CN109190364A - A kind of safe U disc for solid state hard disk authentication - Google Patents
A kind of safe U disc for solid state hard disk authentication Download PDFInfo
- Publication number
- CN109190364A CN109190364A CN201810866266.2A CN201810866266A CN109190364A CN 109190364 A CN109190364 A CN 109190364A CN 201810866266 A CN201810866266 A CN 201810866266A CN 109190364 A CN109190364 A CN 109190364A
- Authority
- CN
- China
- Prior art keywords
- authentication
- usb flash
- flash disk
- ssd
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of safe U discs for solid state hard disk authentication, include at least first interface module, USB flash disk controller, the first authentication module and user login management module;Built In Operating System is in the USB flash disk controller to complete the USB flash disk authentication operations and user authentication operation with the SSD for accessing the operating system for Host Detection to starting when safe U disc access and in the operating system;After USB flash disk authentication and user authentication success, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state.Using technical solution of the present invention, only after USB flash disk authentication and user authentication pass through, unique corresponding encryption solid state hard disk can be just decrypted.
Description
Technical field
The present invention relates to data encryption, data storage, data transmission and data field of authentication, more particularly to one kind is for solid
The safe U disc of state hard disk authentication.
Background technique
With the continuous development of science and technology, the data safety of hard disc of computer is always the focal issue of social concerns,
Due to having been achieved for improving in flash memory device technical aspect, the preferred storage media of solid state hard disk conduct, its leader
Position has obtained great consolidation.In recent years, serious problem of divulging a secret is caused since the information in solid state hard disk is stolen, and
Certain special dimensions such as aerospace, financial field have very high requirement, and the former data to solid state hard disk to data safety
The problem of safety is destroyed quite is paid attention to, therefore it is of crucial importance to carry out high-intensitive encryption to solid state hard disk.
Based on BIOS realize solid state hard disk encryption method be all it is most traditional, due to that cannot support multiple numbers of users
It being encrypted respectively according to area, key and user data are all stored in together in solid state hard disk and key is also stored by storage medium, because
This, the safety of storing data is significantly reduced, and is extremely easy to be cracked.
The encryption technology of most common solid state hard disk is fingerprint identification technology.Prominent question existing for the technology is exactly
The file only stored in user's ability access hard disk, and the work of edit and storage is carried out to file.However, for this
The phenomenon that kind of only one user could access to a storage equipment, if the data for all wanting to access oneself if much users
Multiple storage equipment are needed to go to save the data of oneself and file.Therefore, the utilization rate of equipment is just significantly reduced.
In short, the encryption method of solid state hard disk currently on the market either the safety of authentication method, operability with
And efficiency be not it is very high, in order to meet above-mentioned requirements, also have in the prior art and introduce USB flash disk and carry out phase in conjunction with solid state hard disk
Operation is closed, referring to patent application document 105354479A, a kind of solid state hard disk and data-hiding method (Shen based on USB flash disk authentication
Please be number for 201510737530.9), however in the technical solution recorded of the patent document, the USB flash disk introduced, which only acts as, to be held
The medium for carrying transmission solid state hard disk secure memory block key will have more a subregion that is, when being inserted into USB flash disk in SSD module, should
Subregion is exactly the region for the encryption information for needing key to open, and the mode encryption storage mode is single and unhidden, holds very much
It is easily cracked by unauthorized person using broken hole, substantially reduces the safety of data.
Meanwhile in terms of hard disc data destruction, the prior art is mainly come using dedicated data destroying software to hard
Disk carry out it is repeatedly erasable, however, the defect of this data destroying mode is exactly the destroyed ground of data and is not thorough, especially needle
To solid state hard disk, it is difficult to accomplish purely and simply to destroy data, it is very long furthermore to consume the useless time.
Therefore, for through existing drawbacks described above, it is necessary to relevant research is carried out, to propose a kind of effective and feasible side
Case, so as to solve some defects existing in the prior art.
Summary of the invention
In view of this, the present invention provides a kind of safe U disc for solid state hard disk authentication, so that solid state hard disk be greatly improved
The security performance of middle data.
In order to overcome the shortcomings of the prior art, the present invention the following technical schemes are provided:
A kind of safe U disc for solid state hard disk authentication, the safe U disc includes at least first interface module, USB flash disk controls
Device, the first authentication module and user login management module;
The first interface module is connected with host and USB flash disk controller, is counted for realizing USB flash disk controller with outside
According to communication;
Built In Operating System is in the USB flash disk controller to be used to start and when Host Detection is accessed to safe U disc in the behaviour
Make the SSD of the operating system was completed and accessed to system USB flash disk authentication operations and user authentication operation;When USB flash disk authentication and user recognize
After demonstrate,proving successfully, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state;
First authentication module is connected with USB flash disk controller, built-in first authentication code, first authentication code with it is interior
It sets and matches with the second authentication code in corresponding SSD;The USB flash disk authentication operations are to obtain respectively in the case where running USB flash disk operating system
First authentication code and the second authentication code simultaneously judge whether the two matches;
The USB flash disk controller starts user login management module after obtaining USB flash disk authentication pass signal, and the user logs in pipe
Reason module is used to receive the user information of user's input and is matched with user information preset in it to complete user authentication behaviour
Make and returns to user authentication result information to USB flash disk controller;If user authentication result information is user authentication success, the U
Disk controller sends unlock instruction to SSD.
The safe U disc further includes first key memory module as a preferred technical solution, the first key storage
Module is nonvolatile storage, for storing the key KEY of SSD data encryption, after USB flash disk authentication and user authentication success, and USB flash disk
Controller obtains key KEY and is sent to SSD with the encryption and decryption operation for data in SSD.
The USB flash disk controller is for detecting user authentication failure number and working as user authentication as a preferred technical solution,
The frequency of failure is destroyed more than generation after preset threshold to be instructed and is sent to SSD.
Administrator and ordinary user, pipe are included at least in user login management module as a preferred technical solution,
Reason person user can be configured general user information after logging in, and ordinary user could secure log after being arranged successfully.
As a preferred technical solution, after USB flash disk authentication and user authentication, the USB flash disk controller is sent to SSD controller
Unlock instruction, SSD data encryption key KEY and authority information, the authority information is for limiting different user to the behaviour of SSD
Make permission.
The operating system in the USB flash disk controller uses linux system as a preferred technical solution, for controlling peace
The co-ordination of each module in full USB flash disk.
The safe U disc further includes identity information acquisition module, the identity information acquisition as a preferred technical solution,
Module is connected with the user login management module, for acquiring user information and inputing to user login management module;Institute
Key-press input or fingerprint identification module can be used by stating identity information acquisition module.
The safe U disc further includes encryption/decryption module as a preferred technical solution, for realizing between USB flash disk and SSD
Data transmission carries out under cipher mode.
The safe U disc further includes data memory module as a preferred technical solution, and the data memory module is used for
Storing data.
It as a preferred technical solution, further include key production module, the key production module is connected with USB flash disk controller
It connects, for generating key, the key is for data encrypting and deciphering in the safe U disc.
Compared with prior art, using technical solution provided by the invention, by uniquely match the USB flash disk that uses with
SSD forms united encryption system;Compared with the existing technology authentication, present invention operation can only be carried out under itself operating system
New operating system in USB flash disk, can further improve security performance, while increase the scalability of combining encryption system,
Complexity is low, at low cost.The linux system operation operation installed in USB flash disk is quick and convenient, and dual-identity authentication improves data storage
Safety, while for SSD data encrypting and deciphering key storage in safe U disc, so that various levels all effectively prevent
The illegal invasion of unauthorized person cracks;Further, the present invention also provides quick, thorough data destroying function, because
This, technical solution of the present invention, either in personal or enterprise market, or in spies such as military affairs, aviation, government, finance, public security
The new system in different market, the invention all has vast potential for future development.
Detailed description of the invention
Fig. 1 is flow diagram of the invention.
Fig. 2 is a kind of flow chart of preferred embodiment of the present invention.
Fig. 3 is user setting and login process specific flow chart in the present invention.
Fig. 4 is system structure diagram of the invention.
Fig. 5 is the structural block diagram of safe U disc in the present invention.
Following specific embodiment will further illustrate the present invention in conjunction with above-mentioned attached drawing.
Specific embodiment
Below with reference to attached drawing, the invention will be further described.
In order to solve the defects of prior art, referring to fig. 4 with 5, the invention discloses a kind of for solid state hard disk authentication
Safe U disc, including the safe U disc being connected with host and solid state hard disk (SSD), the safe U disc includes at least first interface
Module, USB flash disk controller, the first authentication module and user login management module, the SSD include at least second interface module, SSD
Controller, the second authentication module and data memory module, wherein first interface module is connected with host, for realizing safe U
Disk and external progress data communication;Second interface module is connected with host, for realizing SSD and external progress data communication;U
Disk controller is connected with first interface module, the first authentication module and user login management module, Built In Operating System with
Start the operating system when accessing for Host Detection to safe U disc;SSD controller and second interface module, the second authentication mould
Block is connected with data memory module, for closing the memory channel of data memory module until receiving safe U disc transmission
Unlock instruction;First authentication module is connected with USB flash disk controller, built-in first authentication code;Second authentication module and SSD are controlled
Device is connected, built-in second authentication code;First authentication code and the second authentication code unique match, in the case where running USB flash disk operating system,
It completes USB flash disk authentication operations and feeds back authentication result information to safe U disc, namely judge between the first authentication code and the second authentication code
Whether match, then USB flash disk authenticates successfully if the two match, otherwise USB flash disk failed authentication.USB flash disk controller obtains USB flash disk and authenticates successfully
After signal start user login management module, user login management module be used for receive user input user information and in it
Preset user information matches to complete user authentication and return to user authentication result information to USB flash disk controller;If user
It authenticates successfully, completes USB flash disk to SSD and send unlock instruction, after SSD unlock, host could access to the data in SSD.
In the above-mentioned technical solutions, host starts combining encryption software in the case where running USB flash disk operating system, soft in combining encryption
Under the control of part, the authentication operations of USB flash disk and SSD are completed.Further, the authentication operations of USB flash disk and SSD can USB flash disk, SSD or
It is completed in host.
Realize that the process of authentication operations is as follows in USB flash disk: USB flash disk controller obtains the second authentication code in SSD and is sent to
First authentication module, the first authentication module match the second authentication code received with pre-stored first authentication code,
If successful match, authentication successful information is sent to USB flash disk controller, otherwise sends failed authentication information.
Realize that the process of authentication operations is as follows in host: host is obtained respectively in the first authentication code and SSD in USB flash disk
Second authentication code, and the two is matched, if successful match, authentication successful information is sent to USB flash disk controller, is otherwise sent out
Send failed authentication information.
Realize that the process of authentication operations is as follows in SSD: the first authentication code that SSD controller obtains in safe U disc is concurrent
Give the second authentication module, the second authentication module carries out the first authentication code received and pre-stored second authentication code
Match, if successful match, safe U disc sends authentication successful information, otherwise sends failed authentication information.
In a preferred embodiment, SSD further includes encryption/decryption module, encryption/decryption module and SSD controller and data
Memory module is connected, and makes to be stored in the data encryption data in data memory module for data encrypting and deciphering.Into one
Step, SSD further includes the second cipher key storage block, and storage is used for the key of SSD data encrypting and deciphering in the second cipher key storage block
KEY, encryption/decryption module obtain key KEY and carry out encryption and decryption to data.
In a preferred embodiment, safe U disc further includes first key memory module, in first key memory module
Storage is used for the key KEY of SSD data encryption, and the key for SSD data encrypting and deciphering can be placed in USB flash disk, and SSD itself is not
The key is saved, after USB flash disk authentication and user authentication success, this key, USB flash disk controller after user authentication success could be obtained
Acquisition is stored in key KEY in first key memory module and is sent to SSD.Further, SSD obtains key KEY and is deposited
Storage is in the second cipher key storage block, for the encryption and decryption to reading and writing data in SSD, wherein the second cipher key storage block is volatile
In memory, therefore, after power down, the storage information in the second cipher key storage block will disappear, and not retain key KEY in SSD.Cause
This is not passing through USB flash disk authentication and user authentication since the key KEY of SSD data encryption is stored in USB flash disk matched with its
The case where, there is no key KEY in SSD, even if Brute Force memory can not also obtain the encryption data of SSD.
In a preferred embodiment, SSD further includes destroying module, destroys module for the pin according to SSD controller
It ruins control instruction and destroys data in data memory module.Destroying control instruction can be under normal use SSD state according to user
It inputs information to generate, or SSD controller is actively generated to prevent data information stolen when detecting Brute Force;It is preferred that
Ground, when user information it fails to match the number of user's input is more than preset threshold, USB flash disk is sent to SSD destroys instruction to be used for pin
Ruin the data in SSD.I.e. by way of the errors number for the username and password that customized user voluntarily inputs, realize to hard
The quick destruction of disk data and file destroys then physical destroying or logic, and set in linux system by administrator
It sets, then the mode by voluntarily being selected to destroy by user after activation system.
In a preferred embodiment, safe U disc further includes identity information acquisition module, identity information acquisition module with
User login management module is connected, for acquiring user information and inputing to user login management module to realize that user recognizes
Card.Identity information acquisition module can use but be not limited to key passwords, biological information etc.;Preferably, identity information acquisition
Module uses fingerprint identification module, for acquiring user fingerprints information.In practical applications, general management person user, which logs in, uses
Finger print identifying mode logs in, and ordinary user is logged in by the way of inputting account number cipher.It is continuous that maximum identity information can be set
Errors number is acquired, when being more than to limit number, safe U disc is immediately performed data destroying program.
In a preferred embodiment, safe U disc further includes encryption/decryption module, to realize the number between USB flash disk and SSD
It is carried out under cipher mode according to transmission.Preferably, encryption/decryption module built-in encryption algorithm, for being carried out to the data in USB flash disk
The operation of encryption and decryption can use SM2 Elliptic Curve Cryptosystem, and SM2 can generate two keys of public-key cryptography and private cipher key,
The data of required encryption or file are encrypted by public key, then are issued SSD (recipient) together with private key, are received
Side public key can be decrypted by private key, thus arrive effective information.Can with but do not limit to and state close SM4, AES
Scheduling algorithm.
In a preferred embodiment, safe U disc further includes data memory module, so that safe U disc both can be used as
The authentication USB flash disk of SSD can be used as common U disk and carry out data storage.
It in a preferred embodiment, further include key production module, key production module is connected with USB flash disk controller
Connect, for generating key, the key include for safe U disc data encryption key and in SSD data encryption it is close
Key KEY, wherein key KEY is stored in first key memory module.Key for SSD data encrypting and deciphering can be placed on USB flash disk
In, SSD itself does not save the key, after USB flash disk authentication and user authentication success, could obtain this key.
In a preferred embodiment, SSD is exactly the included solid state hard disk of computer;Computer includes CPU, master
Plate, display screen etc. the basic element of character, also mountable all kinds of required systems.
In a preferred embodiment, SSD using SAS interface, SATA interface, PCIe interface etc. connect host or
Other embedded storage equipment.
In a preferred embodiment, the safe U disc connects host or other insertions by USB interface
Formula stores equipment;It is not limited to USB2.0, USB3.0 etc..
Preferably, safe U disc is equipped with a simple linux system, for controlling the coordination work of each module of safe U disc
Make.Linux system is run in safe U disc, linux system is a system based on minimum core, and is not take up too many USB
Memory space, efficiently it is convenient.
Preferably, the system user management, be in linux system according to the different demands of different user to function into
Row is customized.
Preferably, the data memory module, i.e. storage user important data or file etc..
In a preferred embodiment, safe U disc and solid state hard disk are applied on host simultaneously, and Host Detection is to there is U
Start USB flash disk after disk insertion, sets the linux system on USB flash disk;It runs under USB flash disk linux system, combining encryption system refers to authentication
Order is sent to host from Linux, and host sends verifying instruction in SSD match with preset authentication code again.USB flash disk mirror
Information is fed back into linux system again and starts user and logged in by combining encryption system after weighing successfully.It is used under linux system
Family safety certification, SSD just opens memory channel while safe U disc just for SSD data encrypting and deciphering after user authentication success
Key is sent to SSD.
By adopting the above technical scheme, the KEY based on safe U disc as encryption solid state hard disk, in USB flash disk authentication or user authentication
In the state of all unsuccessful, all in the state of full disk encryption, any user and system platform can not all obtain the data in SSD
Data in SSD can only also obtain the encryption data of read-only status even if Brute Force, and can not obtain valid data.Only
When safe U disc authentication and user identity authentication pass through, SSD ability turn-on data memory channel obtains the key KEY in USB flash disk simultaneously
As the key of data encrypting and deciphering, operation is decrypted in the data that could be encrypted, and user just may have access to effective content.The present invention is logical
It crosses and has introduced safe U disc, graphical interfaces can be increased, it is user-friendly, while greatly improving the security performance of SSD.
Referring to Fig. 1, it is shown a kind of flow diagram of the safe U disc for solid state hard disk authentication of the present invention, including following
Step:
Step S1: Host Detection USB flash disk accesses and starts the operating system in USB flash disk;
Step S2: in the case where running USB flash disk operating system, completing the authentication operations of USB flash disk and SSD, wherein distinguishes in USB flash disk and SSD
Store one-to-one authentication code;
Step S3: user authentication is carried out after authenticating successfully;
Step S4: SSD could be had secure access to after user authentication success, otherwise the data in SSD are all in full disk encryption
State.
By adopting the above technical scheme, since authentication operations are carried out under operating system in USB flash disk, to greatly improve
The security performance of SSD;Meanwhile safety operation of multiple users to SSD is realized by introducing user authentication mode, by dual
Authentication further increases the security performance of SSD.
Wherein, in step sl, Host Detection starts USB flash disk to after there is USB flash disk insertion, has set the linux system on USB flash disk;Its
In, SSD can be built in host, can also be connected by Peripheral Interface with host;Host is PC, pad or other insertions
Formula equipment;In a preferred embodiment, further include the steps that detecting whether SSD accesses, when SSD access is not detected in host
When, prompt SSD not access.
In step s 2, combining encryption software is run under USB flash disk operating system, the authentication for completing USB flash disk and SSD is grasped
Make, wherein authentication operations can be completed in USB flash disk, SSD or host.
In a preferred embodiment, authentication operations are completed in SSD, SSD by received authentication code be stored in advance
Authentication code is matched in it, and the two exact matching then authenticates success, otherwise failed authentication.Step S2 further comprises following
Step:
Step S21: obtaining the authentication code in USB flash disk and sends it to SSD to carry out authentication operations for SSD;That is, main
Machine obtains the authentication code being stored in USB flash disk under linux, then sends authentication code in SSD.SSD receives combining encryption system
The authentication code sent;The authentication code is matched with the correct information being stored in;
Step S22: receiving the authentication result information that SSD is returned, if authentication successful execution step S3;That is, matching is true
Combining encryption system is again by correct information feedback into linux system after recognizing successfully.
In step s3, it further includes steps of
Step S31: start user login management module after obtaining authentication successful information;Information feedback after authenticating successfully
User's login is carried out to USB flash disk;Further, user logs in and its certification is realized by the user login management module in USB flash disk;
Step S32: receiving the user information of user and matches with user information pre-set in USB flash disk, if with
Then user authentication is successful for the exact matching of family information, otherwise user authentication failure;Wherein, user includes at least administrator and Pu
General family, administrator can be configured general user information after logging in, and ordinary user can be safe after being arranged successfully
Log in the system.It in a preferred embodiment, can also be the different permission of each user setting, USB flash disk is sent to SSD
User authentication successful information in further include authority information, the authority information is for limiting different user to the operating rights of SSD
Limit.Permission, which is included at least, carries out read/writable operation or read-only operation to SSD.
In a preferred embodiment, fingerprint identification module is arranged in USB flash disk, and administrator, which logs in, uses finger print identifying
Mode logs in, and ordinary user is logged in by the way of inputting account number cipher.
Step S33: user authentication successful information is sent to unlock SSD to SSD.Wherein, user authentication successful information is at least
Including SSD unlock instruction, SSD control module receives ability turn-on data memory channel after user authentication successful information, otherwise any
People can not obtain the storing data in SSD.
In a preferred embodiment, SSD is the SSD of built-in encryption module, and all data being stored in SSD are all
Encryption data.Key KEY for SSD data encryption can store in SSD, also can store in USB flash disk.
In a preferred embodiment, it is stored in USB flash disk for the key KEY of SSD data encryption, step S33 is into one
Step includes:
It is obtained after authenticating successfully and is stored in key KEY in USB flash disk and is sent to SSD, the key KEY is for data in SSD
Encryption and decryption.Key for SSD data encrypting and deciphering can be placed in USB flash disk, and SSD itself does not save the key, be authenticated in USB flash disk
After user authentication success, this key could be obtained.SSD obtain key KEY store it in volatile memory, in this way when
After secondary operation, key KEY is not retained in SSD.Therefore, because the key KEY of SSD data encryption be stored in it is matched with it
In USB flash disk, the case where not passing through USB flash disk authentication and user authentication, there is no key KEY in SSD, even if Brute Force memory
Also the encryption data of SSD can not be obtained.
In a preferred embodiment, the data transmission between USB flash disk and SSD carries out under cipher mode.
In a preferred embodiment, further include the steps that user information it fails to match number statistics, active user is defeated
The user information entered it fails to match number is more than preset threshold, and USB flash disk is sent to SSD destroys instruction for destroying the number in SSD
According to.
In a preferred embodiment, in step s3, the correct information of administrator setting ordinary user includes one
The step of whether user information has been set judged.
Referring to fig. 2, the present invention is shown for a kind of preferred flow charts in the safe U disc of solid state hard disk authentication.By opening
Linux system in dynamic safe U disc, USB flash disk authentication by under linux system authentication code be sent in SSD from USB flash disk and with deposited
Enter the unique match authentication code in SSD and interact confirmation, then the information feedback after authenticating successfully is to linux system, Linux
System judges whether administrator is provided with general user information after receiving the authentication successful information of feedback again, if being arranged
General user information is then directly entered user login operation;If being not provided with user information, user is stepped on by system manager
Record information is configured to be logged in again.Enter failure handling if logging in system by user failure;System is sent if logining successfully
Instruction unlock SSD, ordinary user can normal use.
Referring to Fig. 3, it show user setting and login process specific flow chart in the present invention.After USB flash disk authenticates successfully, it is
System has the judgement whether a user information was arranged, if the log-on message of ordinary user, i.e. user had been arranged in the system
It can directly login system and have secure access to;If user information is not set, system manager can record general user information
And be arranged, use can be logged in by being provided with rear user.The judgement of logon error number, and needle are had during login
To secondary number system of mistake can also make it is corresponding log in error handling processing, i.e., the user name voluntarily inputted by customized user with
The mode of the errors number of password realizes the quick destruction to hard disc data and file, to then physical destroying or logic pin
Mode is ruined, and is arranged in linux system by system manager and is voluntarily selected by user.
The above description of the embodiment is only used to help understand the method for the present invention and its core ideas.It should be pointed out that pair
For those skilled in the art, without departing from the principle of the present invention, the present invention can also be carried out
Some improvements and modifications, these improvements and modifications also fall within the scope of protection of the claims of the present invention.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention.
Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (10)
1. a kind of safe U disc for solid state hard disk authentication, which is characterized in that the safe U disc includes at least first interface mould
Block, USB flash disk controller, the first authentication module and user login management module;
The first interface module is connected with host and USB flash disk controller, leads to for realizing USB flash disk controller and the external data that carry out
Letter;
Built In Operating System is in the USB flash disk controller to be used to start and when Host Detection is accessed to safe U disc in the operation system
System completes the USB flash disk authentication operations and user authentication operation with the SSD for accessing the operating system;When USB flash disk authentication and user authentication at
After function, the USB flash disk controller sends unlock instruction to SSD to unlock SSD, and otherwise SSD is in overall locking state;
First authentication module is connected with USB flash disk controller, built-in first authentication code, first authentication code and it is built-in with
The second authentication code in corresponding SSD matches;The USB flash disk authentication operations are to obtain first respectively in the case where running USB flash disk operating system
Authentication code and the second authentication code simultaneously judge whether the two matches;
The USB flash disk controller starts user login management module, the user login management mould after obtaining USB flash disk authentication pass signal
Block is used to receive the user information of user's input and is matched with user information preset in it to complete user authentication operation simultaneously
User authentication result information is returned to USB flash disk controller;If user authentication result information is user authentication success, the USB flash disk control
Device processed sends unlock instruction to SSD.
2. the safe U disc according to claim 1 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps
First key memory module is included, the first key memory module is nonvolatile storage, for storing the close of SSD data encryption
Key KEY, after USB flash disk authentication and user authentication success, USB flash disk controller obtains key KEY and is sent to SSD for number in SSD
According to encryption and decryption operation.
3. the safe U disc according to claim 2 for solid state hard disk authentication, which is characterized in that the USB flash disk controller is used
It instructs and is sent in detecting user authentication failure number and generating to destroy after user authentication failure number is more than preset threshold
SSD。
4. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that user login management mould
Administrator and ordinary user are included at least in block, administrator can be configured general user information after logging in,
Ordinary user could secure log after being arranged successfully.
5. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that as USB flash disk authentication and user
After certification, the USB flash disk controller sends the key KEY and authority information of unlock instruction, SSD data encryption, institute to SSD controller
State operating right of the authority information for limiting different user to SSD.
6. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that in the USB flash disk controller
Operating system use linux system, for controlling the co-ordination of each module in safe U disc.
7. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps
Identity information acquisition module is included, the identity information acquisition module is connected with the user login management module, for acquiring
User information simultaneously inputs to user login management module;The identity information acquisition module can be known using key-press input or fingerprint
Other module.
8. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps
Encryption/decryption module is included, is carried out under cipher mode for realizing the data transmission between USB flash disk and SSD.
9. the safe U disc according to claim 3 for solid state hard disk authentication, which is characterized in that the safe U disc also wraps
Data memory module is included, the data memory module is for storing data.
10. the safe U disc according to claim 8 for solid state hard disk authentication, which is characterized in that further include that key generates
Module, the key production module is connected with USB flash disk controller, and for generating key, the key is for number in the safe U disc
According to encryption and decryption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810866266.2A CN109190364A (en) | 2018-08-01 | 2018-08-01 | A kind of safe U disc for solid state hard disk authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810866266.2A CN109190364A (en) | 2018-08-01 | 2018-08-01 | A kind of safe U disc for solid state hard disk authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109190364A true CN109190364A (en) | 2019-01-11 |
Family
ID=64920360
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810866266.2A Pending CN109190364A (en) | 2018-08-01 | 2018-08-01 | A kind of safe U disc for solid state hard disk authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109190364A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115435A (en) * | 2020-10-29 | 2020-12-22 | 桂林微网互联信息技术有限公司 | Computer equipment and working method thereof |
CN114091082A (en) * | 2021-11-30 | 2022-02-25 | 成都三零嘉微电子有限公司 | Solid state hard drives safety configuration management tool |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104794071A (en) * | 2015-04-22 | 2015-07-22 | 王爱华 | Method and system for unfreezing and adding coded lock on computer SATA hard disk based on USB flash disk |
CN105354479A (en) * | 2015-11-03 | 2016-02-24 | 杭州电子科技大学 | USB flash disk authentication based solid state disk and data hiding method |
CN107292138A (en) * | 2016-04-01 | 2017-10-24 | 西门子工厂自动化工程有限公司 | Method, device and the computer equipment authenticated to user |
-
2018
- 2018-08-01 CN CN201810866266.2A patent/CN109190364A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104794071A (en) * | 2015-04-22 | 2015-07-22 | 王爱华 | Method and system for unfreezing and adding coded lock on computer SATA hard disk based on USB flash disk |
CN105354479A (en) * | 2015-11-03 | 2016-02-24 | 杭州电子科技大学 | USB flash disk authentication based solid state disk and data hiding method |
CN107292138A (en) * | 2016-04-01 | 2017-10-24 | 西门子工厂自动化工程有限公司 | Method, device and the computer equipment authenticated to user |
Non-Patent Citations (1)
Title |
---|
陈锦飞: "《基于Ukey和LiveOS的硬盘加密和安全认证系统》", 《中国优秀硕士学位论文全文数据库-信息科技辑》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115435A (en) * | 2020-10-29 | 2020-12-22 | 桂林微网互联信息技术有限公司 | Computer equipment and working method thereof |
CN114091082A (en) * | 2021-11-30 | 2022-02-25 | 成都三零嘉微电子有限公司 | Solid state hard drives safety configuration management tool |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109190389A (en) | A kind of solid state hard disk data guard method based on USB flash disk authentication | |
KR101270230B1 (en) | Data security system | |
US7900252B2 (en) | Method and apparatus for managing shared passwords on a multi-user computer | |
US6367017B1 (en) | Apparatus and method for providing and authentication system | |
CN101324912B (en) | Credible safety computer | |
US7941847B2 (en) | Method and apparatus for providing a secure single sign-on to a computer system | |
JP4610557B2 (en) | DATA MANAGEMENT METHOD, PROGRAM THEREOF, AND PROGRAM RECORDING MEDIUM | |
US7899186B2 (en) | Key recovery in encrypting storage devices | |
EP1953670A2 (en) | System and method of storage device data encryption and data access | |
US20080181406A1 (en) | System and Method of Storage Device Data Encryption and Data Access Via a Hardware Key | |
US9246887B1 (en) | Method and apparatus for securing confidential data for a user in a computer | |
US7861015B2 (en) | USB apparatus and control method therein | |
US20090046858A1 (en) | System and Method of Data Encryption and Data Access of a Set of Storage Devices via a Hardware Key | |
US20070237366A1 (en) | Secure biometric processing system and method of use | |
KR20080101799A (en) | System and method of providing security to an external device | |
CN203746071U (en) | Security computer based on encrypted hard disc | |
CN101788959A (en) | Solid state hard disk secure encryption system | |
WO2009009052A1 (en) | Memory data shredder | |
CN103886234A (en) | Safety computer based on encrypted hard disk and data safety control method of safety computer | |
US20080010453A1 (en) | Method and apparatus for one time password access to portable credential entry and memory storage devices | |
CN108256302B (en) | Data security access method and device | |
CN110795776A (en) | Safety hard disk | |
CN109190365A (en) | A kind of solid state hard disk data protection system based on USB flash disk authentication | |
CN105005721A (en) | Computer authorization starting control system and method based on computer starting key | |
CN108900296A (en) | A kind of code key storage device and method based on living things feature recognition |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190111 |
|
RJ01 | Rejection of invention patent application after publication |