CN108427649A - Access management method, terminal device, system and the storage medium of USB interface - Google Patents
Access management method, terminal device, system and the storage medium of USB interface Download PDFInfo
- Publication number
- CN108427649A CN108427649A CN201810046694.0A CN201810046694A CN108427649A CN 108427649 A CN108427649 A CN 108427649A CN 201810046694 A CN201810046694 A CN 201810046694A CN 108427649 A CN108427649 A CN 108427649A
- Authority
- CN
- China
- Prior art keywords
- usb
- usb peripheral
- access
- peripheral
- rules
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/10—Program control for peripheral devices
- G06F13/102—Program control for peripheral devices where the programme performs an interfacing function, e.g. device driver
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/10—Program control for peripheral devices
- G06F13/105—Program control for peripheral devices where the programme performs an input/output emulation function
- G06F13/107—Terminal emulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
Abstract
The invention discloses a kind of access management method of USB interface, terminal device, system and computer readable storage medium, methods to include the following steps:When detecting the USB peripheral of access, the attribute information of the USB peripheral is obtained;The USB peripheral access is determined whether according to the attribute information of current USB peripheral access rules and the USB peripheral;If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and by the operation information write operation daily record of the USB peripheral;If not, the USB peripheral is forbidden to be redirected to corresponding virtual machine, judge that can the USB peripheral of access use by the USB access rules of itself setting, realize the flexible unified management used USB peripheral, improves the safety of data resource and confidentiality in cloud office platform.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of access management method of USB interface, terminal device,
System and computer readable storage medium.
Background technology
USB (Universal Serial Bus, universal serial bus), is an external bus standard, for specification electricity
Brain and external equipment are connected and communicate with, and are the interfacing applied in the fields PC, the plug and play of holding equipment and hot plug,
Popularity due to its holding equipment and quick transmission speed, at present in addition to some require extra high external equipment, almost
All PC peripheral hardwares all can serve as USB device and be used.
Cloud is handled official business, i.e., the cloud desktop used for personal or enterprise, tissue is based on cloud computing technology, can data space,
Management service is distributed to operator in a manner of providing desktop, is suitable as the net of the micro-holding Mobile solutions such as tablet, mobile phone
Traditional PC can also be upgraded to network operation by network operating system, have low energy consumption, disposes fast, easy to maintain, information security etc.
Feature, universal with cloud computing, cloud desktop is by as the trend of future terminal management and desktop system construction, but also thus band
Carry out some problems:Due to the generality that USB device uses, in cloud office, if the tube terminal USB that receives directly to be handled official business by cloud connects
Mouth connects interaction of the USB peripheral into office internal data and USB peripheral of racking, and the safe of the internal data of cloud office platform obtains not
To guarantee, it is likely to result in the leakage of confidential information, is had serious consequences to the operation of cloud office, the economic damage of user is caused
It loses.
Invention content
In view of the above-mentioned problems, the purpose of the present invention is to provide a kind of access management method of USB interface, terminal device,
System and computer readable storage medium carry out judging whether to access by access rules to the USB peripheral of access, improve data
Safety.
In a first aspect, an embodiment of the present invention provides a kind of access management method of USB interface, include the following steps:
When detecting the USB peripheral of access, the attribute information of the USB peripheral is obtained;
The USB is determined whether according to the attribute information of current USB peripheral access rules and the USB peripheral
Peripheral hardware accesses;
If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and the operation information of the USB peripheral is write
Enter operation log;
If it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
In the first realization method of first aspect, the attribute information includes at least USB device type, USB classifies,
In USB subclassifications, vendor number and product identification any one or it is multiple.
According to the first realization method of first aspect, in second of realization method of first aspect, the basis is worked as
The attribute information of preceding USB peripheral access rules and the USB peripheral determines whether the USB peripheral access, specifically
For:
Judge whether the attribute information of the USB peripheral allows the USB peripheral of access with current USB peripheral access rules
Attribute information matching.
In the third realization method of first aspect, further include:
The uniform rules that cloud office management platform is sent is received, using as current USB peripheral access rules or update
Current USB peripheral access rules.
According to the first realization method of first aspect, in the 4th kind of realization method of first aspect, described if it is not,
Forbid the USB peripheral to be redirected to after corresponding virtual machine, further includes:
USB peripheral incoming instruction is sent to the USB peripheral detection instrument of connection;Wherein, the USB peripheral incoming instruction is used
The attribute information of the USB peripheral is sent to the cloud office management platform in triggering the USB peripheral detection instrument, and to
The cloud office management platform initiates USB peripheral access request;
Receive the self-defined access rules that the cloud office management platform is returned based on the USB peripheral access request;
The USB peripheral access rules of itself are updated according to the self-defined access rules;
It is accessed control to the USB peripheral according to updated USB peripheral access rules.
Further include in the 5th kind of realization method of first aspect according to the 4th of first aspect the kind of realization method:
Receive the cloud office management platform transmission forbids incoming instruction;
Forbid incoming instruction that the USB peripheral is forbidden to be redirected to corresponding virtual machine according to described.
Second aspect, an embodiment of the present invention provides a kind of access-in management terminal device of USB interface, including processor,
Memory and it is stored in the memory and is configured as the computer program executed by the processor, the processor
Connecing for the USB interface described in any one of all realization methods of above-mentioned first aspect is realized when executing the computer program
Enter management method.
The third aspect, an embodiment of the present invention provides a kind of access management systems of USB interface, including at least one second
The access-in management terminal device and cloud office management platform of USB interface described in aspect;Wherein,
The cloud office management platform, for sending uniform rules to the access-in management terminal device of the USB interface;
The access-in management terminal device of the USB interface, the unified rule sent for receiving the cloud office management platform
Then, using as the current USB peripheral access rules of current USB peripheral access rules or update;
The access-in management terminal device of the USB interface is additionally operable in the USB peripheral for detecting access, described in acquisition
The attribute information of USB peripheral;Judged whether according to the attribute information of current USB peripheral access rules and the USB peripheral
The USB peripheral is allowed to access;If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and by the USB peripheral
Operation information write operation daily record;If it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
Further include USB peripheral detection instrument in the first realization method of the third aspect;
The access-in management terminal device of the USB interface is additionally operable to send outside USB to the USB peripheral detection instrument of connection
If incoming instruction;
The USB peripheral detection instrument refers to for receiving the USB peripheral incoming instruction according to USB peripheral access
It enables and the attribute information of the USB peripheral is sent to the cloud office management platform, and initiated to the cloud office management platform
USB peripheral access request;
The access-in management terminal device of the USB interface is additionally operable to receive the cloud office management platform based on the USB
The self-defined access rules that peripheral hardware access request returns;The USB peripheral access of itself is updated according to the self-defined access rules
Rule;It is accessed control to the USB peripheral according to updated USB peripheral access rules.
Fourth aspect, an embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Medium includes the computer program of storage, wherein controls the computer-readable storage medium when the computer program is run
Equipment executes the access management method of the USB interface described in any one of all realization methods of first aspect where matter.
An embodiment of the present invention provides a kind of access management method of USB interface, terminal device, systems and computer-readable
Storage medium, one embodiment have the advantages that:
In the USB peripheral for detecting access, the attribute information of the USB peripheral is obtained, then according to outside current USB
If the attribute information of access rules and the USB peripheral determines whether the USB peripheral access, if so, allowing institute
It states USB peripheral and is redirected to corresponding virtual machine, and by the operation information write operation daily record of the USB peripheral, if it is not, forbidding
The USB peripheral is redirected to corresponding virtual machine, and the USB peripheral energy of access is judged by the USB access rules of itself setting
The flexible unified management used USB peripheral is realized in no use, improves the safety of data resource and secrecy in cloud office platform
Property.
Description of the drawings
In order to illustrate more clearly of technical scheme of the present invention, attached drawing needed in embodiment will be made below
Simply introduce, it should be apparent that, the accompanying drawings in the following description is only some embodiments of the present invention, general for this field
For logical technical staff, without creative efforts, other drawings may also be obtained based on these drawings.
Fig. 1 is the flow diagram of the access management method for the USB interface that first embodiment of the invention provides.
Fig. 2 is the flow diagram of the access management method for the USB interface that third embodiment of the invention provides.
Fig. 3 is the structural schematic diagram of the access management system for the USB interface that sixth embodiment of the invention provides.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Referring to Fig. 1, an embodiment of the present invention provides a kind of access management method of USB interface, it can be by terminal device
It executes, and includes the following steps:
S11 obtains the attribute information of the USB peripheral when detecting the USB peripheral of access.
In embodiments of the present invention, the terminal device can be desktop PC, notebook, palm PC and high in the clouds clothes
It is engaged in the computing devices such as device, or receives the virtual units such as tube terminal, particularly, the terminal device can be to have received tube terminal, institute
It states and receives tube terminal, by the order by the command translation of openstack at VMware, realize to the cloud office management platform point
The management of at least one virtual machine of provisioned user.
In embodiments of the present invention, the terminal device obtains the USB peripheral when having detected USB peripheral access
Attribute information, to carry out access judgement to the USB peripheral, the attribute information includes at least USB device type, USB
In classification, USB subclassifications, vendor number and product identification any one or it is multiple.
S12 determines whether institute according to the attribute information of current USB peripheral access rules and the USB peripheral
State USB peripheral access.
In embodiments of the present invention, the terminal device judge the USB peripheral attribute information whether with current USB
Peripheral hardware access rules allow the attribute information matching of the USB peripheral of access, i.e., the described terminal device getting described in access
After the attribute information of USB peripheral, automatically according to current USB peripheral access rules to the attribute information such as USB of the USB peripheral
The information such as device type, USB classification, USB subclassifications, vendor number and product identification are compared, such as the terminal is set
It is standby to support certain certain types of USB peripheral access, such as audio frequency apparatus, mass-memory unit, communication apparatus, it is set with audio
For standby, the USB peripheral access rules of the terminal device are a permission audio frequency apparatus access, then when detecting described in access
When the USB device type of USB peripheral is audio frequency apparatus, the terminal device allows the USB peripheral access.
S13 if so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and the operation of the USB peripheral is believed
Cease write operation daily record.
In embodiments of the present invention, determine that the USB peripheral is that the current USB peripheral of the terminal device connects through overmatching
Entering rule allows the USB peripheral of access, then the USB peripheral is redirected to corresponding virtual machine so as to the USB peripheral pair
The corresponding virtual machine accesses, while the user of the USB peripheral, plug time and the USB peripheral being used
USB peripheral operation log is written in the operation information of period, so as to the inquiry of follow-up.
S14, if it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
In embodiments of the present invention, the terminal device is determining that the USB peripheral is that the terminal is set after overmatching
Standby current USB peripheral access rules do not allow the USB peripheral of access, then the USB peripheral is forbidden to be redirected to corresponding void
Quasi- machine.
In conclusion first embodiment of the invention provides a kind of access management method of USB interface, access is being detected
USB peripheral when, the attribute information of the USB peripheral is obtained, then according to current USB peripheral access rules and described
The attribute information of USB peripheral determines whether USB peripheral access, if so, the USB peripheral is allowed to be redirected to pair
The virtual machine answered, and by the operation information write operation daily record of the USB peripheral, if it is not, the USB peripheral is forbidden to be redirected to
Corresponding virtual machine judges that can the USB peripheral of access use by the USB access rules of itself setting, realizes to USB peripheral
The flexible unified management used improves the safety of data resource and confidentiality in cloud office platform.
In order to facilitate the understanding of the present invention, some currently preferred embodiments of the present invention will be done and will further be retouched below
It states.
Second embodiment of the invention:
On the basis of first embodiment of the invention, further include:
The uniform rules that cloud office management platform is sent is received, using as current USB peripheral access rules or update
Current USB peripheral access rules.
In embodiments of the present invention, the cloud office management platform on startup, the unification that can will be classified based on USB standard
Rule is pushed to all terminal devices, and the terminal device is in the uniform rules for receiving the cloud office management platform push
Afterwards, using the uniform rules USB peripheral access rules current as itself, when the uniform rules has update, the cloud
Newer uniform rules will not be pushed on all terminal devices by office management platform immediately, but detect the end
When the connection request of end equipment, newer uniform rules is pushed to the terminal in connection and set by the cloud office management platform
Standby upper, then the terminal device updates itself current USB peripheral access rules according to the newer uniform rules received,
Realize that unified USB peripheral access rules push to all tube terminals of having received when cloud office management platform starts, and automatic
Update, the cloud office management platform active push USB peripheral management rule is to tube terminal is received, the connection time that both reduces
Number, improves the overall performance of system, it should be noted that the uniform rules is had according to the concrete condition of terminal device
Body is arranged, such as the not high terminal device of confidentiality requirement, the uniform rules could be provided as allowing outside all USB
If access, there are the terminal device of particular/special requirement, the uniform rules to could be provided as allowing certain a kind of or a few for some
Class USB peripheral accesses, such as audio frequency apparatus, mass-memory unit, communication apparatus, the present invention do not do this any restriction.
Third embodiment of the invention:
Referring to Fig. 2, on the basis of first embodiment of the invention, after the S14, further include:
S15 sends USB peripheral incoming instruction to the USB peripheral detection instrument of connection;Wherein, the USB peripheral access refers to
It enables and the attribute information of the USB peripheral is sent to the cloud office management platform for triggering the USB peripheral detection instrument,
And initiate USB peripheral access request to the cloud office management platform.
In embodiments of the present invention, if the USB peripheral in access does not meet uniform rules, and user is still to use
If, the terminal device sends USB peripheral incoming instruction to the USB peripheral detection instrument being connect with itself, so that described
The detailed attribute information of the USB peripheral is sent to the cloud office management platform by USB peripheral detection instrument, and to described
Cloud office management platform initiates USB peripheral access request, and the terminal device waits for after sending the USB peripheral incoming instruction
The feedback of the cloud office management platform.
S16 receives the self-defined access rule that the cloud office management platform is returned based on the USB peripheral access request
Then.
In embodiments of the present invention, the cloud office management platform is receiving the USB peripheral access request and the USB
After the detailed attribution information of peripheral hardware, access judgement is carried out to the USB peripheral according to the detailed attribution information of the USB peripheral,
If allowing to access, the cloud office management platform is arranged the self-defined access rules such as usage time of regulation USB peripheral, allows
The resources of virtual machine etc. of access, and the self-defined access rules are returned into the terminal device.
In embodiments of the present invention, the cloud office management platform is receiving the USB peripheral access request and the USB
After the detailed attribution information of peripheral hardware, the detailed attribution information of the USB peripheral access request and the USB peripheral is sent to pipe
Reason person, so that administrator determine whether that the USB peripheral accesses according to the detailed attribution information of the USB peripheral,
If allowing to access, the self-defined such as usage time of regulation USB peripheral for the rule that accesses allows the resources of virtual machine accessed
Deng, and the self-defined access rules are returned into the terminal device.
S17 updates the USB peripheral access rules of itself according to the self-defined access rules.
In embodiments of the present invention, the terminal device is in the self-defined access for receiving the cloud office management platform transmission
After rule, the USB peripheral access rules of itself are updated according to the self-defined access rules, i.e., are connect in the current USB of itself
Enter and the self-defined access rules are added in rule, realizes and unified USB peripheral access rules are set according to USB standard classification
Particular device can be allowed to access under specific circumstances with self-defined access rules simultaneously, uniform rules and custom rule phase
In conjunction with enhancing flexibility and the adaptability of system.
S18 accesses control to the USB peripheral according to updated USB peripheral access rules.
In embodiments of the present invention, the terminal device according to updated USB peripheral access rules by the USB peripheral
It is redirected to respective virtual machine, and by the self-defined access rules in updated USB peripheral access rules to the USB peripheral
Access control, then believes the user of the USB peripheral, the operation of plug time and the USB peripheral during use
Breath write-in USB peripheral operation log, so as to the inquiry of follow-up.
Fourth embodiment of the invention:
On the basis of third embodiment of the invention, further include:
Receive the cloud office management platform transmission forbids incoming instruction.
Forbid incoming instruction that the USB peripheral is forbidden to be redirected to corresponding virtual machine according to described.
In embodiments of the present invention, the USB peripheral access request and the USB are received in the cloud office management platform
After the detailed attribution information of peripheral hardware is handled, if incoming instruction is forbidden in cloud office management platform return, i.e., do not allow still
The USB peripheral access, then the terminal device forbids the USB peripheral to be redirected to corresponding virtual machine at this time, ensures number
According to safety and confidentiality.
Fifth embodiment of the invention provides a kind of access-in management terminal device of USB interface.The USB interface of the embodiment
Access-in management terminal device include:It processor, memory and is stored in the memory and can be on the processor
The computer program of operation, for example, USB interface access-in management program.The processor is realized when executing the computer program
Step in the access management method embodiment of above-mentioned each USB interface, such as step S11 shown in FIG. 1.
Illustratively, the computer program can be divided into one or more module/units, one or more
A module/unit is stored in the memory, and is executed by the processor, to complete the present invention.It is one or more
A module/unit can be the series of computation machine program instruction section that can complete specific function, and the instruction segment is for describing institute
State implementation procedure of the computer program in the access-in management terminal device of the USB interface.
The access-in management terminal device of the USB interface can be desktop PC, notebook, palm PC and high in the clouds
The computing devices such as server.The access-in management terminal device of the USB interface may include, but be not limited only to, processor, storage
Device.It will be understood by those skilled in the art that above-mentioned component is only the example of the access-in management terminal device of USB interface, not
The restriction to the access-in management terminal device of USB interface is constituted, may include than above-mentioned more or fewer components, or combination
Certain components or different components, such as the access-in management terminal device of the USB interface can also be set including input and output
Standby, network access equipment, bus etc..
Alleged processor can be central processing unit (Central Processing Unit, CPU), can also be it
His general processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng the processor is the control centre of the access-in management terminal device of the USB interface, utilizes various interfaces and connection
The various pieces of the access-in management terminal device of entire USB interface.
The memory can be used for storing the computer program and/or module, and the processor is by running or executing
Computer program in the memory and/or module are stored, and calls the data being stored in memory, described in realization
The various functions of the access-in management terminal device of USB interface.The memory can include mainly storing program area and storage data
Area, wherein storing program area can storage program area, needed at least one function application program (such as sound-playing function,
Image player function etc.) etc.;Storage data field can be stored uses created data (such as audio number according to terminal device
According to, phone directory etc.) etc..In addition, memory may include high-speed random access memory, can also include non-volatile memories
Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure
Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are solid
State memory device.
Wherein, if the integrated module/unit of the access-in management terminal device of the USB interface is with SFU software functional unit
Form is realized and when sold or used as an independent product, can be stored in a computer read/write memory medium.Base
In such understanding, the present invention realizes all or part of flow in above-described embodiment method, can also pass through computer program
It is completed to instruct relevant hardware, the computer program can be stored in a computer readable storage medium, the calculating
Machine program is when being executed by processor, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes
Computer program code, the computer program code can be source code form, object identification code form, executable file or certain
A little intermediate forms etc..The computer-readable medium may include:Any entity of the computer program code can be carried
Or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, CD, computer storage, read-only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software
Distribution medium etc..It should be noted that the content that the computer-readable medium includes can be according to making laws in jurisdiction
Requirement with patent practice carries out increase and decrease appropriate, such as in certain jurisdictions, according to legislation and patent practice, computer
Readable medium does not include electric carrier signal and telecommunication signal.
Referring to Fig. 3, sixth embodiment of the invention provides a kind of access management system of USB interface, including at least one
The access-in management terminal device 11 and cloud office management platform 12 of USB interface described in a 5th embodiment;Wherein,
The cloud office management platform 12, for sending unified rule to the access-in management terminal device 11 of the USB interface
Then.
The access-in management terminal device 11 of the USB interface, the system sent for receiving the cloud office management platform 12
One rule, using as the current USB peripheral access rules of current USB peripheral access rules or update.
The access-in management terminal device 11 of the USB interface is additionally operable in the USB peripheral for detecting access, obtains institute
State the attribute information of USB peripheral;It is according to the judgement of the attribute information of current USB peripheral access rules and the USB peripheral
It is no that the USB peripheral is allowed to access;If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and will be outside the USB
If operation information write operation daily record;If it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
Further include USB peripheral detection instrument 13 in the first realization method of sixth embodiment.
The access-in management terminal device 11 of the USB interface is additionally operable to send to the USB peripheral detection instrument 13 of connection
USB peripheral incoming instruction.
The USB peripheral detection instrument 13 is accessed for receiving the USB peripheral incoming instruction according to the USB peripheral
The attribute information of the USB peripheral is sent to the cloud office management platform 12 by instruction, and to the cloud office management platform
12 initiate USB peripheral access request.
The access-in management terminal device 11 of the USB interface is additionally operable to receive the cloud office management platform 12 based on institute
State the self-defined access rules of USB peripheral access request return;The USB peripheral of itself is updated according to the self-defined access rules
Access rules;It is accessed control to the USB peripheral according to updated USB peripheral access rules.
It should be noted that the apparatus embodiments described above are merely exemplary, wherein described be used as separating component
The unit of explanation may or may not be physically separated, and the component shown as unit can be or can also
It is not physical unit, you can be located at a place, or may be distributed over multiple network units.It can be according to actual
It needs that some or all of module therein is selected to achieve the purpose of the solution of this embodiment.In addition, device provided by the invention
In embodiment attached drawing, the connection relation between module indicates there is communication connection between them, specifically can be implemented as one or
A plurality of communication bus or signal wire.Those of ordinary skill in the art are without creative efforts, you can to understand
And implement.
The above is the preferred embodiment of the present invention, it is noted that for those skilled in the art
For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as
Protection scope of the present invention.
Claims (10)
1. a kind of access management method of USB interface, which is characterized in that include the following steps:
When detecting the USB peripheral of access, the attribute information of the USB peripheral is obtained;
The USB peripheral is determined whether according to the attribute information of current USB peripheral access rules and the USB peripheral
Access;
If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and the operation information of the USB peripheral is written and is grasped
Make daily record;
If it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
2. the access management method of USB interface according to claim 1, which is characterized in that the attribute information at least wraps
Include in USB device type, USB classification, USB subclassifications, vendor number and product identification any one or it is multiple.
3. the access management method of USB interface according to claim 2, which is characterized in that outside the current USB of the basis
If the attribute information of access rules and the USB peripheral determines whether the USB peripheral access, specially:
Judge whether the attribute information of the USB peripheral allows the category of the USB peripheral of access with current USB peripheral access rules
Property information matches.
4. the access management method of USB interface according to claim 1, which is characterized in that further include:
The uniform rules that cloud office management platform is sent is received, using current as current USB peripheral access rules or update
USB peripheral access rules.
5. the access management method of USB interface according to claim 2, which is characterized in that described if it is not, forbidding described
USB peripheral is redirected to after corresponding virtual machine, further includes:
USB peripheral incoming instruction is sent to the USB peripheral detection instrument of connection;Wherein, the USB peripheral incoming instruction is for touching
It sends out USB peripheral detection instrument described and the attribute information of the USB peripheral is sent to the cloud office management platform, and to described
Cloud office management platform initiates USB peripheral access request;
Receive the self-defined access rules that the cloud office management platform is returned based on the USB peripheral access request;
The USB peripheral access rules of itself are updated according to the self-defined access rules;
It is accessed control to the USB peripheral according to updated USB peripheral access rules.
6. the access management method of USB interface according to claim 5, which is characterized in that further include:
Receive the cloud office management platform transmission forbids incoming instruction;
Forbid incoming instruction that the USB peripheral is forbidden to be redirected to corresponding virtual machine according to described.
7. a kind of access-in management terminal device of USB interface, which is characterized in that including processor, memory and be stored in institute
The computer program executed by the processor is stated in memory and is configured as, the processor executes the computer program
The access management method of USB interfaces of the Shi Shixian as described in any one of claim 1 to 6.
8. a kind of access management system of USB interface, which is characterized in that connect including at least one USB as claimed in claim 7
The access-in management terminal device and cloud office management platform of mouth;Wherein,
The cloud office management platform, for sending uniform rules to the access-in management terminal device of the USB interface;
The access-in management terminal device of the USB interface, the uniform rules sent for receiving the cloud office management platform, with
The USB peripheral access rules current as current USB peripheral access rules or update;
The access-in management terminal device of the USB interface is additionally operable to, in the USB peripheral for detecting access, obtain outside the USB
If attribute information;Institute is determined whether according to the attribute information of current USB peripheral access rules and the USB peripheral
State USB peripheral access;If so, the USB peripheral is allowed to be redirected to corresponding virtual machine, and by the operation of the USB peripheral
Information write operation daily record;If it is not, the USB peripheral is forbidden to be redirected to corresponding virtual machine.
9. the access management system of USB interface according to claim 8, which is characterized in that further include USB peripheral detection work
Tool;
The access-in management terminal device of the USB interface is additionally operable to connect to the USB peripheral detection instrument of connection transmission USB peripheral
Enter instruction;
The USB peripheral detection instrument will according to the USB peripheral incoming instruction for receiving the USB peripheral incoming instruction
The attribute information of the USB peripheral is sent to the cloud office management platform, and is initiated outside USB to the cloud office management platform
If access request;
The access-in management terminal device of the USB interface is additionally operable to receive the cloud office management platform based on the USB peripheral
The self-defined access rules that access request returns;The USB peripheral access rules of itself are updated according to the self-defined access rules;
It is accessed control to the USB peripheral according to updated USB peripheral access rules.
10. a kind of computer readable storage medium, which is characterized in that the computer readable storage medium includes the calculating of storage
Machine program, wherein equipment where controlling the computer readable storage medium when the computer program is run is executed as weighed
Profit requires the access management method of the USB interface described in any one of 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810046694.0A CN108427649B (en) | 2018-01-16 | 2018-01-16 | Access management method, terminal device, system and storage medium of USB interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810046694.0A CN108427649B (en) | 2018-01-16 | 2018-01-16 | Access management method, terminal device, system and storage medium of USB interface |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108427649A true CN108427649A (en) | 2018-08-21 |
| CN108427649B CN108427649B (en) | 2020-09-15 |
Family
ID=63155943
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810046694.0A Active CN108427649B (en) | 2018-01-16 | 2018-01-16 | Access management method, terminal device, system and storage medium of USB interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108427649B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110149308A (en) * | 2019-04-03 | 2019-08-20 | 特斯联(北京)科技有限公司 | A kind of external equipment management method based on network data base, apparatus and system |
| CN110188079A (en) * | 2019-04-03 | 2019-08-30 | 特斯联(北京)科技有限公司 | A kind of external equipment management method based on distributed storage database |
| CN110598428A (en) * | 2019-08-22 | 2019-12-20 | 中国电子科技集团公司第二十八研究所 | USB (Universal Serial bus) equipment management and control system based on Linux user space |
| CN110750408A (en) * | 2019-09-30 | 2020-02-04 | 湖南新云网科技有限公司 | Method, device and apparatus for controlling USB debug mode switch, and storage medium |
| CN111125710A (en) * | 2019-11-29 | 2020-05-08 | 联想(北京)有限公司 | Information processing method and device, electronic equipment and storage medium |
| CN111506893A (en) * | 2020-04-08 | 2020-08-07 | 深信服科技股份有限公司 | External equipment management method and device, electronic equipment and storage medium |
| CN111783177A (en) * | 2020-07-15 | 2020-10-16 | 山东云天安全技术有限公司 | Device and method for carrying out safety protection and management on USB port |
| CN111930431A (en) * | 2020-07-10 | 2020-11-13 | 深圳市广和通无线股份有限公司 | Mobile terminal, control method thereof, computer device, and storage medium |
| CN113742675A (en) * | 2021-09-10 | 2021-12-03 | 深圳市闪联信息技术有限公司 | USB storage medium safety management system and method based on IoT equipment |
| CN114531280A (en) * | 2022-01-25 | 2022-05-24 | 北京北信源软件股份有限公司 | Data leakage prevention method and device based on mobile terminal connected enterprise terminal |
| CN114721988A (en) * | 2022-03-08 | 2022-07-08 | 江苏信息职业技术学院 | Method and system for realizing USB peripheral drive proxy and monitoring audit |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102760104A (en) * | 2012-06-25 | 2012-10-31 | 成都卫士通信息产业股份有限公司 | USB (Universal Serial Bus) equipment control method |
| CN104063335A (en) * | 2013-03-20 | 2014-09-24 | 华为技术有限公司 | USB equipment redirecting method, equipment and system |
| CN105069383A (en) * | 2015-05-21 | 2015-11-18 | 中国科学院计算技术研究所 | Virtual desktop USB (Universal Serial Bus) storage peripheral management and control method and system |
| CN105183675A (en) * | 2015-09-30 | 2015-12-23 | 华为技术有限公司 | USB equipment access method, device and system, terminal and server |
| CN105874744A (en) * | 2013-12-18 | 2016-08-17 | 瑞典爱立信有限公司 | System and method for virtualizing a remote device |
| CN106909828A (en) * | 2017-01-10 | 2017-06-30 | 中电科华云信息技术有限公司 | Based on cloud desktop USB device filter method |
| US20170230251A1 (en) * | 2016-02-04 | 2017-08-10 | Dell Products, Lp | System and Method for Providing Management Network Communication and Control in a Data Center |
| CN107291432A (en) * | 2016-04-01 | 2017-10-24 | 中兴通讯股份有限公司 | Cloud desktop management-control method, device and cloud desktop access method, device |
| CN107341122A (en) * | 2017-07-25 | 2017-11-10 | 广东欧珀移动通信有限公司 | Equipment access processing method, equipment access processing unit and mobile terminal |
| CN107463369A (en) * | 2017-06-30 | 2017-12-12 | 北京北信源软件股份有限公司 | The access device control method and device of a kind of virtual desktop |
-
2018
- 2018-01-16 CN CN201810046694.0A patent/CN108427649B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102760104A (en) * | 2012-06-25 | 2012-10-31 | 成都卫士通信息产业股份有限公司 | USB (Universal Serial Bus) equipment control method |
| CN104063335A (en) * | 2013-03-20 | 2014-09-24 | 华为技术有限公司 | USB equipment redirecting method, equipment and system |
| CN105874744A (en) * | 2013-12-18 | 2016-08-17 | 瑞典爱立信有限公司 | System and method for virtualizing a remote device |
| CN105069383A (en) * | 2015-05-21 | 2015-11-18 | 中国科学院计算技术研究所 | Virtual desktop USB (Universal Serial Bus) storage peripheral management and control method and system |
| CN105183675A (en) * | 2015-09-30 | 2015-12-23 | 华为技术有限公司 | USB equipment access method, device and system, terminal and server |
| US20170230251A1 (en) * | 2016-02-04 | 2017-08-10 | Dell Products, Lp | System and Method for Providing Management Network Communication and Control in a Data Center |
| CN107291432A (en) * | 2016-04-01 | 2017-10-24 | 中兴通讯股份有限公司 | Cloud desktop management-control method, device and cloud desktop access method, device |
| CN106909828A (en) * | 2017-01-10 | 2017-06-30 | 中电科华云信息技术有限公司 | Based on cloud desktop USB device filter method |
| CN107463369A (en) * | 2017-06-30 | 2017-12-12 | 北京北信源软件股份有限公司 | The access device control method and device of a kind of virtual desktop |
| CN107341122A (en) * | 2017-07-25 | 2017-11-10 | 广东欧珀移动通信有限公司 | Equipment access processing method, equipment access processing unit and mobile terminal |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188079A (en) * | 2019-04-03 | 2019-08-30 | 特斯联(北京)科技有限公司 | A kind of external equipment management method based on distributed storage database |
| CN110149308A (en) * | 2019-04-03 | 2019-08-20 | 特斯联(北京)科技有限公司 | A kind of external equipment management method based on network data base, apparatus and system |
| CN110598428A (en) * | 2019-08-22 | 2019-12-20 | 中国电子科技集团公司第二十八研究所 | USB (Universal Serial bus) equipment management and control system based on Linux user space |
| CN110598428B (en) * | 2019-08-22 | 2021-08-06 | 中国电子科技集团公司第二十八研究所 | USB (Universal Serial bus) equipment management and control system based on Linux user space |
| CN110750408A (en) * | 2019-09-30 | 2020-02-04 | 湖南新云网科技有限公司 | Method, device and apparatus for controlling USB debug mode switch, and storage medium |
| CN111125710A (en) * | 2019-11-29 | 2020-05-08 | 联想(北京)有限公司 | Information processing method and device, electronic equipment and storage medium |
| CN111506893A (en) * | 2020-04-08 | 2020-08-07 | 深信服科技股份有限公司 | External equipment management method and device, electronic equipment and storage medium |
| CN111930431B (en) * | 2020-07-10 | 2024-04-05 | 深圳市广和通无线股份有限公司 | Mobile terminal, control method thereof, computer device, and storage medium |
| CN111930431A (en) * | 2020-07-10 | 2020-11-13 | 深圳市广和通无线股份有限公司 | Mobile terminal, control method thereof, computer device, and storage medium |
| CN111783177A (en) * | 2020-07-15 | 2020-10-16 | 山东云天安全技术有限公司 | Device and method for carrying out safety protection and management on USB port |
| CN113742675A (en) * | 2021-09-10 | 2021-12-03 | 深圳市闪联信息技术有限公司 | USB storage medium safety management system and method based on IoT equipment |
| CN114531280A (en) * | 2022-01-25 | 2022-05-24 | 北京北信源软件股份有限公司 | Data leakage prevention method and device based on mobile terminal connected enterprise terminal |
| CN114721988A (en) * | 2022-03-08 | 2022-07-08 | 江苏信息职业技术学院 | Method and system for realizing USB peripheral drive proxy and monitoring audit |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108427649B (en) | 2020-09-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108427649A (en) | Access management method, terminal device, system and the storage medium of USB interface | |
| RU2456662C2 (en) | Matching startup between several devices capable of startup | |
| CN104813327A (en) | Apparatus and method for mobile communications and computing | |
| US9239934B2 (en) | Mobile computing system for providing high-security execution environment | |
| CN109298771A (en) | Charging/discharging thereof and its system and non-transient computer readable storage medium | |
| CN106874232B (en) | Charging method, device and terminal of Universal Serial Bus (USB) | |
| CN104246759A (en) | Application programming interface testing services | |
| CN108536480B (en) | Input method configuration method and related product | |
| CN105224421B (en) | Data backup method and device and electronic equipment | |
| CN105741106A (en) | Selection method and device of NFC (Near Field Communication) payment way | |
| SG173004A1 (en) | Portable mobile communication device and method of controlling near field communication | |
| CN109190411A (en) | A kind of active safety means of defence, system and the terminal device of operating system | |
| US11888690B2 (en) | System and method for subscription limitation enforcement in distributed system | |
| CN111767270A (en) | Data migration method, device, server and storage medium | |
| CN109783196B (en) | Virtual machine migration method and device | |
| CN109271266B (en) | File transmission method and device and terminal equipment | |
| US11100238B2 (en) | Systems and methods for generating policy coverage information for security-enhanced information handling systems | |
| WO2020113421A1 (en) | Method for mounting file system, terminal device, and storage medium | |
| CN103678163A (en) | Method, device and system for switching of data stream | |
| CN112380411B (en) | Sensitive word processing method, device, electronic equipment, system and storage medium | |
| CN107368738A (en) | A kind of anti-Root method and devices of smart machine | |
| CN112417402B (en) | Authority control method, authority control device, authority control equipment and storage medium | |
| CN111262737B (en) | Port configuration management method and device, storage medium and terminal | |
| WO2022256128A1 (en) | Firmware policy enforcement via a security processor | |
| CN107958162A (en) | A kind of application program operation method, terminal, computer installation and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |