CN114676412A - USB KEY equipment verification method and device and storage medium - Google Patents
USB KEY equipment verification method and device and storage medium Download PDFInfo
- Publication number
- CN114676412A CN114676412A CN202011554177.8A CN202011554177A CN114676412A CN 114676412 A CN114676412 A CN 114676412A CN 202011554177 A CN202011554177 A CN 202011554177A CN 114676412 A CN114676412 A CN 114676412A
- Authority
- CN
- China
- Prior art keywords
- usb key
- identification information
- key equipment
- equipment
- white list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 238000012795 verification Methods 0.000 title abstract description 24
- 238000004590 computer program Methods 0.000 claims description 19
- 238000012545 processing Methods 0.000 claims description 12
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 9
- 230000009286 beneficial effect Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000036626 alertness Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a method, a device and a storage medium for verifying USB KEY equipment, wherein when the USB KEY equipment is verified, if the USB KEY equipment is detected to be inserted, identification information of the USB KEY equipment is acquired; judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list or not; and if the identification information of the USB KEY equipment belongs to a pre-stored identification information white list, loading a driving program of the USB KEY equipment. The identification information of the USB KEY equipment is compared with the pre-stored identification information white list, only the USB KEY equipment with the identification information in the white list can pass verification, the control over the USB KEY equipment is realized, meanwhile, the USB KEY equipment can be prevented from being stolen, and the safety of using the USB KEY equipment is improved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for verifying a USB KEY device, and a storage medium.
Background
In recent years, with the continuous progress and development of scientific technology, the storage and security of electronic information are more and more emphasized. The Universal Serial Bus (USB) KEY device is a hardware device with a USB interface and has a certain storage space, and the USB KEY device can store a private KEY and a digital authentication certificate of a user through a built-in single chip or an intelligent chip. And the USB KEY equipment verifies the identity of the user through a built-in cryptographic algorithm in the interaction process with the terminal equipment, so that the safety of the user information is ensured.
In order to avoid leakage of user information, in some fields, a port for inserting the USB KEY device on the terminal device is cancelled, or the terminal device is set, so that the terminal device cannot load a driver of all the inserted USB KEY devices, that is, all the USB KEY devices are prohibited from being used, thereby ensuring the security of information in the USB KEY devices and the terminal device. However, the method prevents the trusted user from interacting with the terminal device by using the USB KEY device, thereby reducing the working efficiency of the user.
Disclosure of Invention
The embodiment of the application provides a verification method and device of a USB KEY device and a storage medium, which realize the management and control of the USB KEY device and improve the safety of information in the device.
In a first aspect, an embodiment of the present application provides a method for verifying a USB KEY device, including:
and if the USB KEY equipment is detected to be inserted, acquiring the identification information of the USB KEY equipment.
And judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
And if so, loading a driver of the USB KEY equipment.
In one possible implementation, the method further includes:
A plurality of standard identification information is obtained.
Storing the plurality of standard identification information in the identification information white list.
In a possible implementation manner, the determining whether the identification information of the USB KEY device belongs to a pre-stored identification information white list includes:
and comparing the identification information of the USB KEY equipment with a plurality of standard identification information in the identification information white list.
And if the comparison is successful, determining that the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
In a possible implementation manner, after the driver of the USB KEY device is loaded, the method further includes:
and distributing read-write permission to the interface of the driving program so as to communicate with the terminal equipment through the interface.
In one possible implementation, detecting that a USB KEY device is inserted includes:
and monitoring whether a USB plugging event exists.
And if the USB plug event exists, determining whether the USB KEY equipment and the terminal equipment are in a connection state.
And if the USB KEY equipment is in a connection state with the terminal equipment, determining that the USB KEY equipment is inserted.
In one possible implementation, the method further includes:
And if the identification information of the USB KEY equipment does not belong to a pre-stored identification information white list, outputting prompt information, wherein the prompt information is used for reminding a user that the loading of the driving program of the USB KEY equipment fails.
In a second aspect, an embodiment of the present application provides an authentication apparatus for a USB KEY device, including:
the acquiring unit is used for acquiring the identification information of the USB KEY equipment when the USB KEY equipment is detected to be inserted.
And the judging unit is used for judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
And the processing unit is used for loading the driving program of the USB KEY equipment when the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
In one possible implementation, the apparatus further includes: a storage unit;
the acquiring unit is further configured to acquire a plurality of standard identification information.
The storage unit is configured to store the plurality of standard identification information in the identification information white list.
In a possible implementation manner, the determining unit is specifically configured to compare identification information of the USB KEY device with a plurality of standard identification information in the identification information white list; and if the comparison is successful, determining that the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
In a possible implementation manner, the processing unit is specifically configured to assign a read-write permission to an interface of the driver, so as to communicate with a terminal device through the interface.
In a possible implementation manner, the processing unit is further configured to:
monitoring whether a USB plug event exists; if the USB plug-pull event exists, determining whether the USB KEY equipment and the terminal equipment are in a connection state; and if the USB KEY equipment is in a connection state with the terminal equipment, determining that the USB KEY equipment is inserted.
In one possible implementation, the apparatus further includes: an output unit;
the output unit is used for outputting prompt information when the identification information of the USB KEY equipment does not belong to a pre-stored identification information white list, wherein the prompt information is used for reminding a user that the driver of the USB KEY equipment fails to be loaded.
In a third aspect, an embodiment of the present application further provides a terminal device, where the terminal device includes a memory and a processor; wherein,
the memory is used for storing computer programs.
The processor is configured to read the computer program stored in the memory, and execute the authentication method for the USB KEY device in any one of the possible implementation manners of the first aspect according to the computer program in the memory.
In a fourth aspect, an embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores computer-executable instructions, and when a processor executes the computer-executable instructions, the method for authenticating a USB KEY device in any one of the foregoing possible implementation manners of the first aspect is implemented.
In a fifth aspect, an embodiment of the present application further provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, the method for authenticating a USB KEY device in any one of the possible implementation manners of the first aspect is implemented.
Therefore, when the USB KEY equipment is verified, the identification information of the USB KEY equipment is compared with a pre-stored white list of identification information, and only the USB KEY equipment with the identification information in the white list can pass the verification to load a driver of the USB KEY equipment. The management and control of the USB KEY equipment are realized by establishing the white list, so that the loading of the application program can be carried out only on the trusted USB KEY equipment, the selection of the USB KEY equipment on the terminal equipment is realized, the problem that the USB KEY equipment is stolen because all the terminal equipment can load the driver of the USB KEY equipment can be avoided, and the safety of using the USB KEY equipment is improved.
Drawings
Fig. 1 is a schematic connection diagram of a USB KEY device and a mobile terminal according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a method for authenticating a USB KEY device according to an embodiment of the present disclosure;
fig. 3 is a schematic application scenario diagram of another authentication method for a USB KEY device according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an authentication apparatus for a USB KEY device according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an authentication apparatus for a USB KEY device according to an embodiment of the present disclosure.
Specific embodiments of the present disclosure have been shown by way of example in the drawings and will be described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. The following description refers to the accompanying drawings in which the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
In the embodiments of the present invention, "at least one" means one or more, and "a plurality" means two or more. "and/or" describes the association relationship of the associated object, indicating that there may be three relationships, for example, a and/or B, which may indicate: a exists singly, A and B exist simultaneously, and B exists singly, wherein A and B can be singular or plural. In the description of the present invention, the character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
The technical scheme provided by the embodiment of the application can be applied to the verification scene of the USB KEY equipment, for example, the technical scheme can be applied to a public security system or a financial transaction scene. When the USB KEY equipment is used for interacting with the terminal equipment, a driver of the USB KEY equipment needs to be loaded first, and the terminal equipment can interact with the USB KEY equipment after the USB KEY equipment is loaded. However, due to lack of management and control over the USB KEY device, the USB KEY device is stolen, and thus user information in the USB KEY device and the terminal device is leaked.
At present, in some fields, such as a public security system, in order to avoid leakage of internal information, a port for inserting USB KEY devices on a terminal device is cancelled, or the terminal device is set, so that the terminal device cannot load drivers of all the inserted USB KEY devices, and therefore the purpose of forbidding use of all the USB KEY devices is achieved, and the security of the information in the USB KEY devices and the terminal device is further ensured. However, this method makes it impossible for a trusted user to interact with a terminal device using a USB KEY device for data transmission.
Based on the foregoing technical problem, an embodiment of the present application provides a method for verifying a USB KEY device, where a white list of trusted USB KEY devices may be preset in a terminal device in consideration of security of the terminal device and information in the USB KEY device, so that the terminal device only loads an application program for the USB KEY device that passes through the white list authentication, and the USB KEY device can be prevented from being stolen. In addition, each USB KEY device has unique identification information, so that the identification information of the USB KEY device can be in a white list of the USB KEY device, the control of the terminal device on the USB KEY device is realized, and the safety of using the USB KEY device is improved.
The terminal device in the embodiment of the application may be a mobile terminal such as a mobile phone and a tablet computer, or a fixed terminal such as a desktop computer, as long as the terminal device includes a USB interface and verifies a USB KEY device. Next, taking a terminal device as a mobile terminal as an example for description, fig. 1 is a schematic diagram of a connection between a USB KEY device and the mobile terminal according to an embodiment of the present application. As shown in fig. 1, the USB KEY device 200 is similar to a USB disk in shape, and is provided with an interface for connection on the outside thereof, and a processor, a memory, a chip operating system, and the like are built in, and the mobile terminal 100 is connected to the interface of the USB KEY device 200 through a port thereof, and in this case, it is necessary that the port of the mobile terminal 100 and the interface of the USB KEY device are matched with each other. When the USB KEY equipment is connected, the mobile terminal can acquire the information of the USB KEY equipment so as to verify the USB KEY equipment, and a driver of the USB KEY equipment can be loaded only after the USB KEY equipment passes the verification so as to communicate with the USB KEY equipment.
Hereinafter, the authentication method of the USB KEY device provided in the present application will be described in detail by specific embodiments. It is to be understood that the following detailed description may be combined with other embodiments, and that the same or similar concepts or processes may not be repeated in some embodiments.
Fig. 2 is a flowchart illustrating a method for verifying a USB KEY device according to an embodiment of the present disclosure. The authentication method of the USB KEY device may be executed by software and/or a hardware device, for example, the hardware device may be an authentication device of the USB KEY device, and the authentication device of the USB KEY device may be a terminal device or a processing chip in the terminal device. For example, referring to fig. 2, the method for authenticating the USB KEY device may include:
s101, when the USB KEY device is detected to be inserted, the identification information of the USB KEY device is obtained.
Specifically, in the actual use process, the USB KEY device may be inserted into the terminal device provided with the port matching with the external interface through the external interface. For the terminal device, when detecting whether the USB KEY device is inserted, it may be through monitoring whether a USB plug event exists; if the USB plug event exists, determining whether the USB KEY equipment and the terminal equipment are in a connection state; and if the USB KEY equipment is in a connection state with the terminal equipment, determining that the USB KEY equipment is inserted.
The USB plugging and unplugging event comprises an event of inserting the USB KEY equipment and an event of unplugging the USB KEY equipment, and whether the USB KEY equipment is connected with the terminal equipment or not is determined only when the event of inserting the USB KEY equipment is detected. The terminal device may be a mobile terminal device such as a mobile phone, a tablet computer, a notebook computer, or the like, or may also be a fixed terminal device such as a digital television, a desktop computer, or the like, and the embodiment of the present application does not specifically limit the terminal device.
In the method, the USB KEY device is inserted only when the USB KEY device inserting event is detected and the USB KEY device and the terminal device are in a connected state, rather than the USB KEY device is inserted only when the USB KEY device inserting event is detected, so that the accuracy of the terminal device detecting the USB KEY device inserting is improved.
Further, when it is determined that the USB KEY device is inserted, that is, when it is detected that the USB KEY device is inserted, the identification information of the inserted USB KEY device may be obtained. The identification information includes a Vendor Identification (VID) and a Product Identification (PID) of the USB KEY device, and the identification information of each USB KEY device is unique. After acquiring the identification information of the inserted USB KEY device, the following S102 may be performed:
S102, judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
Illustratively, the terminal device may pre-store an identification information white list according to identification information of the plurality of USB KEY devices, specifically, by obtaining standard identification information of the plurality of USB KEY devices; a plurality of standard identification information is stored in an identification information white list.
The identification information of the USB KEY device may be stored in the terminal device in a form of a table or a document, or may be encoded and stored in the terminal device in a form of a code, and the encoded and processed identification information of the USB KEY device may be set by setting a pre-stored identification information white list under a GNU/Linux operating system kernel. The identification information of the USB KEY device may be obtained by connecting the identification information of the USB KEY device with the terminal device and querying factory information of the USB KEY device in the terminal device, or by other methods.
For example, the information stored in the white list may include, in addition to the vendor identification codes and the product identification codes of the multiple USB KEY devices, information for loading a driver of the USB KEY device, or other identity information of the USB KEY device, and the specific information in the white list is not specifically limited in this embodiment of the present application.
In this mode, based on the identification information of each USB KEY device, the standard identification information of a plurality of USB KEY devices is stored in the identification information white list in the terminal device, and because the identification information of each USB KEY device is different, it can be ensured that only trusted USB KEY devices can pass verification, and the identification information of a plurality of USB KEY devices can be included in the white list, so that management and control over the USB KEY devices can be achieved.
Illustratively, the specific method for determining whether the identification information of the USB KEY device belongs to the pre-stored identification information white list is as follows: comparing the identification information of the USB KEY equipment with a plurality of standard identification information in an identification information white list; if the comparison is successful, the identification information of the USB KEY equipment is determined to belong to a pre-stored identification information white list. For example, to ensure the security of information, only the identification information of the USB KEY device a and the USB KEY device B and other identity information are stored in the white list, and at this time, when it is detected that a USB KEY device is inserted, the identification information is obtained, and the obtained identification information is compared with the identification information in the white list. If the inserted USB KEY device is one of the USB KEY device A and the USB KEY device B, the comparison is successful, and the inserted USB KEY device can be determined to be a trusted USB KEY device.
In this manner, when the identification information of the USB KEY device is successfully compared with the standard identification information in the identification information white list, it is determined that the identification information of the USB KEY device belongs to the pre-stored identification information white list. The identification information of the USB KEY equipment stored in the white list is trusted by the user, so that the safety of the authentication process is ensured.
S103, if the identification information of the USB KEY equipment belongs to a pre-stored identification information white list, loading a driving program of the USB KEY equipment.
After the identification information of the USB KEY equipment is determined to belong to the pre-stored identification information white list, a driver of the USB KEY equipment can be loaded, and at the moment, the terminal equipment can distribute read-write permission to an interface of the driver so as to communicate with the terminal equipment through the interface. After the driver is loaded, the private KEY of the USB KEY equipment is input and the identity information of the USB KEY equipment is verified, so that whether the terminal can distribute read-write permission for the interface of the driver or not is determined, and the reliability of verification of the USB KEY equipment can be further improved. The communication between the USB KEY device and the terminal device through the interface may include storing information in the terminal device into the USB KEY device, extracting or changing information in the USB KEY device, or performing remote control through a driver of the USB KEY device.
In this way, the communication between the USB KEY device and the terminal device is realized by distributing the read-write program for the interface of the driver by the terminal device, so that the USB KEY device can communicate only after passing the verification, thereby improving the security of the communication.
For example, if the identification information of the USB KEY device does not belong to the pre-stored identification information white list, a prompt message is output, where the prompt message is used to remind the user that the driver of the USB KEY device fails to be loaded.
The terminal device may display the prompt information in a text manner on the display screen to prompt the user that the driver fails to be loaded, or the terminal device may prompt in a voice manner, or prompt in a warning manner, or the like.
In addition, the prompt message may also be output by the USB KEY device, for example, the prompt message is that an external indicator light of the USB KEY device flickers, or changes color, or the like. The embodiment of the present application does not specifically limit the specific output mode of the prompt information.
In the mode, when the driver fails to be loaded, the prompt message is output to remind the user of the loading failure of the USB KEY equipment, so that the safety of the information is ensured, the user of the terminal equipment can be reminded of the insertion of the USB KEY equipment which does not store the identification information in advance, and the alertness of the user is improved.
Therefore, according to the technical scheme provided by the embodiment of the application, when the USB KEY equipment is verified, the driver of the USB KEY equipment can be loaded only when the identification information of the inserted USB KEY equipment belongs to the standard identification information in the pre-stored standard identification information white list, so that the verification of the USB KEY equipment is completed. The standard identification information in the white list is identification information of trusted USB KEY equipment, namely only the trusted USB KEY equipment can pass verification, so that the control of the USB KEY equipment is realized, and in addition, the identification information of the USB KEY equipment is only allowed to be stored in the white list of the trusted terminal equipment, so that the problem of embezzlement of the non-trusted terminal equipment on the USB KEY equipment is avoided, and the safety of using the USB KEY equipment is improved.
In order to facilitate understanding of the authentication method for the USB KEY device provided in the embodiment of the present application, the technical solution provided in the embodiment of the present application will be described in detail below by taking, as an example, the USB KEY device communicates with a remote cloud desktop through a mobile terminal, and specifically, as shown in fig. 3, fig. 3 is an application scenario diagram of another authentication method for the USB KEY device provided in the embodiment of the present application.
As can be known from the application scenario shown in fig. 3, the USB KEY device is inserted into the mobile terminal in the manner shown in fig. 1, when the USB KEY device passes the verification of the terminal, the terminal device may load a driver of the USB KEY device, and after the private KEY of the USB KEY device is successfully verified, the terminal device accesses the scenario shown in fig. 3 of the USB KEY device, in which the terminal device communicates with the remote desktop cloud server through the USB KEY virtual channel established by the USB KEY device, and after the USB KEY virtual channel is established, the terminal device also needs to verify the privatized remote desktop protocol, and only after the privatized remote desktop protocol passes the verification, the terminal device may communicate with the remote desktop cloud server. Namely, the user interacts with the remote desktop cloud service through the terminal device by using the USB KEY device.
Fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application. In this embodiment, the terminal device includes a USB KEY device detection module, a USB KEY device white list management module, and a USB KEY device driver loading module. The USB KEY equipment detection module is used for detecting a plugging event of the USB KEY equipment and the connection state of the USB KEY equipment and the terminal equipment and acquiring identification information of the USB KEY equipment; the USB KEY equipment white list management module is used for determining the loading and unloading states of a USB KEY equipment driver according to the identification information of the USB KEY equipment and the authentication information of the standard identification information in the white list; the USB KEY device driver loading module is used for loading a driver of the USB KEY device and establishing a USB KEY virtual channel with the desktop cloud server. It can be understood that the USB KEY device only stores the identification information thereof in the white list of the trusted terminal device, and the number of the trusted terminal devices is not specifically limited in the embodiment of the present application.
In summary, according to the verification method for the USB KEY device provided in the embodiment of the present application, the white list related to the identification information of the USB KEY device is established in the terminal device, so that the terminal device can only load the driver of the USB KEY device verified by the white list, thereby completing the communication between the terminal device and the USB KEY device. The control effect of the terminal device on the USB KEY device can be realized, only part of trusted USB KEY devices are allowed to communicate with the terminal device, the driver of the untrusted USB KEY device is not loaded, otherwise, the driver of the untrusted USB KEY device is not allowed to be loaded by the untrusted terminal device, and therefore the safety of using the USB KEY device is improved.
In another embodiment, the method for verifying the USB KEY device provided by the present application may be applied to the public security field, and by controlling the USB KEY device, the identification information of the USB KEY device that needs to use the USB KEY device for performing the police service is stored in the list, so that the police officer can load the driver of the USB KEY device through the terminal device and communicate with the USB KEY device after performing the identity verification. The working efficiency of police officers is improved, and meanwhile the safety of communication information is guaranteed.
Fig. 5 is a schematic structural diagram of an authentication apparatus 50 of a USB KEY device according to an embodiment of the present disclosure, for example, please refer to fig. 5, where the authentication apparatus 50 of the USB KEY device may include:
the obtaining unit 501 is configured to obtain identification information of a USB KEY device when detecting that the USB KEY device is inserted.
A determining unit 502, configured to determine whether the identification information of the USB KEY device belongs to a pre-stored identification information white list.
The processing unit 503 is configured to load a driver of the USB KEY device when the identification information of the USB KEY device belongs to a pre-stored identification information white list.
Optionally, the apparatus further comprises: a memory unit 504.
The obtaining unit 501 is further configured to obtain a plurality of standard identification information.
A storage unit 504, configured to store a plurality of standard identification information in the identification information white list.
Optionally, the determining unit 502 is specifically configured to compare the identification information of the USB KEY device with a plurality of standard identification information in an identification information white list; and if the comparison is successful, determining that the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
Optionally, the processing unit 503 is specifically configured to assign a read-write permission to an interface of the driver, so as to communicate with the terminal device through the interface.
Optionally, the processing unit 503 is further configured to monitor whether a USB plug event exists; if the USB plug event exists, determining whether the USB KEY equipment and the terminal equipment are in a connection state; and if the USB KEY equipment is in a connection state with the terminal equipment, determining that the USB KEY equipment is inserted.
Optionally, the apparatus further comprises: and the output unit 505 is configured to output prompt information when the identification information of the USB KEY device does not belong to a pre-stored identification information white list, where the prompt information is used to remind a user that the driver of the USB KEY device fails to be loaded.
The verification apparatus for the USB KEY device provided in the embodiment of the present application may execute the technical solution of the verification method for the USB KEY device in any embodiment, and the implementation principle and the beneficial effects thereof are similar to those of the verification method for the USB KEY device, and reference may be made to the implementation principle and the beneficial effects of the verification method for the USB KEY device, which are not described herein again.
Fig. 6 is a schematic structural diagram of an authentication apparatus 60 of another USB KEY device according to an embodiment of the present application, for example, please refer to fig. 6, where the authentication apparatus 60 of the USB KEY device may include a processor 601 and a memory 602; wherein,
The memory 602 is used for storing computer programs.
The processor 601 is configured to read the computer program stored in the memory 602, and execute the technical solution of the authentication method of the USB KEY device in any of the embodiments according to the computer program in the memory 602.
Alternatively, the memory 602 may be separate or integrated with the processor 601. When the memory 602 is a device independent from the processor 601, the authentication apparatus 60 of the USB KEY device may further include: a bus for connecting the memory 602 and the processor 601.
Optionally, this embodiment further includes: a communication interface, which may be connected to the processor 601 through a bus. The processor 601 may control the communication interface to implement the functions of receiving and transmitting of the authentication means 60 of the USB KEY device described above.
The verification apparatus 60 of the USB KEY device shown in the embodiment of the present invention may execute the technical solution of the verification method of the USB KEY device in any embodiment, and its implementation principle and beneficial effects are similar to those of the verification method of the USB KEY device, and reference may be made to the implementation principle and beneficial effects of the verification method of the USB KEY device, which are not described herein again.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer execution instruction is stored in the computer-readable storage medium, and when a processor executes the computer execution instruction, the technical solution of the method for verifying the USB KEY device in any of the embodiments is implemented, and an implementation principle and beneficial effects of the method for verifying the USB KEY device are similar to those of the method for verifying the USB KEY device, which can be referred to the implementation principle and beneficial effects of the method for verifying the USB KEY device, and are not described herein again.
The embodiment of the present application further provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, the technical solution of the authentication method for the USB KEY device in any of the above embodiments is implemented, and the implementation principle and the beneficial effects of the computer program are similar to those of the authentication method for the USB KEY device, and reference may be made to the implementation principle and the beneficial effects of the authentication method for the USB KEY device, which are not described herein again.
In the several embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one type of logical functional division, and other divisions may be realized in practice, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the illustrated or discussed coupling or direct coupling or communication connection between each other may be through some interfaces, indirect coupling or communication connection between devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts shown as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment. In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit may be implemented in the form of hardware, or in the form of hardware plus a software functional unit.
The integrated module implemented in the form of a software functional module may be stored in a computer-readable storage medium. The software functional module is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a server, or a network device) or a processor (processor) to execute some steps of the methods according to the embodiments of the present invention.
It should be understood that the Processor may be a Central Processing Unit (CPU), other general purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of hardware and software modules.
The memory may comprise a high speed RAM memory, and may further comprise a non-volatile storage NVM, such as at least one magnetic disk memory, and may also be a usb disk, a removable hard disk, a read-only memory, a magnetic or optical disk, or the like.
The bus may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The buses in the figures of the present invention are not limited to only one bus or type of bus for ease of illustration.
The computer-readable storage medium may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and these modifications or substitutions do not depart from the spirit of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A method for verifying USB KEY equipment is characterized by comprising the following steps:
if the USB KEY equipment is detected to be inserted, acquiring the identification information of the USB KEY equipment;
Judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list or not;
and if so, loading a driver of the USB KEY equipment.
2. The method of claim 1, further comprising:
acquiring a plurality of standard identification information;
storing the plurality of standard identification information in the identification information white list.
3. The method of claim 2, wherein the determining whether the identification information of the USB KEY device belongs to a pre-stored identification information white list comprises:
comparing the identification information of the USB KEY equipment with a plurality of standard identification information in the identification information white list;
and if the comparison is successful, determining that the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
4. The method according to any one of claims 1 to 3, wherein after the driver of the USB KEY device is loaded, the method further comprises:
and distributing read-write permission to the interface of the driving program so as to communicate with the terminal equipment through the interface.
5. The method of any of claims 1-3, wherein detecting that a USB KEY device is inserted comprises:
Monitoring whether a USB plug event exists;
if the USB plug event exists, determining whether the USB KEY equipment and the terminal equipment are in a connection state;
and if the USB KEY equipment is in a connection state with the terminal equipment, determining that the USB KEY equipment is inserted.
6. The method according to any one of claims 1-3, further comprising:
and if the identification information of the USB KEY equipment does not belong to a pre-stored identification information white list, outputting prompt information, wherein the prompt information is used for reminding a user that the loading of the driving program of the USB KEY equipment fails.
7. An authentication apparatus for a USB KEY device, comprising:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring the identification information of the USB KEY equipment when the USB KEY equipment is detected to be inserted;
the judging unit is used for judging whether the identification information of the USB KEY equipment belongs to a pre-stored identification information white list or not;
and the processing unit is used for loading the driving program of the USB KEY equipment when the identification information of the USB KEY equipment belongs to a pre-stored identification information white list.
8. A terminal device comprising a memory and a processor; wherein,
The memory for storing a computer program;
the processor is configured to read the computer program stored in the memory, and execute the authentication method of the USB KEY device according to any one of claims 1 to 6 according to the computer program in the memory.
9. A computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the computer-readable storage medium implements the method for authenticating a USB KEY device according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, carries out a method of authenticating a USB KEY device according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011554177.8A CN114676412A (en) | 2020-12-24 | 2020-12-24 | USB KEY equipment verification method and device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011554177.8A CN114676412A (en) | 2020-12-24 | 2020-12-24 | USB KEY equipment verification method and device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114676412A true CN114676412A (en) | 2022-06-28 |
Family
ID=82069974
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011554177.8A Pending CN114676412A (en) | 2020-12-24 | 2020-12-24 | USB KEY equipment verification method and device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114676412A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104573554A (en) * | 2014-12-30 | 2015-04-29 | 北京奇虎科技有限公司 | Method for loading safety key storage hardware and browser client device |
| CN104598798A (en) * | 2013-11-01 | 2015-05-06 | 鸿富锦精密工业(深圳)有限公司 | USB Key safety protection system and method |
| CN107612901A (en) * | 2017-09-11 | 2018-01-19 | 深圳市金立通信设备有限公司 | One kind applies encryption method and terminal |
| CN109063459A (en) * | 2018-07-17 | 2018-12-21 | 北京云智信安科技有限公司 | A kind of USB device filter device and method |
-
2020
- 2020-12-24 CN CN202011554177.8A patent/CN114676412A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598798A (en) * | 2013-11-01 | 2015-05-06 | 鸿富锦精密工业(深圳)有限公司 | USB Key safety protection system and method |
| CN104573554A (en) * | 2014-12-30 | 2015-04-29 | 北京奇虎科技有限公司 | Method for loading safety key storage hardware and browser client device |
| CN107612901A (en) * | 2017-09-11 | 2018-01-19 | 深圳市金立通信设备有限公司 | One kind applies encryption method and terminal |
| CN109063459A (en) * | 2018-07-17 | 2018-12-21 | 北京云智信安科技有限公司 | A kind of USB device filter device and method |
Non-Patent Citations (1)
| Title |
|---|
| 贾凡等: "USB Key保护进程的设计与实现", 计算机工程与应用, vol. 47, no. 15, pages 72 - 74 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5007867B2 (en) | Apparatus for controlling processor execution in a secure environment | |
| US6609199B1 (en) | Method and apparatus for authenticating an open system application to a portable IC device | |
| CN101833632B (en) | System and method for execution of a secured environment initialization instruction | |
| US8255678B2 (en) | Method of booting a processing device | |
| US20190012464A1 (en) | Method and device for ensuring security of firmware of pos machine | |
| CN110875819B (en) | Password operation processing method, device and system | |
| CN104969180A (en) | User authorization and presence detection in isolation from interference from and control by host central processing unit and operating system | |
| CN102063591A (en) | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform | |
| US11190519B2 (en) | Dock administration using a token | |
| AU2018250531B2 (en) | Method for programming and terminal device | |
| US11347859B2 (en) | Systems and methods for leveraging authentication for cross operating system single sign on (SSO) capabilities | |
| CN111177674A (en) | Device verification method and device | |
| CN115130114B (en) | Gateway secure starting method and device, electronic equipment and storage medium | |
| CN114676412A (en) | USB KEY equipment verification method and device and storage medium | |
| US10659599B2 (en) | Certificate loading method and related product | |
| KR20200033560A (en) | Electronic device for providing service using secure element and operating method thereof | |
| CN115438374A (en) | Data reading method, device, equipment, system and medium in storage equipment | |
| US20180293408A1 (en) | Peripheral device security | |
| CN113966510A (en) | Trusted device and computing system | |
| CN111083124B (en) | Cloud fortress login method and device | |
| US20240015156A1 (en) | Electronic device for controlling access to device resource and operation method thereof | |
| WO2019037340A1 (en) | Data copyright protection method and storage device | |
| US10567176B2 (en) | Method for loading a computer resource into an electronic device, corresponding electronic module and computer program | |
| CN116010990A (en) | Method for managing application software authority request | |
| CN117608672A (en) | Server starting method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220628 |
|
| RJ01 | Rejection of invention patent application after publication |