in computer
When portion's static resource illegally changes, the information of monitoring is uploaded onto the server and generates evidence text by the resource control unit in real time
Part is shown in the display of computer system;The data tracking auditable unit is recorded, is audited, analyzing with tracking entirely in real time
Data, configuration Parameters variation, information flow direction, keyboard and the screen of computer information safe system, record from computer port
The All Files copy information of output and input, and automatically generate log recording and store.
Further, preferably, the computer peripheral includes printer, PCI slot or mouse, hard disk.
Further, preferably, the invention also includes boot-strap circuit unit, the boot-strap circuit unit is described for controlling
The keying of computer motherboard.
A kind of computer information safe system provided by the invention, by the way that subscriber authentication controller, network is arranged
Information security module, port security control module, information tracking module, the anti-tampering module of electromagnetic shielding and data backup module,
The information of computer information safe system is monitored and is protected from multiple angles, many aspects, substantially increases computer
The security performance of use and the transmission of information security, improves the security performance of the departments such as government, enterprise classified information.
Description of the drawings
Fig. 1 is a kind of structure diagram of computer information safe system;
Specific implementation mode
The present invention will be further described below in conjunction with the accompanying drawings.
As is shown in fig. 1, a kind of computer information safe system provided by the invention comprising computer motherboard, calculating
Peripheral devices, subscriber authentication controller, network information security module, port security control module, information tracking module,
It is electromagnetically shielded anti-tampering module and data backup module, wherein computer motherboard is connected with the computer peripheral, uses
Whether the information that authentication controller in family is used to verify user there is legal identity, network security module for identification and to judge
Whether network is safe, and whether port security control module opens to the outside world for control computer system external interface, information trace
Module is used to access, records the information for accessing and downloading with tracking computer system, to avoid concerning security matters caused by electromagnetic exposure
Information leakage, the present invention take scrambling processing, electromagnetic shielding measure, are provided with and are electromagnetically shielded anti-tampering module, which is used for
Prevent electromagnetic exposure from classified information being caused to be revealed, the data backup module is for storing and backing up vital document.
Wherein, subscriber authentication controller includes that fingerprint or pattern sample devices, computer system security open list
Member, from lock unit and alarm unit, fingerprint or pattern sample devices are photoelectricity sampling equipment, when photoelectricity sampling equipment is acquired
Information it is legal when, computer system security opening unit drive automatically computer information safe system automatically turn on, when described
When the acquired information of photoelectricity sampling setting is illegal, the computer information safe system is locked automatically from lock unit, and drive
The alarm unit sends out the buzzing prompting sound of alarm;The network information security module includes netkey generator, network
Cipher controlled device, netkey decipher and Network Isolation switch, the netkey generator use AT05SC card micro-controls
The unique Product sequence number of device processed generates 128 user encryption keys, the intelligent chip as seed, and according to certain rule
It is that 8 smart card microcontrollers of Atmel companies production are included it can be used to store the key executed needed for cryptographic algorithm
40kb read-only memory, 2kb Electrically Erasable Programmable Read-Only Memory have globally unique 64 product IDs, initialization
When, 64 it is product ID as seed using this, 128 user encryptions and decruption key can be generated, with very high peace
Full security performance.Whether generation of the netkey controller for authentication secret be legal, and judges whether inputted key is correct,
Netkey decipher by verification information input by user for decrypting and being compared with encryption key, Network Isolation switch packet
Data information filter, network state detection circuit and network connection block device are included, data information filter will be described network-like
The Method for Filtering Abnormal Information that state detection circuit detects, and drive network connection block device that network is carried out blocking isolation;Pacify port
Full control module includes port controller, port encryption equipment and data transmission encrypted master, wherein port controller is used for
The keying of the computer information safe system interface is controlled, port encrypted master passes through to the computer information safe system
Setting is encrypted in the interface of system, and data transmission encrypted master carries out the data transmitted needed for the interface to apply password guarantor
Shield, and carry out the password successful matching that the equipment that data interaction is connect only applies with the port encrypted master with interface
Afterwards, the transmission and transmission of data-interface could be realized.
Information tracking module includes resource control unit and data follow-up auditing unit, wherein resource control unit is to meter
Calculation machine internal stationary resource carries out real-time online scanning, monitoring and record, when computer-internal static resource illegally changes, money
It includes the display in computer system that the information of monitoring is uploaded onto the server and generates the instrument of evidence by source control unit in real time
In;Data tracking auditable unit is recorded, is audited, analyzes and tracking the data of entire computer information safe system, configure in real time
Parameters variation, information flow direction, keyboard and screen record the All Files copy information for exporting and inputting from computer port,
And it automatically generates log recording and stores.Computer peripheral includes printer, PCI slot or mouse, hard disk.
In addition, the invention also includes boot-strap circuit unit, boot-strap circuit unit is used for the keying of control computer mainboard.
A kind of computer information safe system provided by the invention, by the way that subscriber authentication controller, network is arranged
Information security module, port security control module, information tracking module, the anti-tampering module of electromagnetic shielding and data backup module,
The information of computer information safe system is monitored and is protected from multiple angles, many aspects, substantially increases computer
The security performance of use and the transmission of information security, improves the security performance of the departments such as government, enterprise classified information.
Embodiment of above is merely to illustrate the present invention, and not limitation of the present invention, in relation to the common of technical field
Technical staff can also make a variety of changes and modification without departing from the spirit and scope of the present invention, therefore all
Equivalent technical solution also belongs to scope of the invention, and scope of patent protection of the invention should be defined by the claims.
Claims (1)
1. a kind of computer information safe system, which is characterized in that it includes computer motherboard, computer peripheral, user
Authentication controller, network information security module, port security control module, information tracking module, electromagnetic shielding are anti-tampering
Module and data backup module, wherein the computer motherboard is connected with the computer peripheral, the user identity
Whether the information that access control device is used to verify user there is legal identity, the network information security module for identification and to sentence
Whether circuit network is safe, and whether the port security control module opens to the outside world for control computer system external interface, institute
Information tracking module is stated for accessing, recording the information for accessing and downloading with tracking computer system, the electromagnetic shielding is anti-
Interference module is for preventing electromagnetic exposure from classified information being caused to be revealed, and the data backup module is for storing and backing up important text
Part;
The subscriber authentication controller include fingerprint or pattern sample devices, computer system security opening unit, from
Lock unit and alarm unit, the fingerprint or pattern sample devices are photoelectricity sampling equipment, when the photoelectricity sampling equipment institute
When the information of acquisition is legal, the computer system security opening unit drives computer information safe system to open automatically automatically
It opens, it is described to lock computerized information peace automatically from lock unit when the information that the photoelectricity sampling equipment is acquired is illegal
Total system, and the alarm unit is driven to send out the buzzing prompting sound of alarm;The network information security module includes that network is close
Key generator, netkey controller, netkey decipher and Network Isolation switch, the netkey generator use
The unique Product sequence number of ATO5SC card microcontrollers is as seed, and it is close according to certain rule to generate 128 user encryptions
Key, the netkey controller verify the generation of key, and judge whether the key generated is legal, and the network is close
Verification information input by user is decrypted and is compared with encryption key by key decipher, and the Network Isolation switch includes data
Signal filter, network state detection circuit and network connection block device, the data information filter is by the network state
The Method for Filtering Abnormal Information that detection circuit detects, and drive the network connection block device that network is carried out blocking isolation;It is described
Port security control module includes port controller, port encryption equipment and data transmission encrypted master, wherein the port
Controller controls the keying of the computer information safe system interface, and the port encryption equipment passes through to the computerized information
Setting is encrypted in the interface of security system, and the data transmission encrypted master applies the data transmitted needed for the interface
Encrypted code is protected, and is carried out the password that the equipment that data interaction is connect only applies with the port encryption equipment with interface and be paired into
After work(, the transmission and transmission of data-interface could be realized;
Described information tracking module includes resource control unit and data follow-up auditing unit, wherein the resource control unit
Real-time online scanning, monitoring and record are carried out to computer-internal static resource, when computer-internal static resource illegally changes
When, it includes in computer system that the information of monitoring is uploaded onto the server and generates the instrument of evidence by the resource control unit in real time
Display in;The data tracking auditable unit is recorded, is audited, analyzing and tracking entire computer information safe system in real time
Data, configuration Parameters variation, information flow direction, keyboard and screen, record all texts for exporting and inputting from computer port
Part copy information, and automatically generate log recording and store;
The computer peripheral includes printer, PCI slot or mouse, hard disk;
Further include boot-strap circuit unit, the boot-strap circuit unit is used to control the keying of the computer motherboard.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510170407.3A CN104751036B (en) | 2015-04-10 | 2015-04-10 | A kind of computer information safe system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510170407.3A CN104751036B (en) | 2015-04-10 | 2015-04-10 | A kind of computer information safe system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104751036A CN104751036A (en) | 2015-07-01 |
| CN104751036B true CN104751036B (en) | 2018-08-24 |
Family
ID=53590709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510170407.3A Expired - Fee Related CN104751036B (en) | 2015-04-10 | 2015-04-10 | A kind of computer information safe system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104751036B (en) |
Families Citing this family (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104994097A (en) * | 2015-07-03 | 2015-10-21 | 孙艳君 | Computer network information security control device |
| CN106055978A (en) * | 2016-05-03 | 2016-10-26 | 武珍珍 | Novel computer information safety protection lock |
| CN106131072A (en) * | 2016-08-28 | 2016-11-16 | 姜俊 | A kind of computer information safe system |
| CN106446706B (en) * | 2016-08-30 | 2019-03-19 | 许昌学院 | A kind of computer data enciphering system |
| US10311220B2 (en) * | 2016-09-02 | 2019-06-04 | Qualcomm Incorporated | Accessing a user equipment using a biometric sensor concurrently with an authentication pattern |
| CN106502866A (en) * | 2016-11-04 | 2017-03-15 | 河南理工大学 | A kind of computer safety system and method |
| CN106603517A (en) * | 2016-12-03 | 2017-04-26 | 新乡学院 | Computer network information security monitoring system |
| CN107403079A (en) * | 2017-07-27 | 2017-11-28 | 山东理工大学 | A kind of computer information safe system |
| CN107609409A (en) * | 2017-09-07 | 2018-01-19 | 苏州凯瑟兰特信息科技有限公司 | A kind of big data analysis system using computer verification code technology |
| CN108090357A (en) * | 2017-12-14 | 2018-05-29 | 湖南财政经济学院 | A kind of computer information safe control method and device |
| CN108664777A (en) * | 2018-03-16 | 2018-10-16 | 济宁医学院 | A kind of secure information storage method |
| CN108521431A (en) * | 2018-04-25 | 2018-09-11 | 信阳师范学院 | A kind of information security of computer network system |
| CN108694313A (en) * | 2018-05-07 | 2018-10-23 | 襄阳市尚贤信息科技有限公司 | A kind of computer user's identification system |
| CN108734034A (en) * | 2018-05-17 | 2018-11-02 | 合肥利元杰信息科技有限公司 | A kind of data-storage system of computer |
| CN108710793A (en) * | 2018-05-25 | 2018-10-26 | 马鞍山市润启新材料科技有限公司 | A kind of computer network means of defence and system |
| CN109756499B (en) * | 2019-01-07 | 2020-02-21 | 武汉东湖大数据交易中心股份有限公司 | Big data security access control system |
| CN109818958A (en) * | 2019-01-28 | 2019-05-28 | 西安航空学院 | A kind of computer network intelligent monitor system |
| CN109905378A (en) * | 2019-02-01 | 2019-06-18 | 湖北大学 | A kind of network information security monitoring method, system and computer storage medium |
| CN110381127A (en) * | 2019-07-04 | 2019-10-25 | 陈羽 | A kind of method for remote controlling computer and system |
| CN110471359B (en) * | 2019-09-22 | 2023-02-14 | 南京时仓信息科技有限公司 | Information security control module and control method suitable for embedded host |
| CN112131546B (en) * | 2020-09-10 | 2022-09-27 | 重庆电子工程职业学院 | Information security management and control device |
| CN115277084B (en) * | 2022-06-23 | 2023-09-01 | 浙江科技学院 | Electronic information unidirectional transmission system and method for signal shielding |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1423203A (en) * | 2001-12-05 | 2003-06-11 | 武汉瑞达电子有限公司 | Safety computer with information safety management unit |
| CN1632709A (en) * | 2004-12-15 | 2005-06-29 | 中国长城计算机深圳股份有限公司 | A computer system for guaranteeing information security |
| CN104243402A (en) * | 2013-06-08 | 2014-12-24 | 中国人民解放军91655部队 | Novel desktop audit system and method thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2005038139A (en) * | 2003-07-18 | 2005-02-10 | Global Friendship Inc | Electronic information management system |
-
2015
- 2015-04-10 CN CN201510170407.3A patent/CN104751036B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1423203A (en) * | 2001-12-05 | 2003-06-11 | 武汉瑞达电子有限公司 | Safety computer with information safety management unit |
| CN1632709A (en) * | 2004-12-15 | 2005-06-29 | 中国长城计算机深圳股份有限公司 | A computer system for guaranteeing information security |
| CN104243402A (en) * | 2013-06-08 | 2014-12-24 | 中国人民解放军91655部队 | Novel desktop audit system and method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104751036A (en) | 2015-07-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104751036B (en) | A kind of computer information safe system | |
| CN107563213B (en) | Safety secrecy control device for preventing data extraction of storage equipment | |
| CA2935780C (en) | Systems and methods with cryptography and tamper resistance software security | |
| CN105740725B (en) | A kind of document protection method and system | |
| CN108616531B (en) | Radio frequency signal secure communication method and system | |
| US20080016127A1 (en) | Utilizing software for backing up and recovering data | |
| Mavrovouniotis et al. | Hardware security modules | |
| CN107784207B (en) | Display method, device and equipment of financial APP interface and storage medium | |
| CN102236607B (en) | Data security protection method and data security protection device | |
| CN1776563A (en) | File encrypting device based on USB interface | |
| US20130322619A1 (en) | Information processing apparatus, ic chip, and information processing method | |
| Hurley-Smith et al. | Certifiably biased: An in-depth analysis of a common criteria EAL4+ certified TRNG | |
| CN107506660A (en) | A kind of daily record sensitive information processing method and system applied to financial self-service equipment | |
| CN117592108A (en) | Interface data desensitization processing method and device | |
| CN103368926A (en) | Method for preventing file tampering and device for preventing file manipulation | |
| CN100543762C (en) | Computer-aided design data encryption protecting method based on hardware environment | |
| Ukidve et al. | Analysis of payment card industry data security standard [PCI DSS] compliance by confluence of COBIT 5 framework | |
| CN103577771A (en) | Virtual desktop data leakage-preventive protection technology on basis of disk encryption | |
| CN116842545A (en) | File encryption-based data anti-luxury method and system | |
| CN106952659B (en) | CD multistage imprinting encryption method based on XTS encryption mode | |
| CN108376212A (en) | Execute code security guard method, device and electronic device | |
| CN107423627A (en) | The time slot scrambling and electronic equipment of a kind of electronic equipment | |
| US20210111870A1 (en) | Authorizing and validating removable storage for use with critical infrastrcture computing systems | |
| CN106650492A (en) | Multi-device file protection method and device based on security catalog | |
| TWI444849B (en) | System for monitoring personal data file based on server verifying and authorizing to decrypt and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180824 Termination date: 20190410 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |