CN108733997A - A kind of moving electric power data monitoring system and method based on fingerprint recognition - Google Patents

A kind of moving electric power data monitoring system and method based on fingerprint recognition Download PDF

Info

Publication number
CN108733997A
CN108733997A CN201810299424.0A CN201810299424A CN108733997A CN 108733997 A CN108733997 A CN 108733997A CN 201810299424 A CN201810299424 A CN 201810299424A CN 108733997 A CN108733997 A CN 108733997A
Authority
CN
China
Prior art keywords
fingerprint
disk
server
electric power
area
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810299424.0A
Other languages
Chinese (zh)
Other versions
CN108733997B (en
Inventor
张烜
陆国生
陈新宇
杨帆
黄志辉
李丰
靳晓琪
陈保豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Nanfang Electric Power Communication Co Ltd
Super High Transmission Co of China South Electric Net Co Ltd
Original Assignee
Guangdong Nanfang Electric Power Communication Co Ltd
Super High Transmission Co of China South Electric Net Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Nanfang Electric Power Communication Co Ltd, Super High Transmission Co of China South Electric Net Co Ltd filed Critical Guangdong Nanfang Electric Power Communication Co Ltd
Priority to CN201810299424.0A priority Critical patent/CN108733997B/en
Publication of CN108733997A publication Critical patent/CN108733997A/en
Application granted granted Critical
Publication of CN108733997B publication Critical patent/CN108733997B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Abstract

The present invention discloses a kind of moving electric power data monitoring system and method based on fingerprint recognition, is related to mobile data technical field of memory, and system includes fingerprint U disk, server-side and the client being set in electric power secondary system computer;Fingerprint U disk setting certification area, closed security zone and the unclassified area;The server-side:For being authenticated to fingerprint U disk closed security zone and killing virus totally to fingerprint U disk, and copying into and copying out for data is recorded;The client:When fingerprint U disk is after server-side is handled, for fingerprint U disk being identified and certification, copying into and copying out for data is carried out in electric power secondary system computer;Based on fingerprint bio feature recognition, move media mandate automation can be achieved in finger print identifying management, realizes duty fulfillment in place;Backstage can be achieved to be audited automatically using process;Using Hash codes technology, force USB flash disk that must be authenticated by server-side;Using data encryption technology, data leak risk can be prevented.

Description

A kind of moving electric power data monitoring system and method based on fingerprint recognition
Technical field
The present invention relates to mobile data technical field of memory more particularly to a kind of moving electric power data based on fingerprint recognition Monitoring system and method.
Background technology
Mobile memory medium can carry out intersecting in electric power secondary system different zones, different terminals mixed, all kinds of industry controls System, O&M terminal itself lack safeguard procedures substantially, once USB flash disk copies data on infected machine, virus has pole can It can be spread by USB flash disk.
Currently, the management of electric power secondary system move media mainly carries out specification, but Power Secondary system by system management Plant stand of uniting dispersion, is difficult to ensure that every plant stand personnel can abide by by system norms merely.Match in addition, lacking technical means It closes, when user of service uses mobile memory medium?Any operation carried out?Whether there is unauthorized people stealthily to connect Enter?Whether someone does not require to use USB flash disk according to system?It is difficult to effectively be supervised.
Currently,《Electric power monitoring system security protection manages method》,《Substation's upkeep operation guiding book》It is situated between to mobile Specific requirement has been done in matter use, and 14 commands on State-level, the guarantors such as electric power standard also has corresponding regulation, but only rests on mostly On Systematic, the dispersion of electric power secondary system plant stand by system norms is difficult to these system norms to land merely.
Invention content
The present invention provides a kind of moving electric power data monitoring system and method based on fingerprint recognition, it is intended to solve tradition and move The portable poison that is susceptible in dynamic medium management, easily divulge a secret, unmanageable the problems such as.
To achieve the goals above, the present invention proposes a kind of moving electric power data monitoring system based on fingerprint recognition, packet It includes:Fingerprint U disk, server-side and the client being set in electric power secondary system computer;The fingerprint U disk is provided with certification Area, closed security zone and unclassified area;
The server-side:When fingerprint U disk accesses for the first time, for generating authentication information to fingerprint U disk and being stored in certification Qu Zhong;When fingerprint U disk is non-to be accessed for the first time, it is authenticated and kills virus totally;It, will be to be deposited when there is external data that need to be stored in File is imported from the unclassified area of fingerprint U disk in closed security zone, and preserves the usage record of fingerprint U disk;
The client:Fingerprint U disk is after server-side is authenticated and is killed virus, for the authentication information to fingerprint U disk It is identified and matches, carry out copying into and copying out for data in electric power secondary system computer after.
Preferably, the certification area, for store the Hash codes, user fingerprints information, hardware identifier code of fingerprint U disk with And fingerprint U disk label.
Preferably, the closed security zone, copying into and copying out for carry out data in the client;When there is external data The data sent by unclassified area are received when need to be stored in server-side.
Preferably, the closed security zone is only visible in being provided with the computer of server-side and client.
Preferably, the data of the closed security zone, storage inside are encrypted.
Preferably, the unclassified area, for storing external data;When there is external data that need to be stored in, by external number It is transmitted in closed security zone according to by server-side;Unclassified area can not open in the client.
Preferably, the server-side includes antivirus module, certification generation module and Audit Module;
Antivirus module:For being killed virus totally to fingerprint U disk closed security zone and unclassified area by antivirus software;
Certification generation module:Hash codes are generated for the closed security zone to fingerprint U disk, and fingerprint U disk is written into the Hash codes Certification area in;User fingerprints are acquired, fingerprint U disk is written into user fingerprints information, hardware identifier code and fingerprint U disk label In certification area;When fingerprint U disk access service end, the information in fingerprint U disk certification area is authenticated;
Audit Module:Usage record for preserving fingerprint U disk.
Preferably, the client includes identification module and authentication module;
Identification module:For according to user fingerprints information, hardware identifier code and fingerprint U disk mark in fingerprint U disk certification area Label, identify whether the fingerprint U disk of access is special-purpose USB flash disk, if so, authentication module starts;Otherwise refusal access;
Authentication module:For in fingerprint U disk closed security zone data generate an instant Hash codes, and with fingerprint U disk certification The Hash codes of area's storage are matched, if so, agreeing to access;Otherwise refusal access.
The present invention proposes a kind of data deposit side carried out using the moving electric power data monitoring system based on fingerprint recognition Method, including:
Fingerprint U disk is inserted in the computer of server-side;
Server-side knows user fingerprints information, hardware identifier code and fingerprint U disk label in fingerprint U disk certification area Not, special-purpose USB flash disk is determined whether, if then being killed virus totally;Otherwise refusal access;
File to be deposited is stored in from unclassified area in closed security zone, and to USB flash disk turn-on time, USB flash disk hardware identification code, disease Poison scanning situation and transmission file processes carry out record of the audit;
Fingerprint U disk is inserted in the computer of client, after fingerprint recognition and Hash codes fit through, opens and protects Mi Qu copies into file to be deposited in electric power secondary system computer.
The present invention proposes a kind of data export side carried out using the moving electric power data monitoring system based on fingerprint recognition Method, including:
Fingerprint U disk is inserted in the computer of server-side;
The hardware identifier code of fingerprint U disk is identified in server-side, determines whether special-purpose USB flash disk, if then carrying out overall Antivirus;Otherwise refusal access;
Fingerprint U disk is inserted in the computer of client, after fingerprint recognition and Hash codes fit through, by electric power Electrical secondary system computer Chinese part is copied out into the closed security zone of fingerprint U disk and is encrypted.
A kind of moving electric power data monitoring system and method based on fingerprint recognition proposed by the present invention have beneficial below Effect:
Based on fingerprint bio feature recognition, move media mandate automation can be achieved in finger print identifying management, realizes that responsibility is fallen Actual arrival position;Backstage can be achieved to be audited automatically using process;Using Hash codes technology, force USB flash disk must by server-side into Row certification;Using data encryption technology, data leak risk can be prevented.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with The structure shown according to these attached drawings obtains other attached drawings.
Fig. 1 is the moving electric power data monitoring system structure chart based on fingerprint recognition in an embodiment of the present invention;
Fig. 2 is server-side structural schematic diagram in an embodiment of the present invention;
Fig. 3 is client terminal structure schematic diagram in an embodiment of the present invention;
Fig. 4 is data store method process schematic in an embodiment of the present invention;
Fig. 5 is data store method flow chart in an embodiment of the present invention;
Fig. 6 is data export method flow chart in an embodiment of the present invention;
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiment is only a part of the embodiment of the present invention, instead of all the embodiments.Base Embodiment in the present invention, those of ordinary skill in the art obtained without creative efforts it is all its His embodiment, shall fall within the protection scope of the present invention.
If it is to be appreciated that related in the embodiment of the present invention directionality instruction (such as up, down, left, right, before and after ...), Then directionality instruction be only used for explaining relative position relation under a certain particular pose (as shown in the picture) between each component, Motion conditions etc., if the particular pose changes, directionality instruction also correspondingly changes correspondingly.
If in addition, relating to the description of " first ", " second " etc. in the embodiment of the present invention, it is somebody's turn to do " first ", " second " etc. Description be used for description purposes only, be not understood to indicate or imply its relative importance or implicitly indicate indicated skill The quantity of art feature." first " is defined as a result, the feature of " second " can explicitly or implicitly include at least one spy Sign.In addition, the technical solution between each embodiment can be combined with each other, but must be with those of ordinary skill in the art's energy It is enough realize based on, when the knot that conflicting or cannot achieve when will be understood that this technical solution occurs in the combination of technical solution Conjunction is not present, also not the present invention claims protection domain within.
The present invention proposes a kind of moving electric power data monitoring system based on fingerprint recognition;
In a kind of preferred embodiment of the present invention, as shown in Figure 1, including:Fingerprint U disk, server-side are (with client not same In computer) and the client that is set in electric power secondary system computer;
In the embodiment of the present invention, fingerprint U disk capacity 8g encrypts and reads speed > 5MB/s, 50 pieces of fingerprint characteristic, identification speed < 100ms are spent, operating system Windows2000/XP/2003 and system above are applicable in;Described fingerprint U disk setting certification area, Closed security zone and unclassified area;
Certification area:Predominantly system client software and server of the system software is identified, is used not as data transmission, Generally hidden state and user can not read and write;It is responsible for storing USB flash disk hardware identifier code, Hash comparison code, finger print information in certification area Deng, hardware identifier code for be associated with the audit function of server-side, Hash codes are with finger print information for right with client progress; Fingerprint function realize user access control, no matter in closed security zone or unclassified area, only when finger print identifying by when user It can allow to be written and read USB flash disk;
Closed security zone:It is responsible for carrying out data transmission in electric power secondary system, can only be taken equipped with system client or system Be engaged in end computer in it is visible and when check code by when could use;The data in the area are by encryption, even if USB flash disk Lose also there is no concern that data leak;
Unclassified area:It is responsible for the transmission of electrical secondary system external data, functionally substantially identical as common U disk, effect It is to be transmitted to external data in closed security zone by server-side, the equipment that cannot system client be housed in electric power secondary system Upper opening;
In a kind of preferred embodiment of the present invention, server-side:When fingerprint U disk accesses for the first time, for recognizing fingerprint U disk generation Card information is simultaneously stored in certification area;When fingerprint U disk is non-to be accessed for the first time, it is authenticated and kills virus totally;When have external data need When deposit, file to be deposited is imported from the unclassified area of fingerprint U disk in closed security zone, and preserve the usage record of fingerprint U disk;
In the embodiment of the present invention, when USB flash disk initializes, user needs finger print information being entered into USB flash disk;User inserts USB flash disk Enter into the server equipped with server-side, open server-side, selects correctly ferry-boat disk;It is new by being clicked after user management Increase, personal information, including work number, name, post, acquisition fingerprint and remarks are filled according to prompt;By acquiring the first fingerprint, Fingerprint typing is carried out, the second fingerprint of acquisition is clicked after the completion, carries out the fingerprint typing of another finger;After the completion of typing, return to Main interface.
In a kind of preferred embodiment of the present invention, before needing that fingerprint U disk data are copied into or copied out, for fingerprint U disk It carries out closing rule operation;According to《South electric network 500KW substations monitoring backstage and interchanger job instruction》Fingerprint U disk is carried out Automation antivirus, formatting, daily record summarize function;In the embodiment of the present invention, design is customized, according to Southern Power Grid Company to moving The specific requirement automated execution of dynamic medium, it is ensured that meet grid company production requirement when user is using move media.
In the embodiment of the present invention, as shown in Fig. 2, server-side includes antivirus module, authentication module and Audit Module;
Antivirus module:For being killed virus totally to fingerprint U disk closed security zone and unclassified area by antivirus software;
The virus investigation antivirus of mobile memory medium is mainly realized by the anti-virus module of server-side, since special-purpose USB flash disk is being protected Mi Qu must be by the certification of server-side after being operated, therefore is nearly identical to connect carrying out virus investigation antivirus at access service end Virus investigation antivirus is carried out when entering client.In conjunction with《5-500kV supervisory control of substation backstage and interchanger upkeep operation guiding book》It is required that Anti-virus module is made of the anti-malicious code software of 2 kinds of different manufacturers, and the update of virus base is responsible for by control backstage, passes through Control backstage is online or obtains upgrade package offline, and the real-time update for realizing virus base is uniformly issued to each server-side.
Certification generation module:Hash codes are generated for the closed security zone to fingerprint U disk, and fingerprint U disk is written into the Hash codes Certification area in;User fingerprints are acquired, fingerprint U disk is written into user fingerprints information, hardware identifier code and fingerprint U disk label In certification area;When fingerprint U disk access service end, the information in fingerprint U disk certification area is authenticated;
(or the server-side with control backstage is responsible for) is responsible in the distribution and registration of USB flash disk by controlling backstage, when progress USB flash disk distribution Or when having special-purpose USB flash disk registration, control backstage may require that user of service inputs user's title and typing finger print information.Information is adopted After collection, control backstage by according to user fingerprints information, hardware identifier code and move media storage management system carry Proprietary Information, which combines, to be generated USB flash disk label and stores into the certification area of special-purpose USB flash disk;
Audit Module:Usage record for preserving fingerprint U disk.
The record of the audit of log information include user using mobile memory medium date-time, using duration, main body mark, Object mark and relevant operation etc., log content are uniformly deposited in control backstage (or server-side with control backstage), so as to In unified follow-up auditing.
It is divided into server-side audit according to the source of audit to audit two parts with client.Server-side audit includes mainly special The information of USB flash disk closed security zone and unclassified area's data exchange, operation information of the user by server-side in USB flash disk closed security zone, and Antivirus record when special-purpose USB flash disk accesses, log transmission are periodically sent to control backstage by server-side and realized.Client audit master To include operation information of the user by client in USB flash disk closed security zone, generally by when end operation client automatically will Log information backs up in certification area, is derived automatically from when waiting next user by USB flash disk interpolation server-side and crosses server-side and periodically sends It is realized to control backstage.
In a kind of preferred embodiment of the present invention, client (client can not open unclassified area):When fingerprint U disk is servicing After end is handled, for fingerprint U disk being identified and certification, copying into for data is carried out in electric power secondary system computer And it copies out.
In the embodiment of the present invention, as shown in figure 3, client includes identification module and authentication module;
Identification module:It can recognize that whether the USB flash disk of access is special-purpose USB flash disk, if not special-purpose USB flash disk, then refuse to access.
Authentication module:An instant Hash codes can be generated to the data in special-purpose USB flash disk closed security zone, and recognized in special-purpose USB flash disk The existing Hash codes in card area are matched, if inconsistent, refuse to access;
Identification and authentication combines composition, USB flash disk label to be given birth to when being registered by special-purpose USB flash disk by USB flash disk label and Hash comparison value It will be respectively according to the hard disk identification code and move media in the user fingerprints of live typing, USB flash disk at client when, access authentication The included Proprietary Information of storage management system is compared with USB flash disk label, and successful match is just considered as USB flash disk label and leads to three simultaneously It crosses.Hash comparison value generates every time after being operated to closed security zone by user, after user operates closed security zone, by servicing End automatically generates closed security zone cryptographic Hash and is stored in certification area totally.When user needs the content by write-in in the client When being copied, cryptographic Hash is generated totally to closed security zone automatically by client and is matched with the cryptographic Hash in certification area.Only Have when USB flash disk label and Hash compare simultaneously by when could allow to access, to ensure legal user on legal machine Access the data on legal storage medium;
The present invention proposes a kind of data deposit side carried out using the moving electric power data monitoring system based on fingerprint recognition Method;
In a kind of preferred embodiment of the present invention, as shown in Figure 4 and Figure 5, including:
S10, fingerprint U disk is inserted in the computer of server-side;
The hardware identifier code of fingerprint U disk is identified in S20, server-side, determines whether special-purpose USB flash disk, if then carrying out Antivirus totally;Otherwise refusal access;
S30, file to be deposited is stored in from unclassified area in closed security zone, and to USB flash disk turn-on time, USB flash disk hardware identification Code, virus scan situation and transmission file processes carry out record of the audit;
S40, fingerprint U disk is inserted in the computer of client, after fingerprint recognition and Hash codes fit through, is beaten Closed security zone is opened to copy into file to be deposited in electric power secondary system computer.
The present invention proposes a kind of data export side carried out using the moving electric power data monitoring system based on fingerprint recognition Method;
In a kind of preferred embodiment of the present invention, as shown in fig. 6, including:
S50, fingerprint U disk is inserted in the computer of server-side;
The hardware identifier code of fingerprint U disk is identified in S60, server-side, determines whether special-purpose USB flash disk, if then carrying out Antivirus totally;Otherwise refusal access;
S70, fingerprint U disk is inserted in the computer of client, it, will after fingerprint recognition and Hash codes fit through Electric power secondary system computer Chinese part is copied out into the closed security zone of fingerprint U disk and is encrypted.
In a kind of preferred embodiment of the present invention, when fingerprint U disk, which corresponds to user, to be replaced, by user and fingerprint U disk into Row unbundlings;Under default situations, one class's value of a USB flash disk dispensing, other classes value personnel cannot carry out user's registration on the USB flash disk; When this USB flash disk needs to transfer other class of value in use, USB flash disk is inserted into management end, clicks and release in server-side main interface Binding carries out class's value binding and releases.
The present invention is different according to the upgrading mode in malicious code library in server-side, deployment way can be divided into online deployment and from Line disposes two kinds, and each substation/current conversion station can select suitable deployment way to carry out product according to the actual environment of network Deployment is implemented.
Online deployment way:
It is more perfect that online deployment way applies in general to management great Qu security protections work, and it is big with production to manage great Qu The closer user environment of area's physical distance.Under the deployment way, control backstage and all server-sides are uniformly accessed into electric power two Subsystem manage it is in great Qu and independent at domain, realize prevented while control backstage interconnect with each server-side other service areas and The region carries out network data exchange.
In server-side the upgrading in malicious code library can according to management great Qu whether on-premise network version anti-virus software and do suitable Work as adjustment, if management great Qu itself has Panda's network-based GVI anti-virus software, it is proposed that preferentially use existing anti-virus software and by network The unified upgrade job for being responsible for control backstage and each server-side malicious code library of version anti-virus software.If management great Qu does not install net Network version anti-virus software or Panda's network-based GVI anti-virus software are not up to two or more, then need to be configured perimeter firewall, open The Outside Access permission on backstage is controlled (it is recommended that contact anti-virus software manufacturer, understands the end used in upgrading virus base and software Mouthful, and do port on fire wall and minimize configuration).By the viral upgrade package of the online acquisition in control backstage and it is distributed to each server-side In.
The advantages of online deployment, is to realize that the real-time virus base in internet upgrades automatically by management great Qu, and is not necessarily to Independence networking reduces certain networking cost.But disadvantage is that online deployment mode is needed in the management boundaries great Qu and core The certain strategy change of heart exchange area progress, additionally, due to being deployed on management great Qu, so as to cause the safety meeting one of system Determine to rely on the safety with management great Qu in degree.
Offline deployment way:
After offline deployment way applies in general to relatively simple management great Qu security protections work or each server-side and control Platform physical distribution is difficult to independently the case where at domain.Under the deployment way, control backstage and all server-side independence networkings, not with Manage great Qu or production great Qu interconnection.
The realization of virus base upgrade package is periodically downloaded in the upgrading in malicious code library by operation maintenance personnel in server-side, by anti- Malicious code product producer official website is downloaded in upgraded in offline packet to control backstage, then will obtain viral upgrade package point by control backstage It is dealt into each server-side and realizes upgraded in offline.
The advantages of offline deployment, is that system independently dispose, compare dispose online it is relatively low on electric power secondary system influence, In addition the risk that system is attacked also is reduced to a certain extent.But disadvantage is that automatically updating for virus base can not be carried out, to Cause to increase certain O&M cost, while being also difficult to virus base and upgrading in time.In addition, due to disposing independent group offline Net needs that certain hardware cost is spent to be supported.
The foregoing is merely the preferred embodiment of the present invention, are not intended to limit the scope of the invention, every at this Under the inventive concept of invention, using equivalent structure transformation made by description of the invention and accompanying drawing content, or directly/use indirectly In the scope of patent protection that other related technical areas are included in the present invention.

Claims (10)

1. a kind of moving electric power data monitoring system based on fingerprint recognition, which is characterized in that including:Fingerprint U disk, server-side and The client being set in electric power secondary system computer;The fingerprint U disk is provided with certification area, closed security zone and unclassified Area;
The server-side:When fingerprint U disk accesses for the first time, for generating authentication information to fingerprint U disk and being stored in certification area; When fingerprint U disk is non-to be accessed for the first time, it is authenticated and kills virus totally;When there is external data that need to be stored in, by file to be deposited It is imported in closed security zone from the unclassified area of fingerprint U disk, and preserves the usage record of fingerprint U disk;
The client:Fingerprint U disk carries out after server-side is authenticated and is killed virus for the authentication information to fingerprint U disk Identification and matching, carry out copying into and copying out for data after in electric power secondary system computer.
2. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Certification area, Hash codes, user fingerprints information, hardware identifier code and fingerprint U disk label for storing fingerprint U disk.
3. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Closed security zone, copying into and copying out for carry out data in the client;It is connect in server-side when there is external data that need to be stored in Receive the data sent by unclassified area.
4. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Closed security zone is only visible in being provided with the computer of server-side and client.
5. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described The data of closed security zone, storage inside are encrypted.
6. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Unclassified area, for storing external data;When there is external data that need to be stored in, external data is transmitted to secrecy by server-side Qu Zhong;Unclassified area can not open in the client.
7. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Server-side includes antivirus module, certification generation module and Audit Module;
Antivirus module:For being killed virus totally to fingerprint U disk closed security zone and unclassified area by antivirus software;
Certification generation module:Hash codes are generated for the closed security zone to fingerprint U disk, and recognizing for fingerprint U disk is written into the Hash codes It demonstrate,proves in area;User fingerprints are acquired, user fingerprints information, hardware identifier code and fingerprint U disk label are written to the certification of fingerprint U disk Qu Zhong;When fingerprint U disk access service end, the information in fingerprint U disk certification area is authenticated;
Audit Module:Usage record for preserving fingerprint U disk.
8. the moving electric power data monitoring system according to claim 1 based on fingerprint recognition, which is characterized in that described Client includes identification module and authentication module;
Identification module:For according to user fingerprints information, hardware identifier code and fingerprint U disk label in fingerprint U disk certification area, knowing Whether the fingerprint U disk not accessed is special-purpose USB flash disk, if so, authentication module starts;Otherwise refusal access;
Authentication module:For generating an instant Hash codes to data in fingerprint U disk closed security zone, and deposited with fingerprint U disk certification area The Hash codes of storage are matched, if so, agreeing to access;Otherwise refusal access.
9. the data deposit side carried out using the moving electric power data monitoring system described in claim 1 based on fingerprint recognition Method, which is characterized in that including:
Fingerprint U disk is inserted in the computer of server-side;
User fingerprints information, hardware identifier code and fingerprint U disk label in fingerprint U disk certification area is identified in server-side, sentences Whether disconnected is special-purpose USB flash disk, if then being killed virus totally;Otherwise refusal access;
File to be deposited is stored in from unclassified area in closed security zone, and USB flash disk turn-on time, USB flash disk hardware identification code, virus are swept It retouches situation and transmission file processes carries out record of the audit;
Fingerprint U disk is inserted in the computer of client, after fingerprint recognition and Hash codes fit through, opens closed security zone File to be deposited is copied into electric power secondary system computer.
10. the data export side carried out using the moving electric power data monitoring system described in claim 1 based on fingerprint recognition Method, which is characterized in that including:
Fingerprint U disk is inserted in the computer of server-side;
The hardware identifier code of fingerprint U disk is identified in server-side, determines whether special-purpose USB flash disk, if then being killed virus totally; Otherwise refusal access;
Fingerprint U disk is inserted in the computer of client, after fingerprint recognition and Hash codes fit through, by Power Secondary File is copied out into the closed security zone of fingerprint U disk and is encrypted in component computer.
CN201810299424.0A 2018-04-04 2018-04-04 Mobile power data monitoring system and method based on fingerprint identification Active CN108733997B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810299424.0A CN108733997B (en) 2018-04-04 2018-04-04 Mobile power data monitoring system and method based on fingerprint identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810299424.0A CN108733997B (en) 2018-04-04 2018-04-04 Mobile power data monitoring system and method based on fingerprint identification

Publications (2)

Publication Number Publication Date
CN108733997A true CN108733997A (en) 2018-11-02
CN108733997B CN108733997B (en) 2021-09-24

Family

ID=63940733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810299424.0A Active CN108733997B (en) 2018-04-04 2018-04-04 Mobile power data monitoring system and method based on fingerprint identification

Country Status (1)

Country Link
CN (1) CN108733997B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109743533A (en) * 2018-11-23 2019-05-10 浙江星月安防科技有限公司 Intelligent anti-theft door
CN110533142A (en) * 2019-09-24 2019-12-03 爱国者安全科技(北京)有限公司 A kind of encrypted U disk and USB flash disk partition method
CN113238896A (en) * 2021-06-21 2021-08-10 北京飞思特信息技术有限公司 Disaster recovery and recovery system of distributed examination service based on USB flash disk
CN113392435A (en) * 2021-05-24 2021-09-14 国网湖北省电力有限公司电力科学研究院 Intelligent substation USB interface safety management and control system and method
CN113853765A (en) * 2019-08-23 2021-12-28 西门子股份公司 Method and system for security management of mobile storage device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101082883A (en) * 2006-05-31 2007-12-05 朴显泽 Storage apparatus having multiple layer encrypting protection
US20120246460A1 (en) * 2009-11-05 2012-09-27 Zte Corporation Encryption device and method for controlling download and access operations performed to a mobile terminal
CN104715206A (en) * 2013-12-13 2015-06-17 贵州电网公司信息通信分公司 Data security protection method for mobile storage medium
CN106874802A (en) * 2017-01-19 2017-06-20 湖北航天技术研究院总体设计所 A kind of industrial control equipment virus protection system based on drive control

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101082883A (en) * 2006-05-31 2007-12-05 朴显泽 Storage apparatus having multiple layer encrypting protection
US20120246460A1 (en) * 2009-11-05 2012-09-27 Zte Corporation Encryption device and method for controlling download and access operations performed to a mobile terminal
CN104715206A (en) * 2013-12-13 2015-06-17 贵州电网公司信息通信分公司 Data security protection method for mobile storage medium
CN106874802A (en) * 2017-01-19 2017-06-20 湖北航天技术研究院总体设计所 A kind of industrial control equipment virus protection system based on drive control

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109743533A (en) * 2018-11-23 2019-05-10 浙江星月安防科技有限公司 Intelligent anti-theft door
CN109743533B (en) * 2018-11-23 2021-07-23 浙江星月安防科技有限公司 Intelligent anti-theft door
CN113853765A (en) * 2019-08-23 2021-12-28 西门子股份公司 Method and system for security management of mobile storage device
CN110533142A (en) * 2019-09-24 2019-12-03 爱国者安全科技(北京)有限公司 A kind of encrypted U disk and USB flash disk partition method
CN113392435A (en) * 2021-05-24 2021-09-14 国网湖北省电力有限公司电力科学研究院 Intelligent substation USB interface safety management and control system and method
CN113238896A (en) * 2021-06-21 2021-08-10 北京飞思特信息技术有限公司 Disaster recovery and recovery system of distributed examination service based on USB flash disk

Also Published As

Publication number Publication date
CN108733997B (en) 2021-09-24

Similar Documents

Publication Publication Date Title
CN108733997A (en) A kind of moving electric power data monitoring system and method based on fingerprint recognition
CN105184179B (en) Embedded encrypted mobile storage device and operation method thereof
CN101122942B (en) Data safe reading method and its safe storage device
EP1549021A1 (en) Access controlled by security token and mediated by sever
EP1189128A2 (en) Secure system and method for accessing files in computers using fingerprints
CN103473844A (en) Intelligent control method and intelligent control system for public rental housing
CN110011848B (en) Mobile operation and maintenance auditing system
CN112653689B (en) Terminal zero trust security control method and system
CN106209754B (en) To the method and system of software package automatic signature in version control system
CN106161442A (en) A kind of system control user login method
CN106815503A (en) A kind of operating system method for managing user right and system
US20200098208A1 (en) Security control device, security control method, security system and storage medium
CN116011005A (en) Method and system for preventing phishing or luxury software attacks
CN104085203A (en) Portable intelligent digital seal
CN101159553A (en) Methods, systems for local blade server security
CN109660514A (en) A kind of implementation method of smart machine system, smart machine control method and system
CN109446259A (en) Data processing method and device, processor and storage medium
CN105868610A (en) Method and system for realizing user authentication through biological characteristic information
CN107104958A (en) Manage the method, private clound and public cloud equipment and storage device of private clound equipment
CN110990863B (en) Method for realizing file access control through timestamp and encryption algorithm
CN113014393B (en) Password safe box system based on hardware encryption and application method
JP4587688B2 (en) Encryption key management server, encryption key management program, encryption key acquisition terminal, encryption key acquisition program, encryption key management system, and encryption key management method
CN111814186B (en) Menu authority access control method of intelligent equipment operation platform
CN105279453A (en) Separate storage management-supporting file partition hiding system and method thereof
CN116305287A (en) File management method for preventing secret leakage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant