CN109190364A - A kind of safe U disc for solid state hard disk authentication - Google Patents

A kind of safe U disc for solid state hard disk authentication Download PDF

Info

Publication number
CN109190364A
CN109190364A CN201810866266.2A CN201810866266A CN109190364A CN 109190364 A CN109190364 A CN 109190364A CN 201810866266 A CN201810866266 A CN 201810866266A CN 109190364 A CN109190364 A CN 109190364A
Authority
CN
China
Prior art keywords
authentication
usb flash
flash disk
ssd
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810866266.2A
Other languages
Chinese (zh)
Inventor
樊凌雁
赵经天
方立春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dianzi University
Hangzhou Electronic Science and Technology University
Original Assignee
Hangzhou Electronic Science and Technology University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Electronic Science and Technology University filed Critical Hangzhou Electronic Science and Technology University
Priority to CN201810866266.2A priority Critical patent/CN109190364A/en
Publication of CN109190364A publication Critical patent/CN109190364A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of safe U discs for solid state hard disk authentication, include at least first interface module, USB flash disk controller, the first authentication module and user login management module;Built In Operating System is in the USB flash disk controller to complete the USB flash disk authentication operations and user authentication operation with the SSD for accessing the operating system for Host Detection to starting when safe U disc access and in the operating system;After USB flash disk authentication and user authentication success, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state.Using technical solution of the present invention, only after USB flash disk authentication and user authentication pass through, unique corresponding encryption solid state hard disk can be just decrypted.

Description

A kind of safe U disc for solid state hard disk authentication
Technical field
The present invention relates to data encryption, data storage, data transmission and data field of authentication, more particularly to one kind is for solid The safe U disc of state hard disk authentication.
Background technique
With the continuous development of science and technology, the data safety of hard disc of computer is always the focal issue of social concerns, Due to having been achieved for improving in flash memory device technical aspect, the preferred storage media of solid state hard disk conduct, its leader Position has obtained great consolidation.In recent years, serious problem of divulging a secret is caused since the information in solid state hard disk is stolen, and Certain special dimensions such as aerospace, financial field have very high requirement, and the former data to solid state hard disk to data safety The problem of safety is destroyed quite is paid attention to, therefore it is of crucial importance to carry out high-intensitive encryption to solid state hard disk.
Based on BIOS realize solid state hard disk encryption method be all it is most traditional, due to that cannot support multiple numbers of users It being encrypted respectively according to area, key and user data are all stored in together in solid state hard disk and key is also stored by storage medium, because This, the safety of storing data is significantly reduced, and is extremely easy to be cracked.
The encryption technology of most common solid state hard disk is fingerprint identification technology.Prominent question existing for the technology is exactly The file only stored in user's ability access hard disk, and the work of edit and storage is carried out to file.However, for this The phenomenon that kind of only one user could access to a storage equipment, if the data for all wanting to access oneself if much users Multiple storage equipment are needed to go to save the data of oneself and file.Therefore, the utilization rate of equipment is just significantly reduced.
In short, the encryption method of solid state hard disk currently on the market either the safety of authentication method, operability with And efficiency be not it is very high, in order to meet above-mentioned requirements, also have in the prior art and introduce USB flash disk and carry out phase in conjunction with solid state hard disk Operation is closed, referring to patent application document 105354479A, a kind of solid state hard disk and data-hiding method (Shen based on USB flash disk authentication Please be number for 201510737530.9), however in the technical solution recorded of the patent document, the USB flash disk introduced, which only acts as, to be held The medium for carrying transmission solid state hard disk secure memory block key will have more a subregion that is, when being inserted into USB flash disk in SSD module, should Subregion is exactly the region for the encryption information for needing key to open, and the mode encryption storage mode is single and unhidden, holds very much It is easily cracked by unauthorized person using broken hole, substantially reduces the safety of data.
Meanwhile in terms of hard disc data destruction, the prior art is mainly come using dedicated data destroying software to hard Disk carry out it is repeatedly erasable, however, the defect of this data destroying mode is exactly the destroyed ground of data and is not thorough, especially needle To solid state hard disk, it is difficult to accomplish purely and simply to destroy data, it is very long furthermore to consume the useless time.
Therefore, for through existing drawbacks described above, it is necessary to relevant research is carried out, to propose a kind of effective and feasible side Case, so as to solve some defects existing in the prior art.
Summary of the invention
In view of this, the present invention provides a kind of safe U disc for solid state hard disk authentication, so that solid state hard disk be greatly improved The security performance of middle data.
In order to overcome the shortcomings of the prior art, the present invention the following technical schemes are provided:
A kind of safe U disc for solid state hard disk authentication, the safe U disc includes at least first interface module, USB flash disk controls Device, the first authentication module and user login management module;
The first interface module is connected with host and USB flash disk controller, is counted for realizing USB flash disk controller with outside According to communication;
Built In Operating System is in the USB flash disk controller to be used to start and when Host Detection is accessed to safe U disc in the behaviour Make the SSD of the operating system was completed and accessed to system USB flash disk authentication operations and user authentication operation;When USB flash disk authentication and user recognize After demonstrate,proving successfully, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state;
First authentication module is connected with USB flash disk controller, built-in first authentication code, first authentication code with it is interior It sets and matches with the second authentication code in corresponding SSD;The USB flash disk authentication operations are to obtain respectively in the case where running USB flash disk operating system First authentication code and the second authentication code simultaneously judge whether the two matches;
The USB flash disk controller starts user login management module after obtaining USB flash disk authentication pass signal, and the user logs in pipe Reason module is used to receive the user information of user's input and is matched with user information preset in it to complete user authentication behaviour Make and returns to user authentication result information to USB flash disk controller;If user authentication result information is user authentication success, the U Disk controller sends unlock instruction to SSD.
The safe U disc further includes first key memory module as a preferred technical solution, the first key storage Module is nonvolatile storage, for storing the key KEY of SSD data encryption, after USB flash disk authentication and user authentication success, and USB flash disk Controller obtains key KEY and is sent to SSD with the encryption and decryption operation for data in SSD.
The USB flash disk controller is for detecting user authentication failure number and working as user authentication as a preferred technical solution, The frequency of failure is destroyed more than generation after preset threshold to be instructed and is sent to SSD.
Administrator and ordinary user, pipe are included at least in user login management module as a preferred technical solution, Reason person user can be configured general user information after logging in, and ordinary user could secure log after being arranged successfully.
As a preferred technical solution, after USB flash disk authentication and user authentication, the USB flash disk controller is sent to SSD controller Unlock instruction, SSD data encryption key KEY and authority information, the authority information is for limiting different user to the behaviour of SSD Make permission.
The operating system in the USB flash disk controller uses linux system as a preferred technical solution, for controlling peace The co-ordination of each module in full USB flash disk.
The safe U disc further includes identity information acquisition module, the identity information acquisition as a preferred technical solution, Module is connected with the user login management module, for acquiring user information and inputing to user login management module;Institute Key-press input or fingerprint identification module can be used by stating identity information acquisition module.
The safe U disc further includes encryption/decryption module as a preferred technical solution, for realizing between USB flash disk and SSD Data transmission carries out under cipher mode.
The safe U disc further includes data memory module as a preferred technical solution, and the data memory module is used for Storing data.
It as a preferred technical solution, further include key production module, the key production module is connected with USB flash disk controller It connects, for generating key, the key is for data encrypting and deciphering in the safe U disc.
Compared with prior art, using technical solution provided by the invention, by uniquely match the USB flash disk that uses with SSD forms united encryption system;Compared with the existing technology authentication, present invention operation can only be carried out under itself operating system New operating system in USB flash disk, can further improve security performance, while increase the scalability of combining encryption system, Complexity is low, at low cost.The linux system operation operation installed in USB flash disk is quick and convenient, and dual-identity authentication improves data storage Safety, while for SSD data encrypting and deciphering key storage in safe U disc, so that various levels all effectively prevent The illegal invasion of unauthorized person cracks;Further, the present invention also provides quick, thorough data destroying function, because This, technical solution of the present invention, either in personal or enterprise market, or in spies such as military affairs, aviation, government, finance, public security The new system in different market, the invention all has vast potential for future development.
Detailed description of the invention
Fig. 1 is flow diagram of the invention.
Fig. 2 is a kind of flow chart of preferred embodiment of the present invention.
Fig. 3 is user setting and login process specific flow chart in the present invention.
Fig. 4 is system structure diagram of the invention.
Fig. 5 is the structural block diagram of safe U disc in the present invention.
Following specific embodiment will further illustrate the present invention in conjunction with above-mentioned attached drawing.
Specific embodiment
Below with reference to attached drawing, the invention will be further described.
In order to solve the defects of prior art, referring to fig. 4 with 5, the invention discloses a kind of for solid state hard disk authentication Safe U disc, including the safe U disc being connected with host and solid state hard disk (SSD), the safe U disc includes at least first interface Module, USB flash disk controller, the first authentication module and user login management module, the SSD include at least second interface module, SSD Controller, the second authentication module and data memory module, wherein first interface module is connected with host, for realizing safe U Disk and external progress data communication;Second interface module is connected with host, for realizing SSD and external progress data communication;U Disk controller is connected with first interface module, the first authentication module and user login management module, Built In Operating System with Start the operating system when accessing for Host Detection to safe U disc;SSD controller and second interface module, the second authentication mould Block is connected with data memory module, for closing the memory channel of data memory module until receiving safe U disc transmission Unlock instruction;First authentication module is connected with USB flash disk controller, built-in first authentication code;Second authentication module and SSD are controlled Device is connected, built-in second authentication code;First authentication code and the second authentication code unique match, in the case where running USB flash disk operating system, It completes USB flash disk authentication operations and feeds back authentication result information to safe U disc, namely judge between the first authentication code and the second authentication code Whether match, then USB flash disk authenticates successfully if the two match, otherwise USB flash disk failed authentication.USB flash disk controller obtains USB flash disk and authenticates successfully After signal start user login management module, user login management module be used for receive user input user information and in it Preset user information matches to complete user authentication and return to user authentication result information to USB flash disk controller;If user It authenticates successfully, completes USB flash disk to SSD and send unlock instruction, after SSD unlock, host could access to the data in SSD.
In the above-mentioned technical solutions, host starts combining encryption software in the case where running USB flash disk operating system, soft in combining encryption Under the control of part, the authentication operations of USB flash disk and SSD are completed.Further, the authentication operations of USB flash disk and SSD can USB flash disk, SSD or It is completed in host.
Realize that the process of authentication operations is as follows in USB flash disk: USB flash disk controller obtains the second authentication code in SSD and is sent to First authentication module, the first authentication module match the second authentication code received with pre-stored first authentication code, If successful match, authentication successful information is sent to USB flash disk controller, otherwise sends failed authentication information.
Realize that the process of authentication operations is as follows in host: host is obtained respectively in the first authentication code and SSD in USB flash disk Second authentication code, and the two is matched, if successful match, authentication successful information is sent to USB flash disk controller, is otherwise sent out Send failed authentication information.
Realize that the process of authentication operations is as follows in SSD: the first authentication code that SSD controller obtains in safe U disc is concurrent Give the second authentication module, the second authentication module carries out the first authentication code received and pre-stored second authentication code Match, if successful match, safe U disc sends authentication successful information, otherwise sends failed authentication information.
In a preferred embodiment, SSD further includes encryption/decryption module, encryption/decryption module and SSD controller and data Memory module is connected, and makes to be stored in the data encryption data in data memory module for data encrypting and deciphering.Into one Step, SSD further includes the second cipher key storage block, and storage is used for the key of SSD data encrypting and deciphering in the second cipher key storage block KEY, encryption/decryption module obtain key KEY and carry out encryption and decryption to data.
In a preferred embodiment, safe U disc further includes first key memory module, in first key memory module Storage is used for the key KEY of SSD data encryption, and the key for SSD data encrypting and deciphering can be placed in USB flash disk, and SSD itself is not The key is saved, after USB flash disk authentication and user authentication success, this key, USB flash disk controller after user authentication success could be obtained Acquisition is stored in key KEY in first key memory module and is sent to SSD.Further, SSD obtains key KEY and is deposited Storage is in the second cipher key storage block, for the encryption and decryption to reading and writing data in SSD, wherein the second cipher key storage block is volatile In memory, therefore, after power down, the storage information in the second cipher key storage block will disappear, and not retain key KEY in SSD.Cause This is not passing through USB flash disk authentication and user authentication since the key KEY of SSD data encryption is stored in USB flash disk matched with its The case where, there is no key KEY in SSD, even if Brute Force memory can not also obtain the encryption data of SSD.
In a preferred embodiment, SSD further includes destroying module, destroys module for the pin according to SSD controller It ruins control instruction and destroys data in data memory module.Destroying control instruction can be under normal use SSD state according to user It inputs information to generate, or SSD controller is actively generated to prevent data information stolen when detecting Brute Force;It is preferred that Ground, when user information it fails to match the number of user's input is more than preset threshold, USB flash disk is sent to SSD destroys instruction to be used for pin Ruin the data in SSD.I.e. by way of the errors number for the username and password that customized user voluntarily inputs, realize to hard The quick destruction of disk data and file destroys then physical destroying or logic, and set in linux system by administrator It sets, then the mode by voluntarily being selected to destroy by user after activation system.
In a preferred embodiment, safe U disc further includes identity information acquisition module, identity information acquisition module with User login management module is connected, for acquiring user information and inputing to user login management module to realize that user recognizes Card.Identity information acquisition module can use but be not limited to key passwords, biological information etc.;Preferably, identity information acquisition Module uses fingerprint identification module, for acquiring user fingerprints information.In practical applications, general management person user, which logs in, uses Finger print identifying mode logs in, and ordinary user is logged in by the way of inputting account number cipher.It is continuous that maximum identity information can be set Errors number is acquired, when being more than to limit number, safe U disc is immediately performed data destroying program.
In a preferred embodiment, safe U disc further includes encryption/decryption module, to realize the number between USB flash disk and SSD It is carried out under cipher mode according to transmission.Preferably, encryption/decryption module built-in encryption algorithm, for being carried out to the data in USB flash disk The operation of encryption and decryption can use SM2 Elliptic Curve Cryptosystem, and SM2 can generate two keys of public-key cryptography and private cipher key, The data of required encryption or file are encrypted by public key, then are issued SSD (recipient) together with private key, are received Side public key can be decrypted by private key, thus arrive effective information.Can with but do not limit to and state close SM4, AES Scheduling algorithm.
In a preferred embodiment, safe U disc further includes data memory module, so that safe U disc both can be used as The authentication USB flash disk of SSD can be used as common U disk and carry out data storage.
It in a preferred embodiment, further include key production module, key production module is connected with USB flash disk controller Connect, for generating key, the key include for safe U disc data encryption key and in SSD data encryption it is close Key KEY, wherein key KEY is stored in first key memory module.Key for SSD data encrypting and deciphering can be placed on USB flash disk In, SSD itself does not save the key, after USB flash disk authentication and user authentication success, could obtain this key.
In a preferred embodiment, SSD is exactly the included solid state hard disk of computer;Computer includes CPU, master Plate, display screen etc. the basic element of character, also mountable all kinds of required systems.
In a preferred embodiment, SSD using SAS interface, SATA interface, PCIe interface etc. connect host or Other embedded storage equipment.
In a preferred embodiment, the safe U disc connects host or other insertions by USB interface Formula stores equipment;It is not limited to USB2.0, USB3.0 etc..
Preferably, safe U disc is equipped with a simple linux system, for controlling the coordination work of each module of safe U disc Make.Linux system is run in safe U disc, linux system is a system based on minimum core, and is not take up too many USB Memory space, efficiently it is convenient.
Preferably, the system user management, be in linux system according to the different demands of different user to function into Row is customized.
Preferably, the data memory module, i.e. storage user important data or file etc..
In a preferred embodiment, safe U disc and solid state hard disk are applied on host simultaneously, and Host Detection is to there is U Start USB flash disk after disk insertion, sets the linux system on USB flash disk;It runs under USB flash disk linux system, combining encryption system refers to authentication Order is sent to host from Linux, and host sends verifying instruction in SSD match with preset authentication code again.USB flash disk mirror Information is fed back into linux system again and starts user and logged in by combining encryption system after weighing successfully.It is used under linux system Family safety certification, SSD just opens memory channel while safe U disc just for SSD data encrypting and deciphering after user authentication success Key is sent to SSD.
By adopting the above technical scheme, the KEY based on safe U disc as encryption solid state hard disk, in USB flash disk authentication or user authentication In the state of all unsuccessful, all in the state of full disk encryption, any user and system platform can not all obtain the data in SSD Data in SSD can only also obtain the encryption data of read-only status even if Brute Force, and can not obtain valid data.Only When safe U disc authentication and user identity authentication pass through, SSD ability turn-on data memory channel obtains the key KEY in USB flash disk simultaneously As the key of data encrypting and deciphering, operation is decrypted in the data that could be encrypted, and user just may have access to effective content.The present invention is logical It crosses and has introduced safe U disc, graphical interfaces can be increased, it is user-friendly, while greatly improving the security performance of SSD.
Referring to Fig. 1, it is shown a kind of flow diagram of the safe U disc for solid state hard disk authentication of the present invention, including following Step:
Step S1: Host Detection USB flash disk accesses and starts the operating system in USB flash disk;
Step S2: in the case where running USB flash disk operating system, completing the authentication operations of USB flash disk and SSD, wherein distinguishes in USB flash disk and SSD Store one-to-one authentication code;
Step S3: user authentication is carried out after authenticating successfully;
Step S4: SSD could be had secure access to after user authentication success, otherwise the data in SSD are all in full disk encryption State.
By adopting the above technical scheme, since authentication operations are carried out under operating system in USB flash disk, to greatly improve The security performance of SSD;Meanwhile safety operation of multiple users to SSD is realized by introducing user authentication mode, by dual Authentication further increases the security performance of SSD.
Wherein, in step sl, Host Detection starts USB flash disk to after there is USB flash disk insertion, has set the linux system on USB flash disk;Its In, SSD can be built in host, can also be connected by Peripheral Interface with host;Host is PC, pad or other insertions Formula equipment;In a preferred embodiment, further include the steps that detecting whether SSD accesses, when SSD access is not detected in host When, prompt SSD not access.
In step s 2, combining encryption software is run under USB flash disk operating system, the authentication for completing USB flash disk and SSD is grasped Make, wherein authentication operations can be completed in USB flash disk, SSD or host.
In a preferred embodiment, authentication operations are completed in SSD, SSD by received authentication code be stored in advance Authentication code is matched in it, and the two exact matching then authenticates success, otherwise failed authentication.Step S2 further comprises following Step:
Step S21: obtaining the authentication code in USB flash disk and sends it to SSD to carry out authentication operations for SSD;That is, main Machine obtains the authentication code being stored in USB flash disk under linux, then sends authentication code in SSD.SSD receives combining encryption system The authentication code sent;The authentication code is matched with the correct information being stored in;
Step S22: receiving the authentication result information that SSD is returned, if authentication successful execution step S3;That is, matching is true Combining encryption system is again by correct information feedback into linux system after recognizing successfully.
In step s3, it further includes steps of
Step S31: start user login management module after obtaining authentication successful information;Information feedback after authenticating successfully User's login is carried out to USB flash disk;Further, user logs in and its certification is realized by the user login management module in USB flash disk;
Step S32: receiving the user information of user and matches with user information pre-set in USB flash disk, if with Then user authentication is successful for the exact matching of family information, otherwise user authentication failure;Wherein, user includes at least administrator and Pu General family, administrator can be configured general user information after logging in, and ordinary user can be safe after being arranged successfully Log in the system.It in a preferred embodiment, can also be the different permission of each user setting, USB flash disk is sent to SSD User authentication successful information in further include authority information, the authority information is for limiting different user to the operating rights of SSD Limit.Permission, which is included at least, carries out read/writable operation or read-only operation to SSD.
In a preferred embodiment, fingerprint identification module is arranged in USB flash disk, and administrator, which logs in, uses finger print identifying Mode logs in, and ordinary user is logged in by the way of inputting account number cipher.
Step S33: user authentication successful information is sent to unlock SSD to SSD.Wherein, user authentication successful information is at least Including SSD unlock instruction, SSD control module receives ability turn-on data memory channel after user authentication successful information, otherwise any People can not obtain the storing data in SSD.
In a preferred embodiment, SSD is the SSD of built-in encryption module, and all data being stored in SSD are all Encryption data.Key KEY for SSD data encryption can store in SSD, also can store in USB flash disk.
In a preferred embodiment, it is stored in USB flash disk for the key KEY of SSD data encryption, step S33 is into one Step includes:
It is obtained after authenticating successfully and is stored in key KEY in USB flash disk and is sent to SSD, the key KEY is for data in SSD Encryption and decryption.Key for SSD data encrypting and deciphering can be placed in USB flash disk, and SSD itself does not save the key, be authenticated in USB flash disk After user authentication success, this key could be obtained.SSD obtain key KEY store it in volatile memory, in this way when After secondary operation, key KEY is not retained in SSD.Therefore, because the key KEY of SSD data encryption be stored in it is matched with it In USB flash disk, the case where not passing through USB flash disk authentication and user authentication, there is no key KEY in SSD, even if Brute Force memory Also the encryption data of SSD can not be obtained.
In a preferred embodiment, the data transmission between USB flash disk and SSD carries out under cipher mode.
In a preferred embodiment, further include the steps that user information it fails to match number statistics, active user is defeated The user information entered it fails to match number is more than preset threshold, and USB flash disk is sent to SSD destroys instruction for destroying the number in SSD According to.
In a preferred embodiment, in step s3, the correct information of administrator setting ordinary user includes one The step of whether user information has been set judged.
Referring to fig. 2, the present invention is shown for a kind of preferred flow charts in the safe U disc of solid state hard disk authentication.By opening Linux system in dynamic safe U disc, USB flash disk authentication by under linux system authentication code be sent in SSD from USB flash disk and with deposited Enter the unique match authentication code in SSD and interact confirmation, then the information feedback after authenticating successfully is to linux system, Linux System judges whether administrator is provided with general user information after receiving the authentication successful information of feedback again, if being arranged General user information is then directly entered user login operation;If being not provided with user information, user is stepped on by system manager Record information is configured to be logged in again.Enter failure handling if logging in system by user failure;System is sent if logining successfully Instruction unlock SSD, ordinary user can normal use.
Referring to Fig. 3, it show user setting and login process specific flow chart in the present invention.After USB flash disk authenticates successfully, it is System has the judgement whether a user information was arranged, if the log-on message of ordinary user, i.e. user had been arranged in the system It can directly login system and have secure access to;If user information is not set, system manager can record general user information And be arranged, use can be logged in by being provided with rear user.The judgement of logon error number, and needle are had during login To secondary number system of mistake can also make it is corresponding log in error handling processing, i.e., the user name voluntarily inputted by customized user with The mode of the errors number of password realizes the quick destruction to hard disc data and file, to then physical destroying or logic pin Mode is ruined, and is arranged in linux system by system manager and is voluntarily selected by user.
The above description of the embodiment is only used to help understand the method for the present invention and its core ideas.It should be pointed out that pair For those skilled in the art, without departing from the principle of the present invention, the present invention can also be carried out Some improvements and modifications, these improvements and modifications also fall within the scope of protection of the claims of the present invention.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one The widest scope of cause.

Claims (10)

1. a kind of safe U disc for solid state hard disk authentication, which is characterized in that the safe U disc includes at least first interface mould Block, USB flash disk controller, the first authentication module and user login management module;
The first interface module is connected with host and USB flash disk controller, leads to for realizing USB flash disk controller and the external data that carry out Letter;
Built In Operating System is in the USB flash disk controller to be used to start and when Host Detection is accessed to safe U disc in the operation system System completes the USB flash disk authentication operations and user authentication operation with the SSD for accessing the operating system;When USB flash disk authentication and user authentication at After function, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state;
First authentication module is connected with USB flash disk controller, built-in first authentication code, first authentication code and it is built-in with The second authentication code in corresponding SSD matches;The USB flash disk authentication operations are to obtain first respectively in the case where running USB flash disk operating system Authentication code and the second authentication code simultaneously judge whether the two matches;
The USB flash disk controller starts user login management module, the user login management mould after obtaining USB flash disk authentication pass signal Block is used to receive the user information of user's input and is matched with user information preset in it to complete user authentication operation simultaneously User authentication result information is returned to USB flash disk controller;If user authentication result information is user authentication success, the USB flash disk control Device processed sends unlock instruction to SSD.
2. the safe U disc according to claim 1 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps First key memory module is included, the first key memory module is nonvolatile storage, for storing the close of SSD data encryption Key KEY, after USB flash disk authentication and user authentication success, USB flash disk controller obtains key KEY and is sent to SSD for number in SSD According to encryption and decryption operation.
3. the safe U disc according to claim 2 for solid state hard disk authentication, which is characterized in that the USB flash disk controller is used It instructs and is sent in detecting user authentication failure number and generating to destroy after user authentication failure number is more than preset threshold SSD。
4. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that user login management mould Administrator and ordinary user are included at least in block, administrator can be configured general user information after logging in, Ordinary user could secure log after being arranged successfully.
5. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that as USB flash disk authentication and user After certification, the USB flash disk controller sends the key KEY and authority information of unlock instruction, SSD data encryption, institute to SSD controller State operating right of the authority information for limiting different user to SSD.
6. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that in the USB flash disk controller Operating system use linux system, for controlling the co-ordination of each module in safe U disc.
7. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps Identity information acquisition module is included, the identity information acquisition module is connected with the user login management module, for acquiring User information simultaneously inputs to user login management module;The identity information acquisition module can be known using key-press input or fingerprint Other module.
8. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps Encryption/decryption module is included, is carried out under cipher mode for realizing the data transmission between USB flash disk and SSD.
9. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps Data memory module is included, the data memory module is for storing data.
10. the safe U disc according to claim 8 for solid state hard disk authentication, which is characterized in that further include that key generates Module, the key production module is connected with USB flash disk controller, and for generating key, the key is for number in the safe U disc According to encryption and decryption.
CN201810866266.2A 2018-08-01 2018-08-01 A kind of safe U disc for solid state hard disk authentication Pending CN109190364A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810866266.2A CN109190364A (en) 2018-08-01 2018-08-01 A kind of safe U disc for solid state hard disk authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810866266.2A CN109190364A (en) 2018-08-01 2018-08-01 A kind of safe U disc for solid state hard disk authentication

Publications (1)

Publication Number Publication Date
CN109190364A true CN109190364A (en) 2019-01-11

Family

ID=64920360

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810866266.2A Pending CN109190364A (en) 2018-08-01 2018-08-01 A kind of safe U disc for solid state hard disk authentication

Country Status (1)

Country Link
CN (1) CN109190364A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115435A (en) * 2020-10-29 2020-12-22 桂林微网互联信息技术有限公司 Computer equipment and working method thereof
CN114091082A (en) * 2021-11-30 2022-02-25 成都三零嘉微电子有限公司 Solid state hard drives safety configuration management tool

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104794071A (en) * 2015-04-22 2015-07-22 王爱华 Method and system for unfreezing and adding coded lock on computer SATA hard disk based on USB flash disk
CN105354479A (en) * 2015-11-03 2016-02-24 杭州电子科技大学 USB flash disk authentication based solid state disk and data hiding method
CN107292138A (en) * 2016-04-01 2017-10-24 西门子工厂自动化工程有限公司 Method, device and the computer equipment authenticated to user

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104794071A (en) * 2015-04-22 2015-07-22 王爱华 Method and system for unfreezing and adding coded lock on computer SATA hard disk based on USB flash disk
CN105354479A (en) * 2015-11-03 2016-02-24 杭州电子科技大学 USB flash disk authentication based solid state disk and data hiding method
CN107292138A (en) * 2016-04-01 2017-10-24 西门子工厂自动化工程有限公司 Method, device and the computer equipment authenticated to user

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈锦飞: "《基于Ukey和LiveOS的硬盘加密和安全认证系统》", 《中国优秀硕士学位论文全文数据库-信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115435A (en) * 2020-10-29 2020-12-22 桂林微网互联信息技术有限公司 Computer equipment and working method thereof
CN114091082A (en) * 2021-11-30 2022-02-25 成都三零嘉微电子有限公司 Solid state hard drives safety configuration management tool

Similar Documents

Publication Publication Date Title
CN109190389A (en) A kind of solid state hard disk data guard method based on USB flash disk authentication
KR101270230B1 (en) Data security system
US7900252B2 (en) Method and apparatus for managing shared passwords on a multi-user computer
US6367017B1 (en) Apparatus and method for providing and authentication system
CN101324912B (en) Credible safety computer
US7941847B2 (en) Method and apparatus for providing a secure single sign-on to a computer system
JP4610557B2 (en) DATA MANAGEMENT METHOD, PROGRAM THEREOF, AND PROGRAM RECORDING MEDIUM
EP1953670A2 (en) System and method of storage device data encryption and data access
US20080181406A1 (en) System and Method of Storage Device Data Encryption and Data Access Via a Hardware Key
US7861015B2 (en) USB apparatus and control method therein
US9246887B1 (en) Method and apparatus for securing confidential data for a user in a computer
US20090046858A1 (en) System and Method of Data Encryption and Data Access of a Set of Storage Devices via a Hardware Key
US20070237366A1 (en) Secure biometric processing system and method of use
US20090080662A1 (en) Key Recovery in Encrypting Storage Devices
KR20080101799A (en) System and method of providing security to an external device
CN203746071U (en) Security computer based on encrypted hard disc
CN101788959A (en) Solid state hard disk secure encryption system
WO2009009052A1 (en) Memory data shredder
CN103886234A (en) Safety computer based on encrypted hard disk and data safety control method of safety computer
US20080010453A1 (en) Method and apparatus for one time password access to portable credential entry and memory storage devices
CN108256302B (en) Data security access method and device
CN110795776A (en) Safety hard disk
CN109190365A (en) A kind of solid state hard disk data protection system based on USB flash disk authentication
CN105005721A (en) Computer authorization starting control system and method based on computer starting key
CN108900296A (en) A kind of code key storage device and method based on living things feature recognition

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190111

RJ01 Rejection of invention patent application after publication