CN110245479A - Electronic equipment - Google Patents

Electronic equipment Download PDF

Info

Publication number
CN110245479A
CN110245479A CN201810187341.2A CN201810187341A CN110245479A CN 110245479 A CN110245479 A CN 110245479A CN 201810187341 A CN201810187341 A CN 201810187341A CN 110245479 A CN110245479 A CN 110245479A
Authority
CN
China
Prior art keywords
electronic equipment
identification
module
code
physiological characteristic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810187341.2A
Other languages
Chinese (zh)
Inventor
曲志刚
朱虹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Oxi Technology Co Ltd
Shanghai Luoji Technology Co Ltd
Original Assignee
Shanghai Luoji Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Luoji Technology Co Ltd filed Critical Shanghai Luoji Technology Co Ltd
Priority to CN201810187341.2A priority Critical patent/CN110245479A/en
Publication of CN110245479A publication Critical patent/CN110245479A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/42Bus transfer protocol, e.g. handshake; Synchronisation
    • G06F13/4282Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

A kind of electronic equipment, comprising: realize and be detachably connected between link block, with host computer;Module is obtained, the acquisition module is connected with the link block, and the acquisition module is for obtaining sampling physiological characteristic;Unlocked state, the unlocked state are connected with the link block and the acquisition module, and the unlocked state is suitable for being unlocked identification according to the sampling physiological characteristic, unlock the host computer when the unlock identification passes through.Technical solution of the present invention is not necessarily to carry out biggish transformation to the hardware of the host computer, the function of bio-identification unlock can be realized, it can be under the premise of maintaining the host computer hardware condition, the host computer is unlocked using physiological characteristic, be conducive in storage computer, the function of computer unlock is realized using physiological characteristic.

Description

Electronic equipment
Technical field
The present invention relates to electronic equipments, in particular to a kind of electronic equipment.
Background technique
With the rapid development of information technology, the performance of computer hardware is continuously improved, social each row has greatly been pushed The IT application process of each industry, almost all of business and government department all deepening continuously carry out IT application of service transformation, The work efficiency of business and government department must be promoted using information system management and simplify the work of business and government department Personnel amount.
During information system management, data safety becomes vital factor.In enterprise, government department such as The spread scope of the confidential datas such as internal file or confidential data generally requires strict control.Therefore it is stored with confidential data Computer perhaps store equipment be often provided with locking perhaps encryption function computer unlock or store equipment decrypt it Rear can be used.
On the other hand, biological identification technology is a kind of technology that authentication and identification are carried out using human body physiological characteristics, Uniqueness, stability and the verifiability of physiological characteristic make biological identification technology have anti-counterfeiting performance good, are not easy to forge or be stolen The advantages that.Therefore the safety prior art that equipment is perhaps stored to improve computer is set in computer locking or storage Biological identification technology is introduced during standby encryption, to improve computer locking or store the safety of equipment encryption.
But due to rear development of biological identification technology, for storage computer and stores in equipment and be not integrated with energy The hardware device for enough obtaining physiological characteristic locks and is stored to active computer equipment encryption and generally requires to carry out hardware modification.
How under the premise of without hardware modification, realize that computer unlock and storage equipment add using physiological characteristic It is close, become a urgent problem to be solved.
Summary of the invention
Problems solved by the invention is to provide a kind of electronic equipment, is removably connected to host computer, without hardware Under the premise of transformation, the host computer is unlocked using physiological characteristic.
To solve the above problems, the present invention provides a kind of electronic equipment, comprising: realized between link block, with host computer It is detachably connected;Module is obtained, the acquisition module is connected with the link block, and the acquisition module is for obtaining sampling life Manage feature;Unlocked state, the unlocked state are connected with the link block and the acquisition module, and the unlocked state is suitable for In being unlocked identification according to the sampling physiological characteristic, unlocked when the unlock identification passes through described upper Machine.
Optionally, further includes: one or more Universal Serial Bus Interface, the Universal Serial Bus Interface and the company Connection module is connected, and the Universal Serial Bus Interface is suitable for connection storage equipment;Read module, the read module with it is described Universal Serial Bus Interface is connected with the acquisition module, and the read module is suitable for according to the sampling physiological characteristic to institute The storage equipment that Universal Serial Bus Interface is connected is stated to be encrypted or decrypted.
Optionally, the read module is using the sampling physiological characteristic as password to the Universal Serial Bus Interface institute The storage equipment of connection is encrypted;Alternatively, the read module is generated according to the sampling physiological characteristic reads key, and with The storage equipment that Universal Serial Bus Interface described in the reading key pair is connected is encrypted.
Optionally, code is matched in the identification that the electronic equipment has;The storage that the Universal Serial Bus Interface is connected Reading permissions list is prestored in equipment;The permissions list that reads includes the electronics for having decrypted rights to the storage equipment Code is matched in the identification of equipment;The read module may also be adapted to compare the identification pairing code and reading power of the electronic equipment List is limited, when code is matched in the identification of the electronic equipment and the reading permissions list matches, is decrypted.
Optionally, code is matched in the identification that the electronic equipment has;Operating right list is prestored in the host computer;Institute State the reading permissions list prestored in the storage equipment that Universal Serial Bus Interface is connected;The operating right list includes There is the identification of the electronic equipment of operating right to match code the host computer;The reading permissions list includes to described Storing equipment, there is the identification of the electronic equipment of decrypted rights to match code;The read module, which may also be adapted to compare the electronics, to be set Standby identification pairing code and the operating right list, and compare the identification pairing code and reading power of the electronic equipment List is limited, code is matched in the identification of the electronic equipment and the operating right list matches and the identification of the electronic equipment When pairing code and the reading permissions list match, it is decrypted.
Optionally, further includes: forwarded module, the forwarded module are connected with the link block, the net Network forwarding module is suitable for forwarding the network connection of the host computer;Networking module, the networking module and the forwarded Module is connected with the acquisition module, and the networking module is suitable for according to the sampling physiological characteristic to the forwarded mould The network connection of block forwarding is encrypted and decrypted.
Optionally, the networking module is using the sampling physiological characteristic as password to the forwarded module forwards Network connection is encrypted;Alternatively, the networking module generates connection key according to the sampling physiological characteristic, and with the company The network connection for connecing forwarded module forwards described in key pair is encrypted.
Optionally, the connection key is dynamic password.
Optionally, code is matched in the identification that the electronic equipment has;Operating right list behaviour is prestored in the host computer Make permissions list;The operating right list includes that the identification for the electronic equipment for having operating right to the host computer is matched To code;Code and the operating right list are matched in the identification that the forwarded module may also be adapted to compare the electronic equipment, When code is matched in the identification of the electronic equipment and the operating right list matches, the network of the host computer is forwarded to connect It connects.
Optionally, connection permissions list is prestored in the electronic equipment, the slave computer has identification pairing code;It is described Connection permissions list includes that the identification for forwarding network connection to have the slave computer for being connected to permission to the forwarded module is matched To code;The networking module may also be adapted to compare the identification pairing code and the connection permissions list of the slave computer, and in institute When the identification pairing code and the connection permissions list for stating slave computer match, the network of the forwarded module forwards is connected It connects and is decrypted.
Optionally, the electronic equipment has identification pairing code;Operating right list is prestored in the host computer, it is described Operating right list includes that code is matched in the identification for the electronic equipment for having operating right to the host computer;The solution mode locking Block is further adapted for comparing the identification pairing code of the electronic equipment and the operating right list, and in the identification of the electronic equipment When pairing code and the operating right list match, it is unlocked identification.
Optionally, the sampling physiological characteristic is fingerprint image.
Optionally, the acquisition module is fingerprint imaging mould group;The fingerprint imaging mould group is that mould is imaged in capacitance type fingerprint Group, optical fingerprint imaging modules or ultrasonic type fingerprint imaging mould group.
Optionally, the area of the fingerprint imaging mould group is greater than or equal to 16mm2
Compared with prior art, technical solution of the present invention has the advantage that
In technical solution of the present invention, the link block is removably connected with the host computer, the acquisition module energy Enough to obtain sampling physiological characteristic, the unlocked state can be unlocked identification using the sampling physiological characteristic, and The unlock identification unlocks the host computer when passing through;Therefore the acquisition module is dismountable by the link block It realizes and connects with the host computer, when being unlocked using the electronic equipment to the host computer, without to the host computer Hardware carry out biggish transformation, the function of bio-identification unlock can be realized, so the host computer hardware can maintained Under the premise of condition, the host computer is unlocked using physiological characteristic, is conducive to realize in storage computer using physiological characteristic The function of computer unlock.
In optinal plan of the present invention, pass through the setting of the general junctor highway interface and the read module, the electricity Sub- equipment can be encrypted using the storage equipment that the sampling physiological characteristic connects the Universal Serial Bus Interface And decryption;So encrypt and decrypt using the storage equipment that the electronic equipment connects the Universal Serial Bus Interface, It is transformed without the hardware to the host computer and the storage equipment, the host computer and the storage can maintained to set Under the premise of standby hardware condition, using feature encryption or decryption storage equipment is set up, be conducive to store equipment and meter in storage In calculation machine, encryption function is realized using physiological characteristic, is conducive to the safety for improving storage storage equipment.
In optinal plan of the present invention, by the setting of the forwarded module and the networking module, the electronics is set It is standby the network connection for the host computer that the forwarded module is forwarded to be encrypted using the sampling physiological characteristic, And whether judging slave computer access by connecting identification.So forwarded is carried out using the electronic equipment, it can Effectively improve the safety and confidentiality for forwarding network connection.
In optinal plan of the present invention, sampling physiological characteristic includes fingerprint image, and the acquisition module is fingerprint imaging mould group; So the electronic equipment can be unlocked the host computer, using fingerprint image to the Universal Serial Bus Interface institute The network connection for the host computer that the encrypted memory device of connection is encrypted and decrypted, is forwarded to the forwarded module into Row encryption.Due to the uniqueness of somatic fingerprint, and fingerprint image have the advantages that it is easy to use, so utilizing fingerprint image real The way of existing above-mentioned function can effectively ensure that host computer unlock, encrypted memory device encryption and decryption and the network The safety of the forwarded network connection of forwarding module.
Detailed description of the invention
Fig. 1 is the functional block diagram of one embodiment of electronic equipment of the present invention;
Fig. 2 is the structural schematic diagram of electronic equipment embodiment shown in Fig. 1.
Specific embodiment
It can be seen from background technology that in order to improve computer and storage equipment security, existing skill using biological identification technology Art generally requires to carry out hardware modification to computer and storage equipment.
To solve the technical problem, the present invention provides a kind of electronic equipment, sharp under the premise of without hardware modification The sampling physiological characteristic is obtained with the acquisition device, and identification is unlocked according to the sampling physiological characteristic, Unlock identification unlocks host computer when passing through, to realize bio-identification under the premise of not changing host computer hardware condition The function of unlock.
To make the above purposes, features and advantages of the invention more obvious and understandable, with reference to the accompanying drawing to the present invention Specific embodiment be described in detail.
With reference to Fig. 1 and Fig. 2, the schematic diagram of one embodiment of electronic equipment of the present invention is shown.Wherein, Fig. 1 is the electronics The functional block diagram of apparatus embodiments, Fig. 2 are the structural schematic diagrams of the electronic equipment embodiment.
The electronic equipment includes: to realize to be detachably connected between link block 110, with host computer 101;Obtain module 120, the acquisition module 120 is connected with the link block 110, and the acquisition module 120 is for obtaining sampling physiological characteristic; Unlocked state 130, the unlocked state 130 are connected with the link block 110 and the acquisition module 120, the solution mode locking Block 130 is suitable for being unlocked identification according to the sampling physiological characteristic, the unlock when the unlock identification passes through The host computer.
Therefore the acquisition module 120 is removably realized with the host computer 101 by the link block 110 and is connected Connect, when being unlocked using the electronic equipment to the host computer 101, without to the host computer 101 hardware carry out compared with The function of bio-identification unlock can be realized in big transformation, so can be in the premise for maintaining 101 hardware condition of host computer Under, the host computer 101 is unlocked using physiological characteristic, is conducive in storage computer, realizes computer using physiological characteristic The function of unlock.
The link block 110 is for realizing being detachably connected between the host computer 101, thus right when needed The host computer 101 carries out Function Extension, reduces the hsrdware requirements to the host computer 101.
In the present embodiment, the link block 110 is that universal serial bus (Universal Serial Bus, USB) connects Head, i.e. USB public affairs mouth.Specifically, the link block 110 can be USB1.0, USB2.0, miniUSB and USB Type-C Etc. USB joints type.In other embodiments of the invention, the link block 110 is also possible to other kinds such as Lightning connector The connector of class.
The acquisition module 120 is for obtaining sampling physiological characteristic.
Specifically, the sampling physiological characteristic is fingerprint image.So the acquisition module 120 is fingerprint imaging mould group. Due to the uniqueness of somatic fingerprint, and fingerprint image have the advantages that it is easy to use, so the sampling physiological characteristic is set It is set to the way of fingerprint image, can improve what sampling physiological characteristic obtained under the premise of guaranteeing host computer unlock safety Convenience, so that realizing improves safety and improve taking into account for convenience.
In the present embodiment, the fingerprint imaging mould group is optical fingerprint imaging modules.The fingerprint imaging mould group is set Be set to optical fingerprint imaging modules, the precision of obtained fingerprint image can be effectively improved, be conducive to unlock identification at The raising of power and safety.But in other embodiments of the invention, the fingerprint imaging mould group may be capacitance type fingerprint The other kinds of fingerprint imaging mould group such as imaging modules or ultrasonic type fingerprint imaging mould group.
The acquisition module 120 includes: light source;Sensing face, the light that the light source generates are formed in the sensing face Carry the sensing light of finger print information;Imaging sensor, described image sensor acquire the sensing light to obtain the fingerprint Image.
In the present embodiment, the area of the fingerprint imaging mould group is greater than or equal to 16mm2, i.e., described 120 institute of acquisition module The area for obtaining fingerprint image is greater than or equal to 16mm2.The area of obtained fingerprint image is bigger, and the fingerprint image is included Finger print information amount is bigger, and the characteristic point of obtained fingerprint texture is more.The fingerprint image area is set to be greater than or equal to 16mm2, It can effectively ensure that the finger print information amount that acquisition the obtained fingerprint image of module 120 is included, guarantee obtained fingerprint line The fineness of reason, be conducive to improve fingerprint image precision, advantageously ensure that the electronic equipment bio-identification success rate and Accuracy advantageously ensures that the success rate and safety of unlock identification.
The unlocked state 130 is suitable for being unlocked identification, and the unlock when the unlock identification passes through The host computer 101.
The unlocked state 130 is connected with the acquisition module 120, obtains the sampling from the acquisition module 120 Physiological characteristic;In the present embodiment, unlock identity library is also stored in the host computer 101, the unlock identity library includes and institute State the corresponding physiological characteristic of identity that host computer 101 has unlock permission;The unlocked state 130 is special by the sampling physiology It levies and is compared with the physiological characteristic in the unlock identity library, in the sampling physiological characteristic and the unlock identity library Judge that the unlock identification passes through when physiological characteristic matches.
When the unlock identification passes through, illustrate that identity corresponding to the sampling physiological characteristic has host computer 101 unlock permission, so the unlocked state 130 unlocks the host computer 101 when the unlock identification passes through.
In the present embodiment, the host computer 101 is computer, and the unlocked state 130 unlocks the host computer 101, with The operating system of the host computer 101 is logged in, realizes operation and control to the host computer 101.The wherein host computer 101 Operating system can be the operating systems such as windows, DOS, android, IOS or Linux.
It should be noted that the electronic equipment has identification pairing code in the present embodiment;It is prestored in the host computer Operating right list, the operating right list include the identification for the electronic equipment for having operating right to the host computer Match code;The unlocked state 130 be suitable for comparing the electronic equipment identification pairing code and the operating right list, and When the identification pairing code of the electronic equipment and the operating right list match, it is unlocked identification.
The identification pairing code is the identification code uniquely fixed with the electronic equipment, therefore passes through the electronic equipment Identification pairing code and the operating right list comparison, can the unlock permission to the electronic equipment judge, thus It realizes the double verification that the host computer 101 unlocks, is conducive to the safety for improving the unlock operation of host computer 101.
As depicted in figs. 1 and 2, in the present embodiment, the electronic equipment further include: one or more universal serial bus connect Mouth 141, the Universal Serial Bus Interface 141 is connected with the link block 110, and the Universal Serial Bus Interface 141 is suitable It is suitable for connection storage equipment 102;Read module 142, the read module 142 and the Universal Serial Bus Interface 141 and institute It states acquisition module 120 to be connected, the read module 142 is suitable for according to the sampling physiological characteristic to the universal serial bus The storage equipment 102/103 that interface 141 is connected is encrypted or is decrypted.
By the setting of the general junctor highway interface 141 and the read module 142, the electronic equipment being capable of benefit It is encrypted and decrypted with the storage equipment 102 that the sampling physiological characteristic connects the Universal Serial Bus Interface 141, It is transformed without the hardware to the host computer 101 and the storage equipment 102,101 He of host computer can maintained Under the premise of 102 hardware condition of storage equipment, using feature encryption or decryption storage equipment 102 is set up, be conducive to Storage stores in equipment 102 and computer, realizes encryption function using physiological characteristic, is conducive to improve storage storage equipment 102 Safety.
The general junctor highway interface 141, i.e. mother's USB mouth, for storing equipment, to carry out data storage.Specifically, The general junctor highway interface 141 can be the USB interfaces class such as USB1.0, USB2.0, miniUSB and USB Type-C Type.
The quantity of the general junctor highway interface 141 is multiple, so that increasing the host computer 101 realizes opening up for connection Exhibition.Specifically, as shown in Fig. 2, the quantity of the general junctor highway interface 141 is 3 in the present embodiment.
The read module 142 is used to obtain sampling physiological characteristic according to the acquisition module 120 and sets to the storage Standby 102 are encrypted.
The read module 142 generates according to the sampling physiological characteristic and reads key, and with reading key pair institute The storage equipment 102 that Universal Serial Bus Interface 141 is connected is stated to be encrypted.It is generated and is read according to the sampling physiological characteristic Key can be effectively reduced the storage equipment 102 and encrypt complexity, improves decryption efficiency, reduces decryption failure rate, improves Efficiency;And the pre-arranged code rule read between key and the sampling physiological characteristic is also a re-encryption measure, is had Conducive to the cryptographic security for further increasing the storage equipment 102.
Specifically, the read module 142 is connected with the acquisition module 120, obtained from the acquisition module 120 described Sample physiological characteristic;The read module 142, which has, reads Key generating unit 143,143 energy of reading Key generating unit It is enough to use physiological characteristic according to obtained, the reading key is generated according to coding rule is preset;The read module 142 read what Universal Serial Bus Interface 141 described in key pair was connected so that the reading Key generating unit 143 is generated Storage equipment 102 is encrypted.
In the present embodiment, the sampling physiological characteristic is fingerprint image, therefore the reading Key generating unit 143 is from institute It states acquiring unit 120 and obtains the fingerprint image, and according to the grain distribution of the fingerprint image, according to preset coding Rule generates the reading key.
The read module 142 is encrypted with the reading of storage equipment 102 described in the reading key pair, therefore through institute State after read module 142 encrypts, need before reading the data in the storage equipment 102 with the reading key or Sampling physiological characteristic corresponding with the reading key is decrypted, so after the read module 142 encryption, it is described to deposit The safety of all data has obtained effective promotion in storage equipment 102.
Since the encryption of the acquisition and storage equipment 102 of sampling physiological characteristic can be realized in the electronic equipment, nothing Need to carry out hardware modification to the storage equipment 102 and the host computer 101 can be realized to data in the storage equipment 102 Encryption, the host computer 101 can be general computer, and the storage equipment 102 can be general hard disk or USB flash disk etc. Conventional storage equipment, that is to say, that the host computer 101 and the storage equipment 102 all can be not provided with sampling life The storage for managing collection apparatus device stores equipment, so the electronic equipment can be realized the encryption to conventional memory device, Under the premise of without hardware modification, the safety of storage storage equipment is effectively improved, prevents private data from revealing.
It should be noted that the read module 142 is according to the sampling physiological characteristic to the storage in the present embodiment The reading of equipment 102 is encrypted, i.e., the described read module 142 can add all data in the storage equipment 102 It is close.But this way is only an example.In other embodiments of the invention, the read module be may be set to be for described Divided data is encrypted inside storage equipment.
It should also be noted that, the read module 142 generates the reading key, and in the present embodiment with the reading Storage equipment 102 described in key pair is taken to be encrypted.But this way is only an example, but other embodiments of the invention In, the read module can also the sampling physiological characteristic deposited as password to what the Universal Serial Bus Interface was connected Storage equipment is encrypted.Since the complexity using physiological characteristic is high, the safety of the storage equipment can be effectively improved; And directly the storage equipment is encrypted using the sampling physiological characteristic, it can be effectively reduced risk of divulging a secret, guarantee The safety of the storage device data.
The read module 142 is also used to according to the sampling physiological characteristic to 141 institute of Universal Serial Bus Interface Connection storage equipment is decrypted.
In the present embodiment, the reading for being connected to the storage of universal serial bus 141 equipment 103 is added with reading key Close, it is related with preset coding rule that the reading key and the acquisition module 120 obtain sampling physiological characteristic.
So after the storage equipment 103 is connected in the Universal Serial Bus Interface 141, the read module 142 obtain the sampling physiological characteristic from the acquisition module 120, and are based on the sampling physiological characteristic, according to preset volume Code rule, obtains and reads key, is decrypted with the reading of storage equipment 103 described in the reading key pair.
So the read module 142 further includes reading decryption unit 144, the reading decryption unit in the present embodiment 144 are connected with the acquisition module 120 to obtain the sampling physiological characteristic;The reading decryption unit 144 can also be based on The sampling physiological characteristic obtains according to preset coding rule and reads key, by reading key obtained and the storage Crypted password in equipment 103 compares, to realize the decryption of storage 103 reading data of equipment.
It should be noted that the storage equipment 103 is encrypted by password, so the reading in the present embodiment Decryption unit 144 is based on the sampling physiological characteristic and generates the reading key to be decrypted.But this way is only one Example.
In other embodiments of the invention, the storage equipment can also be encrypted with the sampling physiological characteristic.It is described When storage equipment is encrypted with the sampling physiological characteristic, the reading decryption unit is carried out according to the sampling physiological characteristic Read identification, the readings identification by when realize decryption.Specifically, being previously stored in the storage equipment Identity library is read, the identity library of reading includes having the corresponding physiology of identity for reading permission special the storage equipment Sign;The sampling physiological characteristic is compared the reading decryption unit with the physiological characteristic in the reading identity library, When physiological characteristic matches in the sampling physiological characteristic and the reading identity library, judge that the reading identification passes through.
When the reading identification passes through, illustrates that identity corresponding to the sampling physiological characteristic has and deposited to described The reading permission of data in equipment is stored up, so the reading of the storage equipment is decrypted when the reading identification passes through.
It should be noted that code is matched in the identification that the electronic equipment has in the present embodiment;The universal serial bus Reading permissions list is prestored in the storage equipment 103 that interface 141 is connected, the reading permissions list includes to the storage There is equipment the identification of the electronic equipment of decrypted rights to match code;The read module 142, which may also be adapted to compare the electronics, to be set Standby identification pairing code and the reading permissions list match code and the reading permissions list in the identification of the electronic equipment When matching, it is decrypted.
Specifically, the read module 142 further include storage recognition unit 145, the storage recognition unit 145 with it is described Universal Serial Bus Interface 141 is connected, to obtain the reading permissions list of the storage equipment 103;The storage recognition unit The identification pairing code of the electronic equipment is also prestored in 145, the storage recognition unit 145 compares the knowledge of the electronic equipment It Pei Dui not code and the reading permissions list.
In addition, the reading decryption unit 144 is connected with the storage recognition unit 145, it is single to obtain the storage identification The comparison result of member 145 is deposited when code is matched in the identification of the electronic equipment and the reading permissions list matches to described Storage equipment 103 is decrypted.
The identification pairing code is the identification code uniquely fixed with the electronic equipment, therefore passes through the electronic equipment Identification pairing code and the comparison for reading permissions list, can make the reading for storing equipment 103 and the electronic equipment It corresponds, so that the decoded control of the storage equipment 103 can be realized by controlling the electronic equipment, and then can have Effect reduces risk of divulging a secret, and is conducive to the safety for improving data in the storage equipment 103.It should be noted that the present embodiment In, the electronic equipment further include: control module (not shown), the control module are set in the host computer, are used In encryption and decryption of the control read module 142 to the storage equipment 102/103.
In addition, reduction is divulged a secret risk in order to further increase the safety of data in the storage equipment, the present invention other In embodiment, code is matched in the identification that the electronic equipment has;Operating right list is prestored in the host computer;It is described general The reading permissions list prestored in the storage equipment that serial bus interface is connected;The operating right list includes to described There is host computer the identification of the electronic equipment of operating right to match code;The reading permissions list includes setting to the storage Code is matched in the identification of the standby electronic equipment with decrypted rights;The read module may also be adapted to compare the knowledge of the electronic equipment Not Pei Dui code and the operating right list, and compare the identification pairing code of the electronic equipment and the readings permission arranges Table matches code in the identification of the electronic equipment and the operating right list matches and the identification of the electronic equipment is matched When code and the reading permissions list match, it is decrypted.
Specifically, the recognition unit is connected with the Universal Serial Bus Interface, to obtain the reading of the storage equipment Permissions list is taken, and compares the identification pairing code and the reading permissions list of the electronic equipment;In addition, the recognition unit Also it is connected by link block with the host computer, to obtain the operating right list, and compares the knowledge of the electronic equipment It Pei Dui not code and operating right list;The reading decryption unit is connected with the recognition unit, obtains the recognition unit Comparison result matches code in the identification of the electronic equipment and the reading permissions list matches, and the electronic equipment When identification pairing code and the operating right list match, the storage equipment is decrypted.
It should be noted that the operating right list that recognition unit is compared in the read module and the unlocked state The operating right list compared is same list.But in other embodiments of the invention, identification is single in the read module The operating right list that member is compared is different lists, the unlock from the operating right list that the unlocked state is compared The operating right list that module is compared includes that the identification pairing of the electronic equipment of operation can be unlocked to the host computer Yard, the operating right list that recognition unit is compared in the read module includes can be by the host computer to storage equipment Code is matched in the identification for the electronic equipment that interior file is read.
It continues to refer to figure 1, in the present embodiment, the electronic equipment further include: forwarded module 151, the network turn Hair module 151 is connected with the link block 110, and the forwarded module 151 is suitable for forwarding the net of the host computer 101 Network connection;Networking module 152, the networking module 152 are connected with the forwarded module 151 and the acquisition module 120, The networking module 152 is suitable for the network connection forwarded according to the sampling physiological characteristic to the forwarded module 151 It is encrypted;The networking module 152 may also be adapted to be attached identification according to the sampling physiological characteristic, in the company Connect identification by when allow slave computer 104 that the network connection that the forwarded module 151 forwards is added.
By the setting of the forwarded module 151 and the networking module 152, the electronic equipment can utilize institute It states sampling physiological characteristic to encrypt the network connection for the host computer 101 that the forwarded module 151 is forwarded, and leads to Cross connection identification judge slave computer 104 access whether.So forwarded is carried out using the electronic equipment, it can be effective Improve the safety and confidentiality for forwarding network connection.
In the present embodiment, the host computer 101 have function of surfing the Net, i.e., the described host computer 101 can be connected into local area network or Person internet;The forwarded module 151 realizes the connection with the host computer 101 by the link block 110, and Forward the network connection of the host computer 101, that is to say, that the slave computer being connected with the electronic equipment can pass through the net Network forwarding module 151 realizes networking.
Specifically, the forwarded module 151, which can be router, interchanger or hub etc., can make to be connected Slave computer 104 realize networking equipment.In addition, the slave computer 104 and the connection of the forwarded module 151 can be Wired connection is also possible to be wirelessly connected.
It should be noted that code is matched in the identification that the electronic equipment has in the present embodiment;In the host computer 101 Operating right list is prestored, the operating right list includes the electronic equipment for having operating right to the host computer Identification match code;Code and the behaviour are matched in the identification that the forwarded module 151 may also be adapted to compare the electronic equipment Make permissions list, when code is matched in the identification of the electronic equipment and the operating right list matches, forwards described upper The network connection of machine 101.
The identification pairing code is the identification code uniquely fixed with the electronic equipment, therefore passes through the electronic equipment The comparison of identification pairing code and the operating right list, can be realized to the accessed network forwarding equipment of the host computer 101 Control, thus be conducive to improve network safety.
Specifically, there is pairing unit (not shown), the pairing unit and institute in the forwarded module 151 It states link block 110 to be connected, the operating right list prestored in the host computer 101 is obtained by the link block 110;Institute It states pairing unit and also compares the operating right list and the described good looks identification that well pairing code;In the electronic equipment When identification pairing code and the operating right list match, the forwarded module 151 forwards the net of the host computer 101 Network connection.
What the networking module 152 was used to forward the forwarded module 151 according to the sampling physiological characteristic Network connection is encrypted and decrypted.
Specifically, the networking module 152 generates connection key according to the sampling physiological characteristic, and close with the connection The network connection that key forwards the forwarded module 151 encrypts.Added with connection key pair network connection Close way can be effectively reduced the complexity of network attached encryption, improve decryption efficiency, reduces decryption failure rate, improves Efficiency;And the coding rule between the connection key and the sampling physiological characteristic is also a re-encryption measure, is conducive to Further increase the network attached encryption safety.
Specifically, the networking module 152 is connected with the acquisition module 120, obtained from the acquisition module 120 described Sample physiological characteristic;The networking module 152 has connection Key generating unit 153,153 energy of connection Key generating unit It is enough to use physiological characteristic according to obtained, the connection key is generated according to coding rule is preset;The networking module 152 networks forwarded with forwarded module 151 described in the connection Key generating unit 153 connection key pair generated Connection.
In the present embodiment, the sampling physiological characteristic is fingerprint image, therefore the connection Key generating unit 153 is from institute It states acquiring unit 120 and obtains the fingerprint image, and according to the grain distribution of the fingerprint image, according to preset coding Rule generates the connection key.
It should be noted that the connection key is dynamic password in the present embodiment.Specifically, making the connection key For the way of dynamic password, the safety of network connection access can be effectively improved, prevents connection key from leaking.
The networking module 152 forwards connecing for network connection with forwarded module 151 described in the connection key pair Enter to be encrypted, therefore after the networking module 152 encryption, slave computer is being connected into 151 turns of the forwarded module When the network connection of hair, need to be solved with the connection key or sampling physiological characteristic corresponding with the connection key It is close, so the forwarded module 151 forwards the safety of network connection to obtain after the networking module 152 encryption Effective promotion.
By the electronic equipment can be realized sampling physiological characteristic acquisition and the forwarded module 151 forwarded The encryption of network connection, it is therefore not necessary to which carrying out hardware modification to the host computer 101 can be realized network connection forwarding and network The encryption of access,
The host computer 101 can be general computer, and the forwarded module 151 can turn for general network Send out equipment, that is to say, that the host computer 101 and the forwarded module 151 all can be not provided with sampling physiology spy The storage equipment for levying acquisition device, so the electronic equipment can be realized the encryption to general networks forwarding device, not into Under the premise of row hardware modification, the safety of the forwarded network connection of storage network forwarding equipment is effectively improved.
It should also be noted that, networking module 152 generates the connection key, and close with the connection in the present embodiment Key encrypts the access of network connection.But this way is only an example, but in other embodiments of the invention, it is described Networking module can also carry out the network connection of the forwarded module forwards using the sampling physiological characteristic as password Encryption.Since the complexity using physiological characteristic is high, the safety of network connection access can be effectively improved;And using institute State sampling physiological characteristic directly the access of network connection is encrypted, can effective risk, guarantee network connection access peace Quan Xing.
The networking module 152 is also used to forward the forwarded module 151 according to the sampling physiological characteristic The access of network connection is decrypted.
In the present embodiment, the forwarded module 151 forwards the access of network connection to be encrypted to connect key, It is related with preset coding rule that the connection key and the acquisition module 120 obtain sampling physiological characteristic.
So when slave computer 104 attempts to access the forwarded module 151 and forwards network connection, the networking mould Block 152 obtains the sampling physiological characteristic from the acquisition module 120, and is based on the sampling physiological characteristic, according to preset Coding rule obtains connection key, is decrypted with the access of connection the forwarded network connection of key pair.
So the networking module 152 further includes online decryption unit 154, the online decryption unit in the present embodiment 154 are connected with the acquisition module 120 to obtain the sampling physiological characteristic;The online decryption unit 154 can also be based on The sampling physiological characteristic obtains connection key according to preset coding rule;The online decryption unit 154 also with the net Network forwarding module 151 is connected, and connection key obtained and the forwarded module 151 are forwarded to the access of network connection Password compares, to realize the decryption of network connection access.
It should be noted that it is close that the forwarded module 151 forwards the access of network connection to pass through in the present embodiment Code is encrypted, so the online decryption unit 154 is based on the sampling physiological characteristic and generates the connection key to carry out Decryption.But this way is only an example.
In other embodiments of the invention, the access of the forwarded network connection of forwarded module can also be adopted with described Sample physiological characteristic is encrypted.When being encrypted with the sampling physiological characteristic, the online decryption unit is according to the sampling Physiological characteristic is attached identification, the connection identification by when realize decrypt.
Specifically, being previously stored with connection identity library in the electronic equipment, the connection identity library includes on described Position the be connected into network of machine has the corresponding physiological characteristic of identity of access authority;The online decryption unit gives birth to the sampling Reason feature is compared with the physiological characteristic in the connection identity library, in the sampling physiological characteristic and the connection identity library When interior physiological characteristic matches, judge that the connection identification passes through.
When the connection identification passes through, it is described upper to illustrate that identity corresponding to the sampling physiological characteristic has The access authority of the be connected into network of machine, so when the connection identification passes through, the forwarded network of forwarded module The access of connection is decrypted.
It should be noted that prestoring connection permissions list, the slave computer in the electronic equipment in the present embodiment 104 have identification pairing code;The networking module 152 may also be adapted to compare the identification pairing code of the slave computer 104 and described Permissions list is connected, and when code is matched in the identification of the slave computer 104 and the connection permissions list matches, to the net The network connection that network forwarding module 151 forwards is decrypted.
Specifically, the networking module 152 further includes on-line recogrition unit 155, the on-line recogrition unit 155 with it is described Forwarded module 151 is connected, and matches code by the identification that the forwarded module 151 obtains the slave computer 104;It is described The connection permissions list is also prestored in on-line recogrition unit 155, the on-line recogrition unit 155 compares the slave computer 104 identification pairing code and the connection permissions list.
The online decryption unit 154 is connected with the on-line recogrition unit 155, obtains the on-line recogrition unit 155 Comparison result, when the identification of the slave computer 104 matches code and the connection permissions list and matches, to the network turn The network connection that hair module 151 forwards is decrypted.
The identification pairing code is the identification code uniquely fixed with the slave computer 104, therefore passes through the slave computer 104 Identification pairing code and it is described connection permissions list comparison, can make network connection decryption before to the slave computer 104 Networking permission is judged, to control joint defence risk, is conducive to the improvement of network security.
It should be noted that the control module (not shown) being set in the host computer is described in the present embodiment Control module, can be used for controlling the network connection access that the networking module 152 forwards forwarded module 151 plus Close and decryption.
It should also be noted that, the acquisition module 120 also has a micro-control unit in the present embodiment (Microcontroller Unit, MCU), the micro-control unit is connected with described image sensor, to obtain fingerprint image; The unlocked state 130, the read module 142 and the networking module 152 are also integrated in same micro-control unit, with Simplify the internal structure of the electronic equipment.In other embodiments of the invention, the unlocked state 130, the read module 142 And the networking module 152 also can integrate in another micro-control unit.
Although present disclosure is as above, present invention is not limited to this.Anyone skilled in the art are not departing from this It in the spirit and scope of invention, can make various changes or modifications, therefore protection scope of the present invention should be with claim institute Subject to the range of restriction.

Claims (14)

1. a kind of electronic equipment characterized by comprising
It realizes and is detachably connected between link block, with host computer;
Module is obtained, the acquisition module is connected with the link block, and the acquisition module is for obtaining sampling physiological characteristic;
Unlocked state, the unlocked state are connected with the link block and the acquisition module, and the unlocked state is suitable for It is unlocked identification according to the sampling physiological characteristic, unlocks the host computer when the unlock identification passes through.
2. electronic equipment as described in claim 1, which is characterized in that further include:
One or more Universal Serial Bus Interface, the Universal Serial Bus Interface are connected with the link block, described logical It is suitable for connection storage equipment with serial bus interface;
Read module, the read module are connected with the Universal Serial Bus Interface and the acquisition module, the reading mould Block be suitable for being carried out according to the sampling physiological characteristic storage equipment that connects the Universal Serial Bus Interface encryption or Decryption.
3. electronic equipment as claimed in claim 2, which is characterized in that the read module using the sampling physiological characteristic as The storage equipment that password connects the Universal Serial Bus Interface encrypts;
Alternatively, the read module is generated according to the sampling physiological characteristic reads key, and described in the reading key pair The storage equipment that Universal Serial Bus Interface is connected is encrypted.
4. electronic equipment as claimed in claim 2, which is characterized in that code is matched in the identification that the electronic equipment has;It is described Reading permissions list is prestored in the storage equipment that Universal Serial Bus Interface is connected;The reading permissions list includes to institute Stating storage equipment has the identification pairing code of electronic equipment of decrypted rights;
The read module may also be adapted to compare the identification pairing code and the reading permissions list of the electronic equipment, described When the identification pairing code of electronic equipment and the reading permissions list match, it is decrypted.
5. electronic equipment as claimed in claim 2, which is characterized in that code is matched in the identification that the electronic equipment has;It is described Operating right list is prestored in host computer;The reading prestored in the storage equipment that the Universal Serial Bus Interface is connected Permissions list;The operating right list includes the identification pairing for the electronic equipment for having operating right to the host computer Code;It is described to read the identification pairing code that permissions list includes the electronic equipment for having decrypted rights to the storage equipment;
Code and the operating right list, and ratio are matched in the identification that the read module may also be adapted to compare the electronic equipment Code and the reading permissions list are matched to the identification of the electronic equipment, match code and described in the identification of the electronic equipment When operating right list matches and the identification of electronic equipment pairing code and the reading permissions list match, solved It is close.
6. electronic equipment as described in claim 1, which is characterized in that further include:
Forwarded module, the forwarded module are connected with the link block, and the forwarded module is suitable for turning The network connection for sending out host computer described;
Networking module, the networking module are connected with the forwarded module and the acquisition module, and the networking module is suitable It is suitable for and the network connection of the forwarded module forwards is encrypted and decrypted according to the sampling physiological characteristic.
7. electronic equipment as claimed in claim 6, which is characterized in that the networking module using the sampling physiological characteristic as Password encrypts the network connection of the forwarded module forwards;
Alternatively, the networking module generates connection key according to the sampling physiological characteristic, and described in the connection key pair The network connection of forwarded module forwards is encrypted.
8. electronic equipment as claimed in claim 7, which is characterized in that the connection key is dynamic password.
9. electronic equipment as claimed in claim 6, which is characterized in that code is matched in the identification that the electronic equipment has;It is described Operating right list operation permissions list is prestored in host computer;The operating right list includes having behaviour to the host computer Make the identification pairing code of the electronic equipment of permission;
Code and the operating right list are matched in the identification that the forwarded module may also be adapted to compare the electronic equipment, When the identification pairing code of the electronic equipment and the operating right list match, the network connection of the host computer is forwarded.
10. electronic equipment as claimed in claim 9, which is characterized in that connection permissions list is prestored in the electronic equipment, The slave computer has identification pairing code;The connection permissions list includes forwarding network connection to the forwarded module Code is matched in identification with the slave computer for being connected to permission;
The networking module may also be adapted to compare the identification pairing code and the connection permissions list of the slave computer, and described When the identification pairing code of slave computer and the connection permissions list match, the network connection to the forwarded module forwards It is decrypted.
11. electronic equipment as described in claim 1, which is characterized in that the electronic equipment has identification pairing code;On described Operating right list is prestored in the machine of position, the operating right list includes the electricity for having operating right to the host computer Code is matched in the identification of sub- equipment;
The unlocked state is further adapted for comparing the identification pairing code of the electronic equipment and the operating right list, and described When the identification pairing code of electronic equipment and the operating right list match, it is unlocked identification.
12. the electronic equipment as described in claim 1~11 any one, which is characterized in that the sampling physiological characteristic is to refer to Print image.
13. electronic equipment as claimed in claim 12, which is characterized in that the acquisition module is fingerprint imaging mould group;It is described Fingerprint imaging mould group is capacitance type fingerprint imaging modules, optical fingerprint imaging modules or ultrasonic type fingerprint imaging mould group.
14. electronic equipment as claimed in claim 13, which is characterized in that the area of the fingerprint imaging mould group is greater than or equal to 16mm2
CN201810187341.2A 2018-03-07 2018-03-07 Electronic equipment Pending CN110245479A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810187341.2A CN110245479A (en) 2018-03-07 2018-03-07 Electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810187341.2A CN110245479A (en) 2018-03-07 2018-03-07 Electronic equipment

Publications (1)

Publication Number Publication Date
CN110245479A true CN110245479A (en) 2019-09-17

Family

ID=67882058

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810187341.2A Pending CN110245479A (en) 2018-03-07 2018-03-07 Electronic equipment

Country Status (1)

Country Link
CN (1) CN110245479A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060041755A1 (en) * 2000-09-05 2006-02-23 Netlabs.Com,Inc. Multichannel device utilizing a centralized out-of-band authentication system (COBAS)
CN102385673A (en) * 2011-07-19 2012-03-21 古丽 Human body lock
CN104346585A (en) * 2013-07-23 2015-02-11 航天信息股份有限公司 Portable storage device encryption system and encryption method
CN105721499A (en) * 2016-04-07 2016-06-29 周文奇 Information security system of industrial communication security gateway
CN106127976A (en) * 2016-08-25 2016-11-16 广州御银自动柜员机科技有限公司 A kind of STM machine of separate type fingerprint recognition

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060041755A1 (en) * 2000-09-05 2006-02-23 Netlabs.Com,Inc. Multichannel device utilizing a centralized out-of-band authentication system (COBAS)
CN102385673A (en) * 2011-07-19 2012-03-21 古丽 Human body lock
CN104346585A (en) * 2013-07-23 2015-02-11 航天信息股份有限公司 Portable storage device encryption system and encryption method
CN105721499A (en) * 2016-04-07 2016-06-29 周文奇 Information security system of industrial communication security gateway
CN106127976A (en) * 2016-08-25 2016-11-16 广州御银自动柜员机科技有限公司 A kind of STM machine of separate type fingerprint recognition

Similar Documents

Publication Publication Date Title
CN102714591B (en) Proximity based biometric identification systems and methods
CN111261250B (en) Medical data sharing method and device based on block chain technology, electronic equipment and storage medium
JP5623388B2 (en) Secure data cache
CN106778325B (en) A kind of information privacy system and its operating method
KR101284481B1 (en) Authentication method and device using OTP including biometric data
US20130318361A1 (en) Encrypting and storing biometric information on a storage device
US11157647B2 (en) Access system, access device and access method for accessing health information
CN101561873B (en) Multimode authentication equipment with functions of iris recognition and USB Key
KR102120942B1 (en) Medical Block Chain System
Omotosho et al. A criticism of the current security, privacy and accountability issues in electronic health records
AU2018256929B2 (en) Systems and methods for identity atomization and usage
US20130262879A1 (en) Secure type storage device and information security system
CN106650372A (en) open method and device of administrator authority
Bhagyoday et al. Comprehensive study of E-Health security in cloud computing
CN117012324A (en) Block chain-based health data wallet management method and system
CN110245479A (en) Electronic equipment
CN110867227A (en) Medical information storage system
CN106130606B (en) A kind of IC card identifying system
CN110430207A (en) A kind of smart grid multi-point remote inter-network interaction collaboration authentication method
Chen et al. Design of a secure medical data sharing system via an authorized mechanism
CN111523141B (en) Personal privacy protection-based identity identification and verification system
US20140223195A1 (en) Encrypted Storage Device for Personal Information
CN103577741B (en) A kind of USB peripheral
CN108875398B (en) Encryption and decryption system based on certificate chain technology and application method thereof
Mhamdi et al. Blockchain technology in healthcare: A systematic review

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190917