CN104933333A - Special office mobile storage medium management system - Google Patents
Special office mobile storage medium management system Download PDFInfo
- Publication number
- CN104933333A CN104933333A CN201410359134.2A CN201410359134A CN104933333A CN 104933333 A CN104933333 A CN 104933333A CN 201410359134 A CN201410359134 A CN 201410359134A CN 104933333 A CN104933333 A CN 104933333A
- Authority
- CN
- China
- Prior art keywords
- storage medium
- machine code
- client
- database
- mobile storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention belongs to the field of information management and relates to a special office mobile storage medium management system. The system is composed of two parts, namely a server and a client, wherein a unique machine code database of all computers of a company is integrated inside the server, and the machine code database is installed in a special computer and is connected to the other computers of the company by means of a network; and the client is packaged inside a special office mobile storage medium and does not need to be additionally installed, and an offline database that contains the machine codes of all the computers of the company is integrated inside the client. When the system is used, an employee inserts the mobile storage medium with the client into the computer, the client calculates the machine code with unique hardware information inside the computer and compares the machine code with the offline database to determine whether the computer is an authorized machine by the company or not. When the determination succeeds, the employee inputs a login password and then can use a data zone in the mobile storage medium. The system has the advantages of being convenient for use, high in security and good in privacy and the like.
Description
Technical field
The invention belongs to field of information management, relate to a kind of office special mobile storage medium management system, the present invention uses flexibly, convenience, can be popularized, be more applicable for the higher mechanism of inner Information Security requirement or department in the informationalized process of Government and enterprise.
Background technology
Along with the develop rapidly of science and technology, mobile memory medium is as the appearance of USB flash disk, portable hard drive and universal greatly facilitate exchanges data and store convenience.But mobile memory medium is bringing easily simultaneously to people's work, bring great potential safety hazard also to the Information Security work of user place company, the management strengthening mobile memory medium has become the important foundation of effective guarantee company information safety.
The domestic management for mobile memory medium at present is generally all started with from administration means and technological means two aspect, be on the one hand must not retrain Misuse mobile memory medium by special rules and regulations, regulation will adopt what kind of punish the measure etc. after there is secret leaking event; Carry out the management of terminal and mobile memory medium by installation movable storage medium management system or desktop terminal management system from technological layer on the other hand.
But all there is two problems at present in movable storage medium management system or desktop terminal management system: one is need installation system client on the computing machine in firm-wide, by server end, the control of client is carried out to the management of mobile memory medium or desktop computer.Its drawback is that O&M workload is large when office computer quantity is more, again client must be reinstalled after particularly computing machine repacking operation system or employee unload client privately, secondly in practical situations, and not all employee very understands computer technology, the behavior that employee's computing machine is installed a software by force can allow employee think by mistake, and computing machine is by corporation monitoring, limit individual freedom, employee can produce passive psychology of conflicting, thus affects normal office work efficiency; Two are present most of movable storage medium management systems are all by server disposition and issue some strategies and control office computer, object prevents office computer from accessing unauthorized mobile memory medium, if the mobile memory medium of inherently having authorized accesses non-office computer, such as take use home, travel outside after using or losing and then cannot be carried out management and control by other people use, therefore still there is the risk of corporate office information leakage.
Summary of the invention
The object of the invention is to the above-mentioned deficiency overcoming prior art, the present invention will solve the information-leakage problem caused owing to adopting mobile memory medium to carry out file transfer in office process.
The technical solution adopted for the present invention to solve the technical problems is: provide a set of practical, easy to use, flexibly movable storage medium management system be specifically designed to office, it is characterized in that, comprise server end and client two parts, wherein server end is arranged on certain computer, client is encapsulated in office special mobile storage medium does not need to go installation again, and comprises promoter region and two, data field part.
Described one office special mobile storage medium management system, described service end is made up of database (comprising the machine code of the whole computing machine of company) and corresponding acknowledge communication program; Wherein, machine code is calculated by the hardware information that the physical characteristics such as identity identification code (identification abridge ID) and hard disk ID of the mac address of nic of computing machine, central processing unit (Central Processing Unit is called for short CPU) is unique.
Described one office special mobile storage medium management system, this medium need be carried out format process by described client before being packaged into mobile memory medium, during encapsulation, mobile memory medium is divided into Liang Ge district, client-side program is deposited in promoter region, comprise hardware information extraction, machine code calculating and contrast, off-line machine code database, password login and contrast supervisor block, and this program is only supplied to the unified entrance of user one on application interface; The default conditions of data field for hide to user, only when used storage medium and computing machine checking qualified after just can for employee's normal office work copies data.
Described one office special mobile storage medium management system, described client terminal start-up district will extract a series of hardware information when user uses mobile memory medium from computing machine, comprise the ID of mac address of nic, CPU, the hardware information that the physical characteristicss such as the ID of hard disk are unique, and regenerate machine code by extracting after the information obtained mixes by Advanced Encryption Standard (Advanced Encryption Standard is called for short AES) cryptographic algorithm; Simultaneously the off-line machine code database file that comprises of promoter region by automatic connection server database once, is updated to up-to-date database; The machine code of generation and the off-line machine code database after upgrading are carried out Data Comparison; After the match is successful, this computing machine is authorized by company, system, by ejecting the dialog box of input password, after user inputs proper password, brings into use the Normal data operation function of mobile memory medium, if input password is wrong, then user still can not use the Normal data operation function of mobile memory medium; If mate unsuccessful, have some promptings, still do not mate will return initial interface according to after prompting operation, user cannot use the Normal data operation function of mobile memory medium.
The present invention has following beneficial effect:
The invention provides a kind of office special mobile storage medium management system, this system is without the need to the prior installation carrying out corresponding management system client on every platform office computer, eliminate the loaded down with trivial details repeated work of operation maintenance personnel, and avoid company personnel to be produced its normal operating conditions of conflict psychology maintenance by requiring mounting software by force; , can only use on the office computer of company's accreditation through the special office mobile memory medium of authorizing meanwhile, thus prevent scope privately from using outward, lose after caused company information to leak by human factors such as other people use, guarantee company information safety.
Accompanying drawing explanation
Fig. 1: for office special mobile storage medium management system uses process flow diagram.
Embodiment
Below in conjunction with embodiment, the specific embodiment of the present invention is described in further detail.Following examples for illustration of the present invention, but are not used for limiting the scope of the invention.
First, before this system of use, server end is arranged in a certain fixed server of company, and this server is connected with other computing machines by company's internal network.Then the hardware information of the mac address of nic of each computing machine of intra-company, unique physical properties such as computing machine such as expression such as the ID of CPU, hard disk ID etc. is extracted.The hardware information calculated for each calculates, and obtains the machine code that every platform computing machine is unique, and sets up machine code database.
Secondly common mobile memory medium formatd and client is packaged into media interior, thus generating office special mobile storage medium, then being handed down to company personnel's use.Mobile memory medium need be divided into Liang Ge district during encapsulation, promoter region and data field; Wherein, client-side program is deposited in promoter region, comprises hardware information extraction, machine code calculating and contrast, off-line machine code database, password login and contrast supervisor block, and on application interface, be only supplied to the unified entrance of user one, the default conditions of data field are hide to user.After above-mentioned server end and data terminal all being installed, just can use this movable storage medium management system, it specifically uses flow process as shown in Figure 1.
When employee inserts office special mobile storage medium on a certain computing machine, only can see promoter region, after entering promoter region, initial interface only can see a unified entry program icon and client-side program.Click client-side program in promoter region, the off-line data library file in promoter region by automatic connection server database once, if automatically will download on connecting and be updated to up-to-date database, as connected, remains unchanged; Afterwards, program will carry out hardware information extraction, extract the ID of this computing machine mac address of nic, CPU, carry out mixed juice calculation after the information such as hard disk ID, generate machine code by AED cryptographic algorithm, and the machine code of generation and off-line machine code database are carried out Data Comparison.Then assert after the match is successful that this computing machine has obtained company's vesting assent, then eject the dialog box of input password, after user inputs proper password, normal display is recovered in data field, and user can the normal function such as usage data copy.
As the machine code of current generation and offline database unmatch, program ejects prompting " current computer in company not within the scope of authority, whether application mandate ", user's point " cancellation " then program stopped all operations returns initial interface, point " determine " after by submit applications, application content (comprises personnel's name that application personnel manually fill in, the hardware informations such as the machine code of the Working informations such as office and programming automatic generation) upload onto the server end after eject prompting " apply for submitted to, please wait for that mandate enables this program after completing again " after return initial interface, then eject to point out " apply for submitting to as communication cannot be carried out with server end, please check network " after return initial interface, after this, audit whether pass through this application by system manager at server end or system administration page, by rear, upgrade database data, reuse after mobile memory medium database to be taken off-line upgrades automatically until user and just can normally employ.
As the machine code of current generation and offline database, the match is successful, and when user inputs password bad, user will be pointed out " again to input password " for program until Password Input is correct, and user could the function such as normal usage data copy; Otherwise system returns initial interface after user clicks " cancellation " or Password Input mistake several times.
Claims (4)
1. an office special mobile storage medium management system, it is characterized in that, comprise server end and client two parts, wherein server end is arranged on certain computer, client is encapsulated in office special mobile storage medium does not need to go installation again, and comprises promoter region and two, data field part.
2. one office special mobile storage medium management system according to claim 1, it is characterized in that, described service end is made up of database (comprising the machine code of the whole computing machine of company) and corresponding acknowledge communication program; Wherein, machine code is calculated by the hardware information that the physical characteristics such as identity identification code (identification abridge ID) and hard disk ID of the mac address of nic of computing machine, central processing unit (CentralProcessing Unit is called for short CPU) is unique.
3. one office special mobile storage medium management system according to claim 1, it is characterized in that, this medium need be carried out format process by described client before being packaged into mobile memory medium, during encapsulation, mobile memory medium is divided into Liang Ge district, client-side program is deposited in promoter region, comprises hardware information extraction, machine code calculating and contrast, off-line machine code database, password login and contrast supervisor block, and this program is only supplied to the unified entrance of user one on application interface; The default conditions of data field for hide to user, only when used storage medium and computing machine checking qualified after just can for employee's normal office work copies data.
4. one office special mobile storage medium management system according to claim 1, it is characterized in that, described client terminal start-up district will extract a series of hardware information when user uses mobile memory medium from computing machine, comprise the ID of mac address of nic, CPU, the hardware information that the physical characteristicss such as the ID of hard disk are unique, and regenerate machine code by extracting after the information obtained mixes by Advanced Encryption Standard (Advanced EncryptionStandard is called for short AES) cryptographic algorithm; Simultaneously the off-line machine code database file that comprises of promoter region by automatic connection server database once, is updated to up-to-date database; The machine code of generation and the off-line machine code database after upgrading are carried out Data Comparison; After the match is successful, this computing machine is authorized by company, system, by ejecting the dialog box of input password, after user inputs proper password, brings into use the Normal data operation function of mobile memory medium, if input password is wrong, then user still can not use the Normal data operation function of mobile memory medium; If mate unsuccessful, have some promptings, still do not mate will return initial interface according to after prompting operation, user cannot use the Normal data operation function of mobile memory medium.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410359134.2A CN104933333A (en) | 2014-07-25 | 2014-07-25 | Special office mobile storage medium management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410359134.2A CN104933333A (en) | 2014-07-25 | 2014-07-25 | Special office mobile storage medium management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104933333A true CN104933333A (en) | 2015-09-23 |
Family
ID=54120498
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410359134.2A Pending CN104933333A (en) | 2014-07-25 | 2014-07-25 | Special office mobile storage medium management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104933333A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111857534A (en) * | 2019-04-24 | 2020-10-30 | 北京嘀嘀无限科技发展有限公司 | Data transmission method, data storage server and data storage system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101840477A (en) * | 2010-05-11 | 2010-09-22 | 刘金刚 | Method for working by using mobile operating system |
| CN103049685A (en) * | 2013-01-23 | 2013-04-17 | 天津三星光电子有限公司 | User multi-code management system and method |
| CN103632080A (en) * | 2013-11-06 | 2014-03-12 | 国家电网公司 | Mobile data application safety protection system and mobile data application safety protection method based on USBKey |
| US20140123317A1 (en) * | 2012-10-26 | 2014-05-01 | Kyocera Document Solutions Inc. | Confidential information management system |
-
2014
- 2014-07-25 CN CN201410359134.2A patent/CN104933333A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101840477A (en) * | 2010-05-11 | 2010-09-22 | 刘金刚 | Method for working by using mobile operating system |
| US20140123317A1 (en) * | 2012-10-26 | 2014-05-01 | Kyocera Document Solutions Inc. | Confidential information management system |
| CN103049685A (en) * | 2013-01-23 | 2013-04-17 | 天津三星光电子有限公司 | User multi-code management system and method |
| CN103632080A (en) * | 2013-11-06 | 2014-03-12 | 国家电网公司 | Mobile data application safety protection system and mobile data application safety protection method based on USBKey |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111857534A (en) * | 2019-04-24 | 2020-10-30 | 北京嘀嘀无限科技发展有限公司 | Data transmission method, data storage server and data storage system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3120290B1 (en) | Techniques to provide network security through just-in-time provisioned accounts | |
| US9432339B1 (en) | Automated token renewal using OTP-based authentication codes | |
| US20090046858A1 (en) | System and Method of Data Encryption and Data Access of a Set of Storage Devices via a Hardware Key | |
| EP3698264B1 (en) | User selected key authentication | |
| US20130318576A1 (en) | Method, device, and system for managing user authentication | |
| US20070283346A1 (en) | System and method for remote management and facilitating installation and registration of software | |
| CN105027498A (en) | A method, system and device for securely storing data files at a remote location by splitting and reassembling said files | |
| CN104320389A (en) | Fusion identify protection system and fusion identify protection method based on cloud computing | |
| CN112528257A (en) | Security debugging method and device, electronic equipment and storage medium | |
| KR20120112598A (en) | Implementing method, system of universal card system and smart card | |
| CN102945337A (en) | On-line self-help management method and system of Subversion user password | |
| CN105005721A (en) | Computer authorization starting control system and method based on computer starting key | |
| CN114297685A (en) | Product key burning method, system, device, terminal equipment and storage medium | |
| CN104469736A (en) | Data processing method, server and terminal | |
| CN111158857A (en) | Data encryption method, device, equipment and storage medium | |
| CN104135483A (en) | Automatic configuration management system for network security | |
| CN108021426A (en) | A kind of desktop cloud system | |
| CN103763370B (en) | A kind of method, system and device for changing mobile terminal workspace screen-lock password | |
| US20190333038A1 (en) | Basic input/output system (bios) credential management | |
| CN107209706A (en) | The application of maintenance and the method and system of desktop are received for connecting devices to | |
| CN104680040A (en) | Software loading number and activation control method and system | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN104463510A (en) | Finance management system | |
| US20190325412A1 (en) | Maintaining Secure Access to a Self-Service Terminal (SST) | |
| CN104933333A (en) | Special office mobile storage medium management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150923 |