CN111125801A - USB-based automatic switching one-way remote file transmission method and device - Google Patents

USB-based automatic switching one-way remote file transmission method and device Download PDF

Info

Publication number
CN111125801A
CN111125801A CN201911374729.4A CN201911374729A CN111125801A CN 111125801 A CN111125801 A CN 111125801A CN 201911374729 A CN201911374729 A CN 201911374729A CN 111125801 A CN111125801 A CN 111125801A
Authority
CN
China
Prior art keywords
file
host
sent
micro
usb
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911374729.4A
Other languages
Chinese (zh)
Inventor
王盈
尚超
徐翰隆
肖新光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Antiy Network Technology Co Ltd
Original Assignee
Beijing Antiy Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Antiy Network Technology Co Ltd filed Critical Beijing Antiy Network Technology Co Ltd
Priority to CN201911374729.4A priority Critical patent/CN111125801A/en
Publication of CN111125801A publication Critical patent/CN111125801A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a method and a device for automatically switching unidirectional remote file transmission based on a USB, relates to the technical field of information security, and can realize unidirectional remote secure transmission of files under the condition of no network connection. The method comprises the following steps: the micro host is used for receiving a file to be sent, controlling the switching direction of the electronic switch and controlling the on and off of a write protection switch of the USB memory; the USB memory is used for writing a file to be sent by the micro host when the electronic change-over switch is switched to the micro host side and the write-protection switch is closed; when the electronic change-over switch is switched to the target host side and the write-protection switch is turned on at the same time, sending a file to be sent to the target host; and the electronic change-over switch is used for switching the active end of the micro host between the micro host and the target host based on the control signal of the micro host.

Description

USB-based automatic switching one-way remote file transmission method and device
Technical Field
The invention relates to the technical field of information security, in particular to a USB-based automatic switching one-way remote file transmission method and device.
Background
At present, the technology of remote file transmission is basically through some communication software, which requires computer networking without exception, and performs data transmission through a public or private communication protocol. The current computer mainstream network protocols are two-way communication protocols, such as TCP and UDP. Once the network channel is established, other programs in the computer operating system can also perform two-way communication with the outside through the channel, and an external hacker can also attack behaviors such as penetration and the like in real time through the channel.
Therefore, the scheme for transmission based on network communication has the following problems:
1. the intranet computer cannot be connected with an external network or is not allowed to be connected with the external network, so that remote file transmission cannot be realized.
2. When a computer has been infected with malware, connecting to a network can result in the spread of malware.
3. When a computer is connected to a network, if a security hole exists in the system, the computer can be attacked by an external hacker.
4. When a computer contains confidential or sensitive files, the connection network can cause leakage of the confidential files.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for automatically switching unidirectional remote file transmission based on a USB, which can implement unidirectional remote secure transmission of a file in a scenario without network connection.
In a first aspect, an embodiment of the present invention provides a USB-based automatic switching unidirectional remote file transmission apparatus, including:
the micro host is used for receiving a file to be sent, controlling the switching direction of the electronic switch and controlling the on and off of a write protection switch of the USB memory;
the USB memory is used for writing a file to be sent by the micro host when the electronic change-over switch is switched to the micro host side and the write-protection switch is closed; when the electronic change-over switch is switched to the target host side and the write-protection switch is turned on at the same time, sending a file to be sent to the target host;
the electronic change-over switch is used for switching the active end of the micro host between the micro host and the target host based on the control signal of the micro host;
the two fixed ends of the electronic change-over switch are respectively connected with the micro host and a USB interface used for connecting a target host, and the movable end of the electronic change-over switch is connected with a USB memory.
Further, the micro-mainframe is further configured to: and if the received file to be sent is an encrypted file, decrypting the encrypted file.
In the embodiment of the device, the file to be sent is a file which is sent to the micro host by a user opening a server uploading function page through client software or a browser.
In a second aspect, an embodiment of the present invention provides a method for automatically switching unidirectional remote file transmission based on a USB, including:
receiving a file to be sent by using a micro host;
the micro host controls the electronic change-over switch to be switched to the micro host side, and simultaneously controls the write protection switch of the USB memory to be closed;
writing a file to be sent into a USB memory from a micro host;
the micro host controls the electronic change-over switch to be switched to the target host side and controls a write protection switch of the USB memory to be turned on;
and writing the file to be sent into the target host from the USB memory.
Further, still include: if the received file to be sent is an encrypted file, the encrypted file is decrypted by the micro host.
In the embodiment of the method, the file to be sent is a file which is sent to the micro host by a user opening a server uploading function page through client software or a browser.
In a third aspect, an embodiment of the present invention provides a USB-based automatic switching unidirectional remote file transmission system, including: an upload module, a server and any of the above described devices;
the uploading module is used for opening a server uploading function page and sending a file to be sent to a micro host of the device;
and the server is used for providing file transfer related services.
Further, the uploading module encrypts the file to be sent;
and the micro host in the device decrypts the encrypted file to be sent.
In the embodiment of the system, the uploading module is implemented in the form of client software or a browser.
The invention provides a USB-based automatic switching unidirectional remote file transmission device, which comprises a micro host, a USB memory and an electronic switch, wherein the electronic switch and a write-protection switch are controlled by the micro host, so that a file to be transmitted is transmitted from the micro host to the USB memory and finally to a target host.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic structural diagram of an embodiment of an automatic USB-based unidirectional remote file transfer apparatus according to the present invention;
FIG. 2 is a flowchart of an embodiment of a method for automatically switching one-way remote file transfer based on USB according to the present invention;
fig. 3 is a schematic structural diagram of an embodiment of an automatic USB-switching unidirectional remote file transfer system according to the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
To more clearly illustrate the embodiments of the present invention, the technical terms involved are thus explained and illustrated:
USB memory, USB memory device with hardware write protection function.
In a first aspect, an embodiment of the present invention provides a USB-based automatic switching unidirectional remote file transmission apparatus, which can implement remote unidirectional secure transmission of a file without network connection.
Fig. 1 is a schematic structural diagram of an embodiment of an automatic USB-based unidirectional remote file transfer apparatus according to the present invention, including:
the micro-host 10 is configured to receive a file to be sent, control a switching direction of the electronic switch 30, and control on and off of a write protection switch of the USB memory 20.
Preferably, the mini-mainframe 10 is further configured to: and if the received file to be sent is an encrypted file, decrypting the encrypted file.
Among them, the encrypted form includes but is not limited to: asymmetric encryption, symmetric encryption, asymmetric digital signature, hash check, or no encryption and no check, etc. Specifically, the public key can be used to encrypt the file to be sent by using the secret SM2 algorithm. The SM2 cryptographic algorithm is an elliptic curve asymmetric algorithm issued by the national cryptology administration on 12, 17 th 2010.
The USB memory 20 is used for writing a file to be sent by the micro host 10 when the electronic change-over switch 30 is switched to the micro host 10 side and the write protection switch is closed; when the electronic switch 30 is switched to the target host side and the write-protection switch is turned on at the same time, the file to be sent is sent to the target host.
Wherein, the USB memory 20 at least comprises: flash memory and master control; the master control is a USB storage master control circuit, and is used for realizing USB storage control functions, including but not limited to write protection control.
An electronic changeover switch 30 for switching its active terminal between the micro-mainframe 10 and a target mainframe based on a control signal of the micro-mainframe 10;
the two fixed ends of the electronic switch 30 are respectively connected to the micro-host 10 and the USB interface for connecting to the target host, and the movable end is connected to the USB memory 20.
In the embodiment of the device, the file to be sent is a file which is sent to the micro host by a user opening a server uploading function page through client software or a browser.
The embodiment of the device can receive the files remotely transmitted by experts, and the files are stored into the USB memory from the micro host by utilizing the cooperation of the electronic change-over switch and the write-protection switch and finally reach the target host under the condition of no network communication, so that an external hacker cannot control the target host, and sensitive data in the target host cannot be leaked.
Fig. 2 is a flowchart of an embodiment of a method for automatically switching unidirectional remote file transmission based on USB according to the present invention, including:
s201: and receiving a file to be sent by utilizing the micro host.
S202: the micro host controls the electronic change-over switch to be switched to the micro host side, and controls the write protection switch of the USB memory to be closed.
S203: and writing the file to be sent into the USB memory from the micro host.
S204: the micro host controls the electronic change-over switch to be switched to the target host side, and simultaneously controls the write protection switch of the USB memory to be turned on.
S205: and writing the file to be sent into the target host from the USB memory.
Preferably, the method further comprises the following steps: and if the received file to be sent is an encrypted file, decrypting the encrypted file.
In the embodiment of the method, the file to be sent is a file which is sent to the micro host by a user opening a server uploading function page through client software or a browser.
The embodiment of the method can receive the files remotely transmitted by experts, and the files are stored from the micro host to the USB memory by utilizing the cooperation of the electronic change-over switch and the write-protection switch, and finally reach the target host under the condition of no network communication, so that an external hacker cannot control the target host, and sensitive data in the target host cannot be leaked.
Fig. 3 is a schematic structural diagram of an embodiment of an automatic USB switching unidirectional remote file transfer system according to the present invention, including: an upload module, a server and any of the above described devices;
the uploading module is used for opening a server uploading function page and sending a file to be sent to a micro host of the device;
and the server is used for providing file transfer related services.
More specifically, since the expert is located in the intranet environment and the remote micro-host is located in another intranet environment, direct communication is not possible. At this time, a file transfer server which can be accessed by both parties is required to be in charge of transferring files. The method can be realized in two ways:
1. if the expert side adopts client software, a network tunneling mechanism (similar to VPN) can be used. The virtual communication tunnel is established between the expert end and the micro host by the aid of server transfer, the expert end and the micro host can directly carry out network communication at the moment, and the file can be directly sent at the moment.
2. Uploading through the browser requires the server to receive the complete file first, and then waits for the micro-host to actively initiate connection to download the file.
Preferably, the uploading module encrypts the file to be sent;
and the micro host in the device decrypts the encrypted file to be sent.
In the embodiment of the system, the uploading module is implemented in the form of client software or a browser. The system only needs to upload the file to be sent on the equipment of the user side (or the expert side) by means of client software or a browser, but does not need to install a driver or client software on the target host side (which can be a host in a confidential environment), and supports mainstream computer software and hardware, so that the development difficulty is reduced.
The file to be transmitted can be transmitted to the micro host in the device by the aid of the uploading module, the micro host can transmit the file to be transmitted to the target host in a one-way mode by controlling the electronic change-over switch and the write-protection switch, client software does not need to be installed on the target host side of the system, network connection is not needed, the file can be transmitted to the target host in a remote mode, and one-way safe transmission of the file is achieved comprehensively.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments.
In particular, as for the method embodiment, since it is substantially similar to the apparatus embodiment, the description is simple, and the relevant points can be referred to the partial description of the apparatus embodiment.
For convenience of description, the above devices are described separately in terms of functional division into various units/modules. Of course, the functionality of the units/modules may be implemented in one or more software and/or hardware implementations of the invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (9)

1. A one-way remote file transmission device based on USB automatic switch-over is characterized by comprising:
the micro host is used for receiving a file to be sent, controlling the switching direction of the electronic switch and controlling the on and off of a write protection switch of the USB memory;
the USB memory is used for writing a file to be sent by the micro host when the electronic change-over switch is switched to the micro host side and the write-protection switch is closed; when the electronic change-over switch is switched to the target host side and the write-protection switch is turned on at the same time, sending a file to be sent to the target host;
the electronic change-over switch is used for switching the active end of the micro host between the micro host and the target host based on the control signal of the micro host;
the two fixed ends of the electronic change-over switch are respectively connected with the micro host and a USB interface used for connecting a target host, and the movable end of the electronic change-over switch is connected with a USB memory.
2. The apparatus of claim 1, wherein the micro-host is further configured to: and if the received file to be sent is an encrypted file, decrypting the encrypted file.
3. The apparatus according to claim 1 or 2, wherein the file to be sent is a file sent to the micro host by a user through client software or a browser to open a server upload function page.
4. A USB-based automatic switching one-way remote file transmission method is characterized by comprising the following steps:
receiving a file to be sent by using a micro host;
the micro host controls the electronic change-over switch to be switched to the micro host side, and simultaneously controls the write protection switch of the USB memory to be closed;
writing a file to be sent into a USB memory from a micro host;
the micro host controls the electronic change-over switch to be switched to the target host side and controls a write protection switch of the USB memory to be turned on;
and writing the file to be sent into the target host from the USB memory.
5. The method of claim 4, further comprising: if the received file to be sent is an encrypted file, the encrypted file is decrypted by the micro host.
6. The method according to claim 4 or 5, wherein the file to be sent is a file sent to the micro host by a user through client software or a browser to open a server upload function page.
7. A USB-based automatic switching unidirectional remote file transmission system is characterized by comprising: an upload module, a server and the apparatus of any of claims 1-3;
the uploading module is used for opening a server uploading function page and sending a file to be sent to a micro host of the device;
and the server is used for providing file transfer related services.
8. The system of claim 7, wherein the upload module encrypts the file to be transmitted;
and the micro host in the device decrypts the encrypted file to be sent.
9. The system of any one of claims 7 or 8, wherein the upload module is implemented in the form of client software or a browser.
CN201911374729.4A 2019-12-27 2019-12-27 USB-based automatic switching one-way remote file transmission method and device Pending CN111125801A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911374729.4A CN111125801A (en) 2019-12-27 2019-12-27 USB-based automatic switching one-way remote file transmission method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911374729.4A CN111125801A (en) 2019-12-27 2019-12-27 USB-based automatic switching one-way remote file transmission method and device

Publications (1)

Publication Number Publication Date
CN111125801A true CN111125801A (en) 2020-05-08

Family

ID=70503857

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911374729.4A Pending CN111125801A (en) 2019-12-27 2019-12-27 USB-based automatic switching one-way remote file transmission method and device

Country Status (1)

Country Link
CN (1) CN111125801A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901418A (en) * 2020-07-28 2020-11-06 北京中科麒麟信息工程有限责任公司 External terminal protection equipment and system based on one-way file transfer protocol

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901418A (en) * 2020-07-28 2020-11-06 北京中科麒麟信息工程有限责任公司 External terminal protection equipment and system based on one-way file transfer protocol

Similar Documents

Publication Publication Date Title
US11228448B2 (en) Mutually authenticated ECDHE key exchange for a device and a network using multiple PKI key pairs
EP3633913A1 (en) Provisioning a secure connection using a pre-shared key
KR101894232B1 (en) Method and apparatus for cloud-assisted cryptography
CN107018134B (en) Power distribution terminal safety access platform and implementation method thereof
JP6878609B2 (en) Data backup methods and data backup devices, storage media and servers
CN110492990B (en) Private key management method, device and system under block chain scene
CN106464498B (en) Method for authenticating a first electronic entity by a second electronic entity and electronic entity
US20200259667A1 (en) Distributed management system for remote devices and methods thereof
US9992017B2 (en) Encrypting and storing data
US8750512B2 (en) Authenticating an ephemeral Diffie-Hellman using a trusted third party
WO2013130555A2 (en) Method of operating a computing device, computing device and computer program
EP2820793A2 (en) Method of operating a computing device, computing device and computer program
CN112910869B (en) Method, device and storage medium for encrypting and decrypting data information
CN110998527B (en) Remote Control of Computing Devices
US20160006710A1 (en) Device for secure peer-to-peer communication for voice and data
CN112860791A (en) Cross-network data synchronous control system, method and storage medium
KR101611944B1 (en) Method for selectively applying data encryption
CN111125801A (en) USB-based automatic switching one-way remote file transmission method and device
CN109960935B (en) Method, device and storage medium for determining trusted state of TPM (trusted platform Module)
CN111277605B (en) Data sharing method and device, computer equipment and storage medium
Urien Innovative DTLS/TLS security modules embedded in SIM cards for IoT trusted and secure services
CN109474667B (en) Unmanned aerial vehicle communication method based on TCP and UDP
US20070214496A1 (en) Method for secure packet identification
CN115664841A (en) Data acquisition system and method with network isolation and one-way encryption transmission functions
Urien An Innovative Four-Quarter IoT Secure Architecture Based on Secure Element

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination