CN105141614B - A kind of access right control method and device of movable storage device - Google Patents

A kind of access right control method and device of movable storage device Download PDF

Info

Publication number
CN105141614B
CN105141614B CN201510563964.1A CN201510563964A CN105141614B CN 105141614 B CN105141614 B CN 105141614B CN 201510563964 A CN201510563964 A CN 201510563964A CN 105141614 B CN105141614 B CN 105141614B
Authority
CN
China
Prior art keywords
storage device
movable storage
label
terminal
permission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510563964.1A
Other languages
Chinese (zh)
Other versions
CN105141614A (en
Inventor
高曦
刘兴安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing VRV Software Corp Ltd
Original Assignee
Beijing VRV Software Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing VRV Software Corp Ltd filed Critical Beijing VRV Software Corp Ltd
Priority to CN201510563964.1A priority Critical patent/CN105141614B/en
Publication of CN105141614A publication Critical patent/CN105141614A/en
Application granted granted Critical
Publication of CN105141614B publication Critical patent/CN105141614B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of access right control methods of movable storage device, comprising: the label of specified permission is written to movable storage device, and obtains preset rights management policy according to the permission of the ID of the movable storage device and the label;The ID of the movable storage device and the rights management policy are sent to the terminal in preset range, to the authorization terminal in the preset range;When the movable storage device accesses the terminal in the preset range, accessed the control of permission according to the rights management policy to the movable storage device.The present invention also provides a kind of address control sets of movable storage device, including label writing unit, authorization terminal unit and access control unit.The present invention can be realized the terminal in preset range to the access control of tagged movable storage device, and neatly the exchange to data between computer and movable storage device carries out safety management.

Description

A kind of access right control method and device of movable storage device
Technical field
The present invention relates to field of information security technology more particularly to a kind of access right control methods of movable storage device And device.
Background technique
Movable storage device is exactly the storage equipment that can be moved between different terminals, greatly facilitates data storage, because This, movable storage device using very extensive.
However, the exchange for sensitive or confidential data between computer and movable storage device, lacks system, reality Safety management scheme.Existing safety management system file-based generally all sets file security attribute by user Method still remains two although the control to exchange files is improved to formulate the operation of security level and permission Problem: it first is that understanding deficiency to file content in user or in the case where operation error, is easy mistakenly setting safety and belongs to Property, cause potential safety management to be failed, reduces the reliability of system;Second is that the operation control of these systems is often confined to Read-only, limitation printing times, restricted part editting function etc., lack flexibility and practicability.
Summary of the invention
In view of the drawbacks of the prior art, the present invention provides the access right control method and dress of a kind of movable storage device It sets, can be realized the terminal in preset range to the access control of tagged movable storage device, neatly data are being counted Exchange between calculation machine and movable storage device carries out safety management.
In a first aspect, the present invention provides a kind of access right control methods of movable storage device, this method comprises:
Movable storage device is written the label of specified permission, and according to the ID of the movable storage device and the label Permission obtain preset rights management policy;
The ID of the movable storage device and the rights management policy are sent to the terminal in preset range, to described Authorization terminal in preset range;
When the movable storage device accesses the terminal in the preset range, according to the rights management policy to described Movable storage device accesses the control of permission.
Preferably, described when the movable storage device accesses the terminal, according to the rights management policy to described Movable storage device accesses the control of permission, comprising:
When movable storage device access terminal, the ID and label of the movable storage device are obtained;
According to the movable storage device ID, judge the movable storage device that the label is written on the terminal whether It is authorized to;
If the movable storage device has been authorized in the terminal, the corresponding rights management policy of the label is obtained, And according to the permission and rights management policy of the label, the operation of the movable storage device is managed and is controlled.
Preferably, the label of the specified permission includes: common label, encryption label or interference label.
Preferably, described that specified power is written to movable storage device if the label of the specified permission is encryption label The label of limit, comprising:
Encryption label is written to movable storage device, and the movable storage device is divided into promoter region, interactive areas and guarantor Mi Qu.
Preferably, if the label of the specified permission be encryption label, it is described according to the rights management policy to institute Movable storage device is stated to access the control of permission, comprising:
If the movable storage device that the encryption label is written has been authorized on the terminal, corresponding according to encryption label Rights management policy, after password authentification, interactive areas and closed security zone to the movable storage device access control;
If the movable storage device that the encryption label is written is uncommitted on the terminal, forbid opening described in reading Movable storage device.
Preferably, if the label of the specified permission be common label, it is described according to the rights management policy to institute Movable storage device is stated to access the control of permission, comprising:
It is corresponding according to common label if the movable storage device that the common label is written has been authorized on the terminal Rights management policy, access control to the movable storage device;
If the movable storage device that the common label is written is uncommitted on the terminal, and the terminal belongs to directorial area It is overseas, then allow to be written and read the movable storage device in the terminal.
Preferably, this method further include:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to service Device.
Second aspect, the present invention provides a kind of address control set of movable storage device, which includes:
Label writing unit, for movable storage device being written the label of specified permission, and according to the mobile storage The permission of the ID of equipment and the label obtains preset rights management policy;
Authorization terminal unit, for the ID of the movable storage device and the rights management policy to be sent to preset range Interior terminal, to the authorization terminal in the preset range;
Access control unit, when for accessing the terminal in the preset range when the movable storage device, according to described Rights management policy accesses the control of permission to the movable storage device.
Preferably, the label of the specified permission includes: common label, encryption label or interference label.
Preferably, which further includes log generation unit, is used for:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to service Device.
As shown from the above technical solution, the present invention provides the access right control method and dress of a kind of movable storage device It sets, by movable storage device being written the label of different rights, and further to the authorization terminal in preset range, with reality Terminal in existing preset range to the access control of tagged movable storage device, thus neatly to data in computer and Exchange between movable storage device carries out safety management.
Detailed description of the invention
In order to illustrate more clearly of the embodiment of the present disclosure or technical solution in the prior art, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Disclosed some embodiments for those of ordinary skill in the art without creative efforts, can be with Other attached drawings are obtained according to these figures.
Fig. 1 is a kind of process signal of the access right control method for movable storage device that one embodiment of the invention provides Figure;
Fig. 2 be another embodiment of the present invention provides a kind of mobile memory management system in user, terminal and mobile storage The schematic diagram of equipment room mutual authentication;
Fig. 3 be another embodiment of the present invention provides the structure of address control set of movable storage device a kind of show It is intended to.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present disclosure, the technical solution in the embodiment of the present disclosure is carried out clear, complete Site preparation description, it is clear that described embodiment is only disclosure a part of the embodiment, instead of all the embodiments.It is based on Embodiment in the disclosure, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment belongs to the range of disclosure protection.
A kind of mobile memory management system is present embodiments provided, including server end, client and special-purpose USB flash disk register work Tool.Wherein, server end: mobile memory system administrative center is based on web page way to manage, and administrator matches after logging in be postponed System could be run, and can find in network the terminal computer of (preset range of management) automatically, and detect terminal computer Whether installation system client-side program, mobile memory management policy center and alarm center, are provided to network built in administrative center The grouping management of terminal is arranged.Client: being mounted on terminal computer, receives the strategy of system administration center distribution, according to connecing By the operation behavior and state of strategy real time monitoring access terminal computer movable storage device, and it is managed or controls; After end host safety moving storage management system client registers program, even if leaving place network or being not at Task Network In network, still controlled in real time by mobile memory management policy, log recording returns network once connected, then report automatically in local Log information is to server;Special-purpose USB flash disk registers tool: movable storage device (including is labelled or is set by network management personnel registration Set access password) tool certification after, which could use in a network.User must input when in use to be made It could be used with after password.
Based on above-mentioned mobile memory management system, a kind of mobile storage that Fig. 1 shows one embodiment of the invention offer is set The flow diagram of standby access right control method, as shown in Figure 1, this method comprises the following steps:
S1: movable storage device is written the label of specified permission, and according to the ID of movable storage device and the label Permission obtain preset rights management policy.
It specifically, is the process authenticated to the process of movable storage device write-in label, the movement after only authenticating Storage equipment could use in preset management range.
The label of the specified permission includes: common label, encryption label or interference label etc..Common label is written and does The movable storage device for disturbing label, which is not required to password, may have access to, and the movable storage device that encryption label is written needs password that could visit It asks.
Wherein, be written different rights label movable storage device for terminal in different range rights management policy not Together, rights management policy can be configured as needed.For example, for be written common label movable storage device A, The corresponding rights management policy of terminal in first preset range may be configured as: it is readable to movable storage device A, writeable, and the The corresponding rights management policy of terminal in two preset ranges may be configured as: read-only to movable storage device A, not writeable.
Preset rights management policy is then obtained according to the permission of the ID of movable storage device and the label in this step Specifically: it is corresponding that the terminal in one or more preset ranges is obtained according to the permission of the ID of movable storage device and the label One or more rights management policies.
In this way, movable storage device is written the label of specified permission, to realize the control of classification permission.
S2: the ID of the movable storage device and the rights management policy are sent to the terminal in preset range, with right Authorization terminal in the preset range.
Specifically, for the movable storage device of above-mentioned specified label is written, end in multiple preset ranges if it exists The corresponding multiple rights management policies in end, then this step specifically: by the ID of the movable storage device and each rights management policy, The terminal being sent in the corresponding preset range of the rights management policy, to the authorization terminal in the preset range.S3: When the movable storage device accesses the terminal in the preset range, according to the rights management policy to the mobile storage Equipment accesses the control of permission.
Specifically, this step need to authenticate movable storage device and terminal both sides: movable storage device with Specified label, and the movable storage device that specified label is written needs to be authorized at the terminal.After both sides authenticate successfully, then into One step controls the access of the movable storage device according to preset strategy.
For example, the preset range includes the first preset range and the second preset range, then when the movement storage is set When standby A accesses the terminal in the first preset range, (such as may be used according to the corresponding rights management policy of the first preset range terminal Read, be writeable), the read-write of movable storage device is controlled;When movable storage device A accesses the end in the second preset range When end, according to the corresponding rights management policy of the second preset range terminal (such as read-only, not writeable), to movable storage device Read-write is controlled.
The access right control method for present embodiments providing a kind of movable storage device, by being write to movable storage device Enter the label of different rights, and further to the authorization terminal in preset range, to realize the terminal in preset range to adding The access control of the movable storage device of label, thus the neatly exchange to data between computer and movable storage device Carry out safety management.
Specifically, step S3 specifically includes following sub-step:
S31: when movable storage device access terminal, the ID and label of the movable storage device are obtained.
S32: according to the movable storage device ID, judge to be written the movable storage device of the label on the terminal Whether it is authorized to.
S33: if the movable storage device has been authorized in the terminal, the corresponding rights management plan of the label is obtained Slightly, and according to the permission and rights management policy of the label, the operation of the movable storage device is managed and is controlled.
Specifically, the permission of label is different, also different to the access control of movable storage device, and such as encrypting label needs elder generation Password is inputted, common label does not have to then.
Understandably, if the movable storage device is uncommitted on the terminal, and the terminal belongs to preset management model It encloses, then the movable storage device can not be operated.
It should be noted that the mobile storage of only write-in label is set in preset range of management (such as intra-company) It is standby to be used in preset range of management.
Specifically, if the label of the specified permission is encryption label, to movable storage device described in step S1 The label that specified permission is written, specifically includes:
Encryption label is written to movable storage device, and the movable storage device is divided into promoter region, interactive areas and guarantor Mi Qu.
Further, if the label of the specified permission is encryption label, according to the rights management described in step S3 Strategy accesses the control of permission to the movable storage device, specifically includes:
If the movable storage device of A01, the write-in encryption label have been authorized on the terminal, according to the encryption mark Corresponding rights management policy is signed, after password authentification, the interactive areas and closed security zone of the movable storage device are visited Ask control;
Specifically, if the movable storage device of write-in encryption label has been authorized on the terminal, need input default Password, access interactive areas or closed security zone, and according to preset rights management policy to the file in interactive areas or closed security zone Read-write is controlled.
If the movable storage device of A02, the write-in encryption label are uncommitted on the terminal, forbid opening and read The movable storage device.
Specifically, if the movable storage device of write-in encryption label is uncommitted on the terminal, reading can not be opened The movable storage device is taken, closed security zone and interactive areas can not be accessed.
In the present embodiment, if the label of the specified permission is common label, according to the permission described in step S3 Management strategy accesses the control of permission to the movable storage device, specifically includes:
If B01, the movable storage device that the common label is written have been authorized on the terminal, according to the common mark Corresponding rights management policy is signed, is accessed control to the movable storage device;
In this way, limitation of the read-write by preset strategy of the movable storage device of common label is written in management region, To prevent the leakage of vital document.
If B02, the movable storage device that the common label is written are uncommitted on the terminal, and the terminal belongs to pipe It manages outside region, then allows to be written and read the movable storage device in the terminal.
It can be seen that the movable storage device that common label is written still can be used outside management region (such as outside company), And read-write is not limited.
In the present embodiment, if the label of the specified permission is interference label, according to the permission described in step S3 Management strategy accesses the control of permission to the movable storage device, specifically includes:
If the movable storage device of C01, the write-in interference label have been authorized on the terminal, according to the interference mark Corresponding rights management policy is signed, is accessed control to the movable storage device;
If the movable storage device of C02, the write-in interference label are uncommitted on the terminal, forbid opening and read The movable storage device.
It can be seen that in the terminal of authorization, the movable storage device of write-in interference label can normal use, be equivalent to and write Enter the movable storage device of common label;And in the terminal of unauthorized, the movable storage device of write-in interference label can not make With, be equivalent to write-in encryption label movable storage device.
Further, this method further includes following steps:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to service Device.
It can be seen that the access of movable storage device is controlled by mobile memory management system in the present embodiment, The access control right for carrying out mobile storage and medium divides etc., and to all operations of movable storage device formed log for Audit.
It can be seen that as shown in Fig. 2, in the present embodiment, data-centered, user of the user as data, host As the storage person of data, migration person of the mobile memory medium as data assigns in system scope and uniquely identifying, and three Person is mutually authenticated.It is only authenticated and after authorizing successfully, it is legal just to guarantee that legal user accesses on legal machine Data on storage medium, and detailed log is formed for audit.
As shown in figure 3, for another embodiment of the present invention provides a kind of movable storage device address control set Structural schematic diagram, which includes: label writing unit 301, authorization terminal unit 302 and access control unit 303.Its In:
Label writing unit 301 for movable storage device being written the label of specified permission, and is deposited according to the movement The permission of the ID and the label that store up equipment obtain preset rights management policy;
Authorization terminal unit 302, it is default for the ID of the movable storage device and the rights management policy to be sent to Terminal in range, to the authorization terminal in the preset range;
Access control unit 303, when for accessing the terminal in the preset range when the movable storage device, according to institute Rights management policy is stated to access the control of permission to the movable storage device.
Wherein, label writing unit 301 and authorization terminal unit 302 can be located in server, and access control unit 303 can In client.
In the present embodiment, the access control unit 303 is specifically used for:
When movable storage device access terminal, the ID and label of the movable storage device are obtained;
According to the movable storage device ID, judge the movable storage device that the label is written on the terminal whether It is authorized to;
If the movable storage device has been authorized in the terminal, the corresponding rights management policy of the label is obtained, And according to the permission and rights management policy of the label, the operation of the movable storage device is managed and is controlled.
In the present embodiment, the label of the specified permission includes: common label, encryption label or interference label.
In the present embodiment, the label of the specified permission is encryption label, then the label writing unit 301, is used for:
Encryption label is written to movable storage device, and the movable storage device is divided into promoter region, interactive areas and guarantor Mi Qu.
Further, the label of the specified permission is encryption label, then the access control unit 303, is used for:
If the movable storage device that the encryption label is written has been authorized on the terminal, corresponding according to encryption label Rights management policy, after password authentification, interactive areas and closed security zone to the movable storage device access control;
If the movable storage device that the encryption label is written is uncommitted on the terminal, forbid opening described in reading Movable storage device.
In the present embodiment, the label of the specified permission is common label, then the access control unit 303, is used for:
It is corresponding according to common label if the movable storage device that the common label is written has been authorized on the terminal Rights management policy, access control to the movable storage device;
If the movable storage device that the common label is written is uncommitted on the terminal, and the terminal belongs to directorial area It is overseas, then allow to be written and read the movable storage device in the terminal.
Preferably, which further includes log generation unit, is used for:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to service Device.
For device embodiment, since it is basically similar to the method embodiment, related so being described relatively simple Place illustrates referring to the part of embodiment of the method.
It should be noted that in all parts of the system of the disclosure, according to the function that it to be realized to therein Component has carried out logical partitioning, and still, the present disclosure is not limited thereto, can according to need all parts are repartitioned or Person's combination for example, can be single component by some component combinations, or some components can be further broken into more Subassembly.
The various component embodiments of the disclosure can be implemented in hardware, or to run on one or more processors Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice Microprocessor or digital signal processor (DSP) realize some or all portions in the system according to the embodiment of the present disclosure The some or all functions of part.The disclosure is also implemented as a part or complete for executing method as described herein The device or device program (for example, computer program and computer program product) in portion.Such program for realizing the disclosure It can store on a computer-readable medium, or may be in the form of one or more signals.Such signal can be with It downloads from internet website, is perhaps provided on the carrier signal or is provided in any other form.
The disclosure is limited it should be noted that above-described embodiment illustrates rather than the disclosure, and ability Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such Element.The disclosure can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame Claim.
Embodiment of above is only suitable for illustrating the disclosure, and is not the limitation to the disclosure, in relation to the common of technical field Technical staff can also make a variety of changes and modification without departing from the spirit and scope of the disclosure, therefore all Equivalent technical solution also belongs to the scope of the disclosure, and the scope of patent protection of the disclosure should be defined by the claims.

Claims (8)

1. a kind of access right control method of movable storage device, which is characterized in that this method comprises:
Movable storage device is written the label of specified permission, and according to the power of the ID of the movable storage device and the label Limit obtains preset rights management policy;Wherein, the rights management policy specifically: according to the ID of movable storage device and institute State the corresponding one or more rights management policies of terminal in the one or more preset ranges of permission acquisition of label;The finger The label for determining permission includes: common label, encryption label or interference label;If the movable storage device of the interference label is written It has been authorized on the terminal, then according to the corresponding rights management policy of interference label, the movable storage device has been carried out Access control;If the movable storage device that the interference label is written is uncommitted on the terminal, forbids opening and read institute State movable storage device;
The ID of the movable storage device and the rights management policy are sent to the terminal in preset range, to described default Authorization terminal in range;
When the movable storage device accesses the terminal in the preset range, according to the rights management policy to the movement Storage equipment accesses the control of permission.
2. the method according to claim 1, wherein it is described when the movable storage device access the terminal when, It is accessed the control of permission according to the rights management policy to the movable storage device, comprising:
When movable storage device access terminal, the ID and label of the movable storage device are obtained;
According to the movable storage device ID, whether being awarded on the terminal for the movable storage device that the label is written judged Power;
If the movable storage device has been authorized in the terminal, the corresponding rights management policy of the label, and root are obtained According to the permission and rights management policy of the label, the operation of the movable storage device is managed and is controlled.
3. the method according to claim 1, wherein if the label of the specified permission is encryption label, institute State the label for movable storage device being written specified permission, comprising:
Encryption label is written to movable storage device, and the movable storage device is divided into promoter region, interactive areas and closed security zone.
4. according to the method described in claim 3, it is characterized in that, if the label of the specified permission is encryption label, institute It states and is accessed the control of permission according to the rights management policy to the movable storage device, comprising:
If the movable storage device that the encryption label is written has been authorized on the terminal, according to the corresponding power of encryption label Management strategy is limited, after password authentification, interactive areas and closed security zone to the movable storage device access control;
If the movable storage device that the encryption label is written is uncommitted on the terminal, forbids opening and read the movement Store equipment.
5. the method according to claim 1, wherein if the label of the specified permission is common label, institute It states and is accessed the control of permission according to the rights management policy to the movable storage device, comprising:
If the movable storage device that the common label is written has been authorized on the terminal, according to the corresponding power of common label Management strategy is limited, is accessed control to the movable storage device;
If the movable storage device that the common label is written is uncommitted on the terminal, and the terminal belongs to management region Outside, then allow to be written and read the movable storage device in the terminal.
6. the method according to claim 1, wherein this method further include:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to server.
7. a kind of address control set of movable storage device, which is characterized in that the device includes:
Label writing unit, for movable storage device being written the label of specified permission, and according to the movable storage device ID and the permission of the label obtain preset rights management policy;Wherein, the rights management policy specifically: according to shifting The ID of dynamic storage equipment and the permission of the label obtain the corresponding one or more of terminal in one or more preset ranges Rights management policy;The label of the specified permission includes: common label, encryption label or interference label;If being written described dry The movable storage device for disturbing label has been authorized on the terminal, then right according to the corresponding rights management policy of interference label The movable storage device accesses control;If the movable storage device that the interference label is written is not awarded on the terminal Power then forbids opening and reads the movable storage device;
Authorization terminal unit, for the ID of the movable storage device and the rights management policy to be sent in preset range Terminal, to the authorization terminal in the preset range;
Access control unit, when for accessing the terminal in the preset range when the movable storage device, according to the permission Management strategy accesses the control of permission to the movable storage device.
8. device according to claim 7, which is characterized in that the device further includes log generation unit, is used for:
Log is generated according to read-write operation of the terminal to the movable storage device, and the log is uploaded to server.
CN201510563964.1A 2015-09-07 2015-09-07 A kind of access right control method and device of movable storage device Active CN105141614B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510563964.1A CN105141614B (en) 2015-09-07 2015-09-07 A kind of access right control method and device of movable storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510563964.1A CN105141614B (en) 2015-09-07 2015-09-07 A kind of access right control method and device of movable storage device

Publications (2)

Publication Number Publication Date
CN105141614A CN105141614A (en) 2015-12-09
CN105141614B true CN105141614B (en) 2019-05-21

Family

ID=54726822

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510563964.1A Active CN105141614B (en) 2015-09-07 2015-09-07 A kind of access right control method and device of movable storage device

Country Status (1)

Country Link
CN (1) CN105141614B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106886719B (en) * 2017-01-10 2020-08-14 山东华软金盾软件股份有限公司 Method for controlling use range of USB flash disk
CN107679421A (en) * 2017-10-23 2018-02-09 郑州云海信息技术有限公司 A kind of movable memory apparatus monitoring means of defence and system
CN108038368B (en) * 2017-12-12 2020-06-23 联想(北京)有限公司 Data processing method and device, storage medium and processor
CN109858289A (en) * 2018-12-29 2019-06-07 北京奇安信科技有限公司 The mobile storage device management method and device used suitable for corporate intranet
CN110032840B (en) * 2019-04-16 2022-12-02 广东欧谱曼迪科技有限公司 Method for controlling access authority of medical apparatus of external storage device
CN111538976A (en) * 2020-04-28 2020-08-14 深圳市亿道信息股份有限公司 Permission management method and system for mobile terminal and storage device
CN112487429A (en) * 2020-12-01 2021-03-12 浙江中控技术股份有限公司 Verification method and device of external storage equipment
CN112417408B (en) * 2020-12-11 2024-07-23 北京北信源软件股份有限公司 Authority control method, authority control device, electronic equipment and storage medium
CN115048062B (en) * 2022-07-25 2023-01-06 北京珞安科技有限责任公司 Mobile storage device management system based on hierarchical management and control
CN115941360A (en) * 2023-02-10 2023-04-07 杭州堃博生物科技有限公司 Security verification method and device for data interaction, storage medium and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1512360A (en) * 2002-12-31 2004-07-14 台均实业有限公司 Safety authentication method for movable storage device and read and write identification device
CN101292246A (en) * 2005-05-13 2008-10-22 克赖普托米尔技术有限公司 Cryptographic control for mobile storage means
CN202276360U (en) * 2011-11-04 2012-06-13 北京工业大学 Trusted mobile storage system based on security chips
CN102622311A (en) * 2011-12-29 2012-08-01 北京神州绿盟信息安全科技股份有限公司 USB (universal serial bus) mobile memory device access control method, USB mobile memory device access control device and USB mobile memory device access control system
CN104657671A (en) * 2013-11-19 2015-05-27 研祥智能科技股份有限公司 Access authority management method and system for mobile storage device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7971232B2 (en) * 2006-10-30 2011-06-28 Microsoft Corporation Setting group policy by device ownership

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1512360A (en) * 2002-12-31 2004-07-14 台均实业有限公司 Safety authentication method for movable storage device and read and write identification device
CN101292246A (en) * 2005-05-13 2008-10-22 克赖普托米尔技术有限公司 Cryptographic control for mobile storage means
CN202276360U (en) * 2011-11-04 2012-06-13 北京工业大学 Trusted mobile storage system based on security chips
CN102622311A (en) * 2011-12-29 2012-08-01 北京神州绿盟信息安全科技股份有限公司 USB (universal serial bus) mobile memory device access control method, USB mobile memory device access control device and USB mobile memory device access control system
CN104657671A (en) * 2013-11-19 2015-05-27 研祥智能科技股份有限公司 Access authority management method and system for mobile storage device

Also Published As

Publication number Publication date
CN105141614A (en) 2015-12-09

Similar Documents

Publication Publication Date Title
CN105141614B (en) A kind of access right control method and device of movable storage device
US8015417B2 (en) Remote access system, gateway, client device, program, and storage medium
US8161525B2 (en) Method and system for architecting a secure solution
CN105453102B (en) The system and method for the private cipher key leaked for identification
CN107770191B (en) Enterprise financial management system with safety protection
CN202795383U (en) Device and system for protecting data
US20160057168A1 (en) System and methods for efficient network security adjustment
US20140108755A1 (en) Mobile data loss prevention system and method using file system virtualization
CN110417820A (en) Processing method, device and the readable storage medium storing program for executing of single-node login system
US9516031B2 (en) Assignment of security contexts to define access permissions for file system objects
CN110300125A (en) API access control method and API access agent device
CN110543775B (en) Data security protection method and system based on super-fusion concept
US20210157910A1 (en) Access card penetration testing
CN101324913B (en) Method and apparatus for protecting computer file
US20240169071A1 (en) Device risk-based trusted device verification and remote access processing system
US11941264B2 (en) Data storage apparatus with variable computer file system
US9087201B2 (en) System and methods for host enabled management in a storage system
CN105871840A (en) Certificate management method and system
Lakhe Practical Hadoop Security
CN110008186A (en) For file management method, device, terminal and the medium of more ftp data sources
CN108810002A (en) The more CA application systems and method of safety chip
CN102426555A (en) Mobile memory, and access control method and system thereof
CN102546636A (en) Protected resource monitoring method and device
CN106817359A (en) A kind of safety access control method of intelligent electric meter data
Chang et al. MD-UCON: A multi-domain access control model for SDN northbound interfaces

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant