CN104978302A - TCM chip based intelligent security USB interface control method - Google Patents

TCM chip based intelligent security USB interface control method Download PDF

Info

Publication number
CN104978302A
CN104978302A CN201510351964.5A CN201510351964A CN104978302A CN 104978302 A CN104978302 A CN 104978302A CN 201510351964 A CN201510351964 A CN 201510351964A CN 104978302 A CN104978302 A CN 104978302A
Authority
CN
China
Prior art keywords
tcm
usb
chip
safe
usb interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510351964.5A
Other languages
Chinese (zh)
Other versions
CN104978302B (en
Inventor
李健
刘泽
王增超
秦清松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing mechanical and electrical engineering general design department
Original Assignee
Shandong Chaoyue Numerical Control Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Chaoyue Numerical Control Electronics Co Ltd filed Critical Shandong Chaoyue Numerical Control Electronics Co Ltd
Priority to CN201510351964.5A priority Critical patent/CN104978302B/en
Publication of CN104978302A publication Critical patent/CN104978302A/en
Application granted granted Critical
Publication of CN104978302B publication Critical patent/CN104978302B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/42Bus transfer protocol, e.g. handshake; Synchronisation
    • G06F13/4282Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0042Universal serial bus [USB]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a TCM chip based intelligent security USB interface control method which is specifically realized by the steps of: controlling a computer to manage an EC chip and a USB source end chip through a TCM chip, and realizing intelligent security use of a USB interface by monitoring USB data transmission and USB data encryption. Compared to the prior art, the TCM chip based intelligent security USB interface control method has the characteristics that the computer is controlled to manage the EC chip and monitor USB data transmission through the TCM chip, and USB interface data monitoring and encryption functions are realized in a hardware design layer; and compared to USB interface management by software in a system during the later period, the method is more intelligent, safer, high in practicality, wide in application range and easy to popularize.

Description

A kind of intelligent and safe USB interface control method based on TCM chip
Technical field
The present invention relates to technical field of data security, specifically a kind of practical, based on the intelligent and safe USB interface control method of TCM chip.
Background technology
Along with the develop rapidly of informatization, information security issue becomes increasingly conspicuous, and in networked information era, network attack, the problem of information leakage emerges in an endless stream, and does not have the information security technology of core, and we just will face severe information security situation.Particularly at the modernization computing machine being medium with large data and server industries.USB interface security control is in the market comparatively simple, causing its data easily by artificial Compulsory Removal, causes data loss rate high, for avoiding the generation of this situation, now providing a kind of intelligent and safe USB interface control method based on TCM chip.
Summary of the invention
Technical assignment of the present invention is for above weak point, provide a kind of practical, based on the intelligent and safe USB interface control method of TCM chip.
A kind of intelligent and safe USB interface control method based on TCM chip, its specific implementation process is: by TCM chip controls computer management chip EC chip, management USB source chip, the intelligent and safe being realized USB interface by monitoring USB data transmission and usb data encryption is used.
Described usb data ciphering process is: when after computer monitoring to USB device, and after the TCM chip namely in computing machine monitors USB device, by USB data line fetch equipment information, first this TCM chip judges that it is with or without safe key; After confirming there is safe key, TCM decontrols USB data transmission and controls; If do not find safe key or safe key checking do not pass through, TCM then automatic usb data is encrypted after transmit again, and to transmission data carry out Real-Time Monitoring.
The above-mentioned data through TCM encryption can decipher reading on the equipment of band TCM decipher function.
Safe key is generated by TCM chip, has safe key to refer in this USB storage device and prestore the safe key generated by above-mentioned TCM equipment in above-mentioned USB device.
After TCM chip decontrols USB data transmission control, whether arrange to USB data transmission Real-Time Monitoring by TCM internal processes.
When USB device is not verified without safe key or safe key, TCM chip sends alarm command by lpc bus.
Also comprise the step of data auto-destruct, that is: when TCM chip monitors the USB storage device that computing machine repeatedly uses without safe key checking, this TCM chip sends by spi bus controls EC managing chip the also all data of auto-destruct memory device of reporting to the police.
A kind of intelligent and safe USB interface control method based on TCM chip of the present invention, has the following advantages:
A kind of intelligent and safe USB interface control method based on TCM chip of this invention is by TCM chip controls computer management chip EC and monitoring USB data transmission, USB interface data monitoring and encryption function is realized in hardware design aspect, system is entered more intelligent by software administration USB interface, safer compared to the later stage; Realize some requires the higher equipment outbound data such as computing machine, server transmission intelligent and safe to safety coefficient, and can monitor USB data transmission and encrypt; Under the background that information security issue becomes increasingly conspicuous, this invention can solve the USB interface problem of data safety of the most widespread use of computing machine, practical, applied widely, is easy to promote.
Accompanying drawing explanation
Accompanying drawing 1 realizes schematic diagram for of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the invention will be further described.
A kind of intelligent and safe USB interface control method based on TCM chip is now provided, the method is by TCM chip management and control EC and USB source chip, authentication based on the embedded specific Secret key arithmetic of TCM is provided, and realizes the intelligent and safe operation technique of USB interface by monitoring USB data transmission and usb data encryption.
Described TCM encryption chip, provides the functions such as crypto-operation service software interface, SPI interface, 7816 interfaces; Based on the firmware of STM32F10X USART peripheral module, the Nandflash storage chip TC58NVG4D2HTAOO series of Toshiba.
As shown in Figure 1, its specific implementation process is: by TCM chip controls computer management chip EC chip, management USB source chip, the intelligent and safe being realized USB interface by monitoring USB data transmission and usb data encryption is used.
Described usb data ciphering process is: when after computer monitoring to USB device, and after the TCM chip namely in computing machine monitors USB device, by USB data line fetch equipment information, first this TCM chip judges that it is with or without safe key; After confirming there is safe key, TCM decontrols USB data transmission and controls; If do not find safe key or safe key checking do not pass through, TCM then automatic usb data is encrypted after transmit again, and to transmission data carry out Real-Time Monitoring.
The above-mentioned data through TCM encryption can decipher reading on the equipment of band TCM decipher function.
Safe key is generated by TCM chip, has safe key to refer in this USB storage device and prestore the safe key generated by above-mentioned TCM equipment in above-mentioned USB device.
After TCM chip decontrols USB data transmission control, whether arrange to USB data transmission Real-Time Monitoring by TCM internal processes.
When USB device is not verified without safe key or safe key, TCM chip is then automatic is encrypted transmission to usb data, and this TCM chip sends alarm command by lpc bus.
Also comprise the step of data auto-destruct, that is: when TCM chip monitors the USB storage device that computing machine repeatedly uses without safe key checking, this TCM chip sends by spi bus controls EC managing chip the also all data of auto-destruct memory device of reporting to the police.
More than operation has all controlled after TCM chip and EC managing chip power on, and not by operating system and other software impact follow-up, realizes usb data management and control, thus make USB interface more intelligent at hardware view, safer.
Above-mentioned embodiment is only concrete case of the present invention; scope of patent protection of the present invention includes but not limited to above-mentioned embodiment; claims of any a kind of intelligent and safe USB interface control method based on TCM chip according to the invention and any person of an ordinary skill in the technical field to its suitable change done or replacement, all should fall into scope of patent protection of the present invention.

Claims (7)

1. the intelligent and safe USB interface control method based on TCM chip, it is characterized in that, specific implementation process is: by TCM chip controls computer management chip EC chip, management USB source chip, the intelligent and safe being realized USB interface by monitoring USB data transmission and usb data encryption is used.
2. a kind of intelligent and safe USB interface control method based on TCM chip according to claim 1, it is characterized in that, described usb data ciphering process is: when after computer monitoring to USB device, namely, after the TCM chip in computing machine monitors USB device, by USB data line fetch equipment information, first this TCM chip judges that it is with or without safe key; After confirming there is safe key, TCM decontrols USB data transmission and controls; If do not find safe key or safe key checking do not pass through, TCM then automatic usb data is encrypted after transmit again, and to transmission data carry out Real-Time Monitoring.
3. a kind of intelligent and safe USB interface control method based on TCM chip according to claim 2, is characterized in that, the above-mentioned data through TCM encryption can decipher reading on the equipment of band TCM decipher function.
4. a kind of intelligent and safe USB interface control method based on TCM chip according to claim 2, it is characterized in that, safe key is generated by TCM chip, has safe key to refer in this USB storage device and prestore the safe key generated by above-mentioned TCM equipment in above-mentioned USB device.
5. whether a kind of intelligent and safe USB interface control method based on TCM chip according to claim 2, is characterized in that, after TCM chip decontrols USB data transmission control, arrange to USB data transmission Real-Time Monitoring by TCM internal processes.
6. a kind of intelligent and safe USB interface control method based on TCM chip according to claim 2, it is characterized in that, when USB device is not verified without safe key or safe key, TCM chip sends alarm command by lpc bus.
7. according to the arbitrary described a kind of intelligent and safe USB interface control method based on TCM chip of claim 1-6, it is characterized in that, also comprise the step of data auto-destruct, that is: when TCM chip monitors the USB storage device that computing machine repeatedly uses without safe key checking, this TCM chip sends by spi bus controls EC managing chip the also all data of auto-destruct memory device of reporting to the police.
CN201510351964.5A 2015-06-24 2015-06-24 A kind of intelligent and safe USB interface control method based on TCM chips Expired - Fee Related CN104978302B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510351964.5A CN104978302B (en) 2015-06-24 2015-06-24 A kind of intelligent and safe USB interface control method based on TCM chips

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510351964.5A CN104978302B (en) 2015-06-24 2015-06-24 A kind of intelligent and safe USB interface control method based on TCM chips

Publications (2)

Publication Number Publication Date
CN104978302A true CN104978302A (en) 2015-10-14
CN104978302B CN104978302B (en) 2018-02-23

Family

ID=54274820

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510351964.5A Expired - Fee Related CN104978302B (en) 2015-06-24 2015-06-24 A kind of intelligent and safe USB interface control method based on TCM chips

Country Status (1)

Country Link
CN (1) CN104978302B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107194289A (en) * 2017-03-29 2017-09-22 山东超越数控电子有限公司 A kind of USB interface permission control device and authority control method
CN110298183A (en) * 2019-06-26 2019-10-01 浪潮金融信息技术有限公司 A kind of method of cascade protection data safety
CN111262703A (en) * 2020-01-13 2020-06-09 浪潮金融信息技术有限公司 Safe and credible Ethernet interface system and implementation method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010004749A1 (en) * 1999-12-15 2001-06-21 Jiin Lai Arbitration of control chipsets in bus transaction
US20060072748A1 (en) * 2004-10-01 2006-04-06 Mark Buer CMOS-based stateless hardware security module
CN101079008A (en) * 2006-05-22 2007-11-28 中国软件与技术服务股份有限公司 Mobile memory divulgence protection method and system
CN101324912A (en) * 2008-07-30 2008-12-17 中国航天科工集团第二研究院七○六所 Credible safety computer
CN101714123A (en) * 2008-10-07 2010-05-26 谈剑锋 Document mobile memory device capable of ensuring information security and implementing method thereof
CN101881997A (en) * 2009-05-04 2010-11-10 同方股份有限公司 Trusted safe mobile storage device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010004749A1 (en) * 1999-12-15 2001-06-21 Jiin Lai Arbitration of control chipsets in bus transaction
US20060072748A1 (en) * 2004-10-01 2006-04-06 Mark Buer CMOS-based stateless hardware security module
CN101079008A (en) * 2006-05-22 2007-11-28 中国软件与技术服务股份有限公司 Mobile memory divulgence protection method and system
CN101324912A (en) * 2008-07-30 2008-12-17 中国航天科工集团第二研究院七○六所 Credible safety computer
CN101714123A (en) * 2008-10-07 2010-05-26 谈剑锋 Document mobile memory device capable of ensuring information security and implementing method thereof
CN101881997A (en) * 2009-05-04 2010-11-10 同方股份有限公司 Trusted safe mobile storage device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107194289A (en) * 2017-03-29 2017-09-22 山东超越数控电子有限公司 A kind of USB interface permission control device and authority control method
CN110298183A (en) * 2019-06-26 2019-10-01 浪潮金融信息技术有限公司 A kind of method of cascade protection data safety
CN110298183B (en) * 2019-06-26 2021-07-20 浪潮金融信息技术有限公司 Method for protecting data security in grading manner
CN111262703A (en) * 2020-01-13 2020-06-09 浪潮金融信息技术有限公司 Safe and credible Ethernet interface system and implementation method

Also Published As

Publication number Publication date
CN104978302B (en) 2018-02-23

Similar Documents

Publication Publication Date Title
CN102006186B (en) System for monitoring illegal external connection of intranet equipment and method thereof
CN105072125B (en) A kind of http communication system and method
CN105656860A (en) Safety management and control method, apparatus and system for Android system
CN107506289A (en) The abnormality monitoring method and financial terminal of a kind of financial terminal
CN104506500A (en) GOOSE message authentication method based on transformer substation
CN104637117A (en) Intelligent lock pin realization method, key realization method, intelligent lock pin, lock and key
CN103218181A (en) Data safety printing control method based on virtual printer technology
CN103856321A (en) Data encryption and decryption method and system
CN104978302A (en) TCM chip based intelligent security USB interface control method
CN100334519C (en) Method for establishing credible input-output channels
CN111046405B (en) Data processing method, device, equipment and storage medium
CN102932345B (en) A kind of information transferring method, Apparatus and system
CN108769004B (en) Remote operation safety verification method for industrial internet intelligent equipment
CN103824014A (en) Isolation certificating and monitoring method of USB (universal serial bus) port within local area network
CN103457723B (en) A kind of encryption method and the encryption device based on it
CN106027258A (en) TPM (Trusted Platform Module)-based household appliance remote control method
CN203720848U (en) Hard disk encryption device based on AES (advanced encryption standard) algorithm
CN202050425U (en) Illegal external connection monitoring system for internal network equipment
CN104821879A (en) Encryption method in data transfer of electric power system
CN104281800A (en) Unlocking method of safety intelligent lock system with video-monitoring function on basis of bluetooth
CN109726584A (en) Cloud database key management system
CN102694645A (en) Method and device for safely controlling geographic spatial data
CN104580997A (en) Video monitoring management system
CN105187453A (en) Security encryption communication method of fault indicator
CN115118751A (en) Block chain-based supervision system, method, equipment and medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 250100 Ji'nan province hi tech Zone, Sun Village Branch Road, No. 2877

Applicant after: Shandong beyond CNC electronic Limited by Share Ltd

Address before: 250100 Ji'nan province hi tech Zone, Sun Village Branch Road, No. 2877

Applicant before: Chaoyue Digital Controlling Electronic Co., Ltd., Shandong Prov.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20190415

Address after: 250100 No. 2877 Kehang Road, Sun Village Town, Jinan High-tech District, Shandong Province

Co-patentee after: Beijing mechanical and electrical engineering general design department

Patentee after: Shandong beyond CNC electronic Limited by Share Ltd

Address before: 250100 No. 2877 Kehang Road, Sun Village Town, Jinan High-tech District, Shandong Province

Patentee before: Shandong beyond CNC electronic Limited by Share Ltd

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180223

Termination date: 20190624

CF01 Termination of patent right due to non-payment of annual fee