CN109753818A - A kind of movable storage device data prevention method and shielded storage device based on MTP protocol - Google Patents
A kind of movable storage device data prevention method and shielded storage device based on MTP protocol Download PDFInfo
- Publication number
- CN109753818A CN109753818A CN201811618869.7A CN201811618869A CN109753818A CN 109753818 A CN109753818 A CN 109753818A CN 201811618869 A CN201811618869 A CN 201811618869A CN 109753818 A CN109753818 A CN 109753818A
- Authority
- CN
- China
- Prior art keywords
- storage device
- movable storage
- mtp protocol
- file
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
A kind of movable storage device data prevention method based on MTP protocol, method includes the following steps: PC machine obtains the file information of movable storage device, and the return information of movable storage device is received, from the file and subdirectory information obtained in the database of movable storage device under some drive;PC management tool Reseals SetObjectPropValue order and is sent by MTP protocol to the management disk of movable storage device according to return information and the user name of user's input, user password;Movable storage device is parsed after receiving order, according to user name and password authentification access authority;According to the open visible file of corresponding access authority.The invention also includes a kind of data protection storage device based on MTP protocol by using MTP protocol in movable storage device, and modifies the acknowledgement command of movable storage device, and the PC management tool that while cooperating factory is preset.The present invention can effectively solve all kinds of behaviors of divulging a secret that current movable storage device encounters, and accomplish that data safety is protected.
Description
Technical field
The present invention relates to data protection technical field, specifically a kind of movable storage device number based on MTP protocol
According to means of defence and shielded storage device.
Background technique
The movable storage devices such as USB flash disk, hard disk are due to the features such as price is low, capacity is big, easy to carry, plug and play, largely
It applies in people's lives and work.But also because its use scope is wide, becomes criminal in recent years and carry out stealing secret
Important tool, all kinds of leakages of a state or party secret frequently occurred generate huge threat to the information security of enterprises and institutions.
The analysis found that divulging a secret mainly for movable storage device has following a few classes: the first kind is caused by being accidentally lost
Inadvertent disclosure;Second class is by virus or hacker attack;Third class is the equipment of carrying noble data to be lent other people to use
It is caused to divulge a secret.
Summary of the invention
A kind of movable storage device data prevention method based on MTP protocol is provided in the embodiment of the present invention and protection is deposited
Storage device, to solve the problems, such as that movable storage device existing in the prior art is easy to divulge a secret.
In order to solve the above-mentioned technical problem, the embodiment of the invention discloses following technical solutions:
First aspect present invention provides a kind of movable storage device data prevention method based on MTP protocol, this method
The following steps are included:
PC machine obtains the file information of movable storage device, and receives the return information of movable storage device, deposits from movement
The database of storage equipment obtains file and subdirectory information under some drive;
PC management tool is Resealed according to return information and the user name of user's input, user password
SetObjectPropValue order is simultaneously sent by MTP protocol to the management disk of movable storage device;
Movable storage device is parsed after receiving order, according to user name and password authentification access authority;
According to the open visible file of corresponding access authority.
With reference to first aspect, in a first possible implementation of that first aspect, method further includes obtaining to move in PC machine
The parameter information of movable storage device is obtained before the information of dynamic storage equipment, and creates session with movable storage device.
With reference to first aspect, in a second possible implementation of that first aspect, the return information of movable storage device
Including managing the ID of disk and the ID of storage dish.
With reference to first aspect, in first aspect in the third possible implementation, PC management tool by MTP protocol to
The management disk transmission of movable storage device specifically includes:
Username and password is inputted by PC management tool, the interior of the Data data set of file attribute order is arranged in modification
Hold, is sent to movable storage device.
With reference to first aspect, open according to corresponding access authority in the 4th kind of possible implementation of first aspect
Visible file specifically includes:
According to the access of the open specified directory of permission, refuse the access of other catalogues.
Second aspect of the present invention provides a kind of data protection storage device based on MTP protocol, and the device is in data pipe
It is preset when managing and carry out file management, including a management disk by MTP protocol under file system, including dispatching from the factory for charging appliance
PC management tool, and the visible mutation under open visit permission;With,
At least one storage dish;With,
The PC management tool includes authority management module, for include with movable storage device by MTP protocol into
Row password authentication realizes hierarchical access control;With,
Database, for storing movable storage device information and the file information.
In conjunction with second aspect, in second aspect in the first mode in the cards, the disk described in each has uniquely
Drive and StorageID.
The device of second aspect of the present invention can be realized in each implementation of first aspect and first aspect
Method, and obtain identical effect.
By above technical scheme as it can be seen that the embodiment of the present invention uses the FATFS file system of open source, there is file system
Support, movable storage device can not depend on PC machine and oneself is managed data and access control.
Meanwhile the CPU inside movable storage device utilizes free time, i.e., when outer PC is without read and write access, by looking into
FATFS file system is ask, establishes and safeguards the toy data base for being stored with movable storage device information and the file information, reach
Relevant information can be quickly returned when accessing to PC machine.
By using MTP protocol in movable storage device, and the acknowledgement command of movable storage device is modified, and cooperate out
Preset PC management tool when factory.The present invention can effectively solve all kinds of behaviors of divulging a secret that current movable storage device encounters, and do
It is protected to real data safety.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, for those of ordinary skill in the art
Speech, without creative efforts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of movable storage device data prevention method flow diagram based on MTP protocol;
Fig. 2 is a kind of data protection memory device structure schematic diagram based on MTP protocol applied by the embodiment of the present invention.
Specific embodiment
Technical solution in order to enable those skilled in the art to better understand the present invention, below in conjunction with of the invention real
The attached drawing in example is applied, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described implementation
Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common
Technical staff's every other embodiment obtained without making creative work, all should belong to protection of the present invention
Range.
In order to better understand the present invention, now MTP protocol is described in detail.
It is mostly MSC (Mass storageClass) agreement that usb protocol is concentrated that movable storage device is used at present.
And MTP (Media Transfer Protocol) agreement is then mainly used in digital camera, the communication classes product such as mobile phone.Pass through
Both agreements are studied it can be found that MTP protocol and the maximum difference of MSC agreement are their data access process and management
Mode.
Movable storage device enumerates a drive, and the form read and write with sector when using MSC agreement, at PC machine end
It gives all data to PC machine to be managed, by the file system of PC machine hoc apparatus, the contents such as directory entry, PC machine passes through again to be looked into
Catalogue is looked for go to read specific data.When MSC protocol access, movable storage device data be to PC machine it is fully visible, this is just
Virus, which is stolen secret information, opportunity.
And MTP protocol is then different in data access, the data management of movable storage device is that equipment end oneself is responsible for.
When PC machine will access some data file in movable storage device, MTP protocol need to be first passed through it is sent to visit order and set
Standby, the cpu chip in movable storage device is parsed after receiving PC machine order, and movable storage device internal searching from
The database and file system of body, then just return data to PC machine end.In MTP application, used in movable storage device
Be what file system, to the nand flash of bottom how to manage to PC machine be completely it is sightless.PC machine can only pass through
The form of order accesses movable storage device, and movable storage device is decided whether by judging that other side's access authority controls
PC machine is returned data to, this is just to solve to divulge a secret to provide a kind of effective method.
For this purpose, the present invention provides a kind of movable storage device data prevention method based on MTP protocol, as shown in Figure 1,
This method comprises:
S1, the parameter information for obtaining movable storage device, and session is created with movable storage device.Work as movable storage device
When being inserted into PC machine, PC machine can send the request of an entitled GetDeviceInfo first to obtain the information of movable storage device,
These information include the degree of the supported PTP version of equipment, are supported MTP order (Operation Supported) is propped up
The toy data base for the file system creation that the Event type held, equipment use, the toy data base is by movable storage device
CPU is recorded and is safeguarded.
PC machine can send OpenSession order to create a session, which is always maintained at movable storage device
Until being disconnected from PC machine.Hereafter all orders (in addition to GetDeviceInfo order) must during this session survival ability
It sends.Session is identified in MTP protocol by SessionID, it is one 32 unsigned ints, is selected by PC and is transmitted to
Equipment.
S2, PC machine obtain the file information of movable storage device, and receive the return information of movable storage device, from movement
Store the file and subdirectory information obtained under some drive in the database of equipment.The return information of movable storage device includes
Manage the ID of disk and the ID of storage dish.PC machine carries out file operation, it is necessary to file destination is positioned since root.Mobile storage
Equipment is shown as drive in windows system.If having multiple storage regions inside movable storage device, Windows
In can be shown as multiple drives.PC machine returns to the corresponding StorageID of some drive by GetStorageIDs order.In MTP
In agreement, StorageID is 32 unsigned ints, each StorageID represents a logical DOS drives.PC machine can
According to No. StorageID, to go to obtain the file information of storage equipment using GetStorageInfo command operation, for example, it is remaining
Memory space, file system type, access authority etc..After movable storage device termination receives GetStorageInfo order, lead to
Database is crossed to obtain relevant information and return.
S3, PC management tool are Resealed according to return information and the user name of user's input, user password
SetObjectPropValue order is simultaneously sent by MTP protocol to the management disk of movable storage device.One Object
Handle represents a file or catalogue, which is generated by movable storage device and guarantee uniqueness;When having multiple files or mesh
Corresponding multiple Object Handle will be generated when record.Have an Object Handle, PC machine can to these files or
Catalogue is operated, such as continues through the information that GetObjectHandles obtains subfile and subdirectory in some catalogue.
PC management tool sends order to the management disk of movable storage device by MTP protocol and specifically includes: defeated by PC management tool
Access customer name and password, the content of the Data data set of modification setting file attribute order, are sent to movable storage device.
S4, movable storage device are parsed after receiving order, according to user name and password authentification access authority.It is mobile
After storage equipment receives SetObjectPropValue order, by judging that Operation Code is that 0x9804 knows for PC
Machine issues permission judgement order, starts to parse Data data set at this time.If byte is 0, then it represents that user admin possesses
The access authority of whole storage regions;If byte is 1, expression user is user, only may have access to content under " user " file;
Such as password when equipment factory is " 0x01 0x02 0x03 0x04 0x05 0x06 ", if what PC management tool issued
After Data data set contents is " 0x00 0x01 0x02 0x03 0x04 0x050x06 " the then success of equipment end verifying password, put
Open whole access controls;If the Data data set contents issued are " 0x01 0x01 0x02 0x03 0x04 0x05 0x06 "
Then after the success of equipment end verifying password, only decontrols the specified directory such as access of " user " catalogue and refuse the access of other catalogues.
To achieve the purpose that equipment end to the end PC access control.
S5, it is refused according to the access of the open specified directory of permission according to the open visible file of corresponding access authority
The access of his catalogue.
As shown in Fig. 2, a kind of data protection storage device based on MTP protocol, the device is in data management file system
File management, including a management disk are carried out by MTP protocol down, preset PC manages work when including dispatching from the factory for charging appliance
Tool, and the visible mutation under open visit permission;With at least one storage dish;With the PC management tool includes permission pipe
Module is managed, for including carrying out password authentication by MTP protocol with movable storage device, realizes hierarchical access control;With data
Remembered for storing movable storage device information and the file information by the toy data base that FATFS file system creates in library
Record and maintenance.
Disk described in each has unique drive and StorageID.
The above is only a specific embodiment of the invention, is made skilled artisans appreciate that or realizing this hair
It is bright.Various modifications to these embodiments will be apparent to one skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (7)
1. a kind of movable storage device data prevention method based on MTP protocol, characterized in that method includes the following steps:
PC machine obtains the file information of movable storage device, and receives the return information of movable storage device, sets from mobile storage
The file and subdirectory information under some drive are obtained in standby database;
PC management tool is Resealed according to return information and the user name of user's input, user password
SetObjectPropValue order is simultaneously sent by MTP protocol to the management disk of movable storage device;
Movable storage device is parsed after receiving order, according to user name and password authentification access authority;
According to the open visible file of corresponding access authority.
2. a kind of movable storage device data prevention method based on MTP protocol according to claim 1, characterized in that
Method further include PC machine obtain movable storage device information before obtain movable storage device parameter information, and with movement
It stores equipment and creates session.
3. a kind of movable storage device data prevention method based on MTP protocol according to claim 1, characterized in that
The return information of movable storage device includes the ID for managing disk and the ID of storage dish.
4. a kind of movable storage device data prevention method based on MTP protocol according to claim 1, characterized in that
PC management tool is specifically included by MTP protocol to the transmission of the management disk of movable storage device:
Username and password, the content of the Data data set of modification setting file attribute order, hair are inputted by PC management tool
Give movable storage device.
5. a kind of movable storage device data prevention method based on MTP protocol according to claim 1, characterized in that
It is specifically included according to the open visible file of corresponding access authority:
According to the access of the open specified directory of permission, refuse the access of other catalogues.
6. a kind of data protection storage device based on MTP protocol, using method described in claim 1-5 any one,
It is characterized in, which carries out file management, including a management disk by MTP protocol under data management file system, including
Preset PC management tool when for charging appliance factory, and the visible mutation under open visit permission;With,
At least one storage dish;With,
The PC management tool includes authority management module, for including carrying out mouth by MTP protocol with movable storage device
Certification is enabled, realizes hierarchical access control;With,
Database, for storing movable storage device information and the file information.
7. a kind of data protection storage device based on MTP protocol according to claim 6, characterized in that each institute
The disk stated has unique drive and StorageID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811618869.7A CN109753818A (en) | 2018-12-28 | 2018-12-28 | A kind of movable storage device data prevention method and shielded storage device based on MTP protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811618869.7A CN109753818A (en) | 2018-12-28 | 2018-12-28 | A kind of movable storage device data prevention method and shielded storage device based on MTP protocol |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109753818A true CN109753818A (en) | 2019-05-14 |
Family
ID=66404123
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811618869.7A Pending CN109753818A (en) | 2018-12-28 | 2018-12-28 | A kind of movable storage device data prevention method and shielded storage device based on MTP protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109753818A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080104265A1 (en) * | 2006-10-27 | 2008-05-01 | Scott Krig | Method and System For String Preferences Extension For Media Transfer Protocol |
| CN101493867A (en) * | 2008-01-25 | 2009-07-29 | 希姆通信息技术(上海)有限公司 | Method and system for mutually transmitting shared data safely between mobile phone and computer |
| CN104766021A (en) * | 2014-01-04 | 2015-07-08 | 深圳富泰宏精密工业有限公司 | Authority control system and method |
| CN106778311A (en) * | 2016-12-29 | 2017-05-31 | 珠海市魅族科技有限公司 | Access method, device and the mobile terminal and inspection equipment of file in mobile terminal |
| CN106778321A (en) * | 2016-11-18 | 2017-05-31 | 东软集团股份有限公司 | Authority control method and device |
-
2018
- 2018-12-28 CN CN201811618869.7A patent/CN109753818A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080104265A1 (en) * | 2006-10-27 | 2008-05-01 | Scott Krig | Method and System For String Preferences Extension For Media Transfer Protocol |
| CN101493867A (en) * | 2008-01-25 | 2009-07-29 | 希姆通信息技术(上海)有限公司 | Method and system for mutually transmitting shared data safely between mobile phone and computer |
| CN104766021A (en) * | 2014-01-04 | 2015-07-08 | 深圳富泰宏精密工业有限公司 | Authority control system and method |
| CN106778321A (en) * | 2016-11-18 | 2017-05-31 | 东软集团股份有限公司 | Authority control method and device |
| CN106778311A (en) * | 2016-12-29 | 2017-05-31 | 珠海市魅族科技有限公司 | Access method, device and the mobile terminal and inspection equipment of file in mobile terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110535833B (en) | Data sharing control method based on block chain | |
| CN104662870B (en) | Data safety management system | |
| CN103310169B (en) | A kind of method protecting SD card data and protection system | |
| CN105141614B (en) | A kind of access right control method and device of movable storage device | |
| CN108259432A (en) | A kind of management method of API Calls, equipment and system | |
| CN106104563A (en) | The technology of network security is provided by the account just opened on time | |
| CN102436562B (en) | Medical image stores safely the method with transmission | |
| CN101827101A (en) | Information asset protection method based on credible isolated operating environment | |
| CN105354479A (en) | USB flash disk authentication based solid state disk and data hiding method | |
| CN103400431B (en) | A kind of intelligent concerning security matters carrier storage cabinet of two-tube dual control | |
| CN103366135A (en) | Tenant driven security system and method in a storage cloud | |
| CN104471584B (en) | Network management is carried out to protected data collection | |
| CN110324358A (en) | Video data manages authentication method, module, equipment and platform | |
| TW201909072A (en) | Method, device, and apparatus for loss reporting, removing loss report, and service management of electronic account | |
| CN107196932A (en) | Managing and control system in a kind of document sets based on virtualization | |
| CN107104958A (en) | Manage the method, private clound and public cloud equipment and storage device of private clound equipment | |
| CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
| CN111460420A (en) | Method, device and medium for using electronic seal based on block chain | |
| US20100299422A1 (en) | Client management system | |
| CN103020542B (en) | Store the technology of the secret information being used for global data center | |
| US11281773B2 (en) | Access card penetration testing | |
| CN108696540A (en) | A kind of authorizing secure system and its authorization method | |
| CN111245620B (en) | Mobile security application architecture in terminal and construction method thereof | |
| CN104200173B (en) | A kind of electronic document is trusted and method of controlling security and system | |
| CN109753818A (en) | A kind of movable storage device data prevention method and shielded storage device based on MTP protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190514 |