New! View global litigation for patent families

CN1147793C - Data safety access method and system using semiconductor memory device - Google Patents

Data safety access method and system using semiconductor memory device

Info

Publication number
CN1147793C
CN1147793C CN 01114762 CN01114762A CN1147793C CN 1147793 C CN1147793 C CN 1147793C CN 01114762 CN01114762 CN 01114762 CN 01114762 A CN01114762 A CN 01114762A CN 1147793 C CN1147793 C CN 1147793C
Authority
CN
Grant status
Grant
Patent type
Prior art keywords
semiconductor
safety
device
access
memory
Prior art date
Application number
CN 01114762
Other languages
Chinese (zh)
Other versions
CN1317744A (en )
Inventor
邓国顺
成晓华
向锋
Original Assignee
深圳市朗科科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Abstract

一种半导体存储装置,包括用于存储数据的半导体存储设备及其固件部分、连接半导体存储设备与主机系统的通用接口和运行在主机中的软件部分,其半导体存储设备及其固件部分包括设备控制模块、半导体存储介质模块、数据存取模块和二级加密解密模块,其运行在主机中的软件部分包括一级加密解密模块、文件系统处理模块、设备驱动模块、用户认证模块、用户控制模块。 A semiconductor memory device, comprising a semiconductor memory device and a portion of the firmware for storing data, and a common interface connector running semiconductor memory device and the host system software in the host portion and the firmware portion of the semiconductor memory device comprises a control device module, a semiconductor storage medium module, a data access module and a secondary encryption and decryption module in the host operating software portion comprises a cryptographic module, a file system processing module, a device driver module, the user authentication module, the user control module. 本发明提供用户认证和数据加解密功能,使得在没有采取保密措施的主机上操作存取保密信息成为可能。 The present invention provides a user authentication and data encryption and decryption functions, such security measures taken in the absence of a host operating possible to access confidential information.

Description

使用半导体存储设备的数据安全存取方法和系统 Using a semiconductor memory device and access method of data security system

技术领域 FIELD

本发明涉及电数字数据处理,尤其涉及使用半导体存储设备的数据安全存取方法和系统。 The present invention relates to electrical digital data processing, and particularly to a semiconductor memory device using the data security access method and system.

背景技术 Background technique

当今科学技术发展的一个明证是计算机技术按摩尔定律飞速发展,在计算速度越来越快、存储容量越来越大的同时,还越来越小型化、轻便化,出现了便携式笔记本电脑和手持式数据处理系统例如国际流行的个人数字助理(PDA)。 A proof of the development of science and technology today is the rapid development of computer technology according to Moore's Law, computing faster and faster, storage capacity is growing, it is also more compact, lighter, there has been a portable laptop and handheld data processing system, such as the international popularity of personal digital assistants (PDA). 传统的磁盘存储器和磁盘驱动器因体积太大、笨重和存取速度太慢而不适用,人们开发出新的设备,例如美国专利US 6,148,354《通用串行总线个人电脑闪存盘的结构》(《ARCHITECTURE FOR AUNIVERSAL SERIAL BUS-BASED PC FLASH DISK》),该专利中公开了一种采用USB标准接口连接于主机的快闪存储盘。 Traditional disk drives and disk drives due to too big, heavy and slow access speed does not apply, the new device has been developed, for example, U.S. Patent No. US 6,148,354 "Universal Serial Bus flash drive of personal computer configuration" ( "ARCHITECTURE FOR AUNIVERSAL SERIAL BUS-BASED PC FLASH dISK "), this patent discloses a tray for a flash memory using a standard USB interface to the host. 包括快闪存储器(flash memory),可实现USB标准功能的连接器(USB connector)、电子接口(electrical interface)、逻辑接口(logical interface)、应用数据包提取器(application packet extractor)和应用命令译码器(application commandinterpreter)等,实现了将快闪存储器用于PC机的目的。 Comprises a flash memory (flash memory), a standard USB connector may be implemented functionality (USB connector), the electronic interface (electrical interface), logical interface (logical interface), application packet extractor (application packet extractor) and an application command translation decoder (application commandinterpreter), to achieve the object of the flash memory for the PC. 但是在因特网日益普及、电子商务迅速发展的今天,缺乏对用户的认证限制,缺乏对所存储的信息内容的保密处理,限制了这种快闪盘的用途。 But the growing popularity of the Internet, the rapid development of e-commerce today, the lack of restrictions on user authentication, the lack of confidential treatment of information stored content, limiting the use of this kind of flash drive. 而且该USB PC闪存盘在连接于PC机后,始终处于激活状态,能耗较大,不符合当前节能环保的世界主题。 The flash drives and USB PC when connected to a PC, always active, large energy consumption, does not meet current energy saving World theme.

发明内容 SUMMARY

本发明要解决的技术问题在于避免上述现有技术的不足之处而提出一种使用半导体存储设备的数据安全存取方法和系统,提供用户认证及数据加密与解密功能,对使用该半导体存储设备的用户加以身份认证,并对存入该半导体存储设备中的信息进行加密保护,加密信息在读出时再被解密;同时提供休眠与唤醒功能,以减少能耗;并提供写保护开关电路,对该快闪存储器中的数据提供双重保护,防止病毒侵入。 The present invention is to solve the technical problem is to avoid the above shortcomings of the prior art and the present data security access method and system using a semiconductor memory device, there is provided a user authentication and data encryption and decryption functions, using the semiconductor memory device It is user authentication, and the information stored in the semiconductor memory device be encrypted, then the encrypted information is decrypted when read; while providing dormancy and wake-up function to reduce power consumption; and to provide write protection switch circuit, provide double protection of the data flash memory, preventing viruses.

本发明要解决的技术问题可以通过采用以下技术方案来实现:设计并实施一种使用半导体存储设备的数据安全存取系统,所述半导体存储设备包括设备控制模块、半导体存储介质模块、数据存取模块;所述半导体存储设备与数据处理系统主机通过通用接口相连并通过基于通用接口的信息交换通道进行数据交换,所述数据处理系统主机包括对应于所述半导体存储设备的文件系统处理模块和设备驱动模块,尤其是数据处理系统主机端还包括: The present invention is to solve the technical problems can be achieved by the following technical solutions: design and implement a data security access system using a semiconductor memory device, the semiconductor memory device includes a device control module, a semiconductor storage medium module, data access module; said semiconductor memory device is connected to a host data processing system and a common interface for data exchange by information exchange channels based on the common interface, the data processing system comprising a host device corresponding to said semiconductor memory module and a file system processing equipment drive module, especially the host data processing system further comprises:

一级加密解密模块,将欲存入所述存储设备的数据进行加密,将从该存储设备读出的数据进行解密;用户认证模块,用于进行用户对存储设备的访问权限检验;用户控制模块,支持具有存储设备访问权限的用户选择开放/禁止用户认证机制及数据加密解密机制;所述半导体存储设备端还包括二级加密解密模块,将由所述通用接口接收到的数据进行加密,或者将从所述存储设备中读取的数据进行解密;所述二级加密解密模块可以采用与一级加密解密模块相同或不同的加密解密算法。 An encryption and decryption module, the data to be stored in the storage device is encrypted, read out from the memory device decrypts the data; a user authentication module for user access to the storage device testing; user control module support user access to a storage device selection open / disable the user authentication and data encryption and decryption mechanisms mechanism; said semiconductor memory device further comprises two end encryption and decryption modules, said common interface by encrypting the received data, or data read from the storage device for decrypting; said secondary module and a cryptographic encryption and decryption modules of the same or different encryption and decryption algorithms may be employed.

所述设备控制模块包括通用接口控制器和微处理器单元;所述微处理器单元用于控制通用接口控制器和所述半导体存储介质的工作,包括固化软件程序,由固化软件程序实现对半导体存储介质进行数据操作;所述通用接口控制器与所述半导体存储介质相连,所述微处理器单元与半导体存储介质、通用接口控制器和二级加密解密模块相连,上述连支持数据和信息的双向交流。 The general-purpose interface device control module comprises a microprocessor unit and a controller; control operation for the general purpose microprocessor unit interface controller and the semiconductor storage media, including firmware program implemented by a firmware program of the semiconductor operation data storage medium; said common interface controller connected to the semiconductor storage medium is connected to the microprocessor unit and the semiconductor storage medium, an interface controller and a secondary common encryption and decryption module, the interlocking support data and information two-way communication.

所述微处理器单元和所述通用接口控制器可以合并为一个功能单元或使用一个集成电路模块。 The universal interface unit and the microprocessor controller may be merged into one functional unit or a module integrated circuits.

所述设备控制模块中还包括休眠及唤醒电路,与所述设备控制模块相连接并受其控制,以实现空闲时使本设备进入休眠状态,有操作请求时激活进入唤醒状态的功能。 The apparatus further includes a sleep control module and a wake-up circuit, the device is connected to and controlled by the control module, so that the device enters a sleep state when idle in order to achieve activation of the entry function when awake state operation request.

所述用户认证模块可以结合现有技术的软、硬件实现,认证方法可以包括要求用户提供密码、检测用户的声纹、检测用户的视网膜血管分布图和/或检测用户的指纹。 The subscriber identity module may be combined with the prior art software, hardware, the user authentication method may include providing claim voiceprint password, the user is detected, retinal vascular detect a user's profile and / or detecting the user's fingerprint.

所述用户通过所述用户控制模块禁止/开放用户认证功能,用户认证功能免除后,用户不需进行用户认证即可访问所述半导体存储设备;用户认证功能开放后,用户必须通过用户认证方可取得对所述半导体存储设备的访问权限。 The user via the user control module prohibiting / open a user authentication function, user authentication function exemption, the user need not perform user authentication to access the semiconductor memory device; open after the user authentication, user authentication before the user must to obtain access to the semiconductor memory device.

所述通用接口不仅包括USB接口、IEEE 1394接口,还可以包括无线蓝牙接口、IrDA红外接口、HomeRF接口、IEEE 802.11a接口和/或IEEE 802.11b接口。 The universal interface only the USB interface, IEEE 1394 interface may further include a wireless Bluetooth interface, IrDA infrared interface, HomeRF interfaces, IEEE 802.11a interface and / or IEEE 802.11b interface.

所述半导体存储设备,其中使用的存储介质可以包括快闪存储器、DRAM、EEPROM、SRAM、FRAM和/或MRAM,由一块或多快芯片按各种现有寻址方式连接。 Said semiconductor memory device, wherein the storage medium may include a flash memory, DRAM, EEPROM, SRAM, FRAM and / or an MRAM, or connected by a fast chip in various conventional addressing mode.

所述半导体存储介质中设有专用信息区,用于存储设备描述信息、用户认证信息、用户认证选择信息和/或数据加密解密选择信息。 The semiconductor storage medium have special information area for storing the device description information, user authentication information, user authentication information to select and / or data encryption and decryption selection information.

所述半导体存储设备还包括写保护开关电路,利用开关对半导体存储介质提供物理保护,使其内容不被改写或擦除;所述写保护开关电路分别与微处理器单元和半导体存储介质相连接。 Said semiconductor memory device further includes a write protect switch circuit using a semiconductor switch provided for physical protection of storage media, its contents will not be rewritten or erased; the write-protect switch circuit are connected to the microprocessor unit and the semiconductor storage medium .

本发明还可以通过以下的技术方案进一步实施。 The present invention may be further illustrated by the following technical solution.

实施一种半导体存储设备中的数据安全存取方法,采用如上所述的数据安全存取系统,包括步骤:1、用户通过主机发出对半导体存储设备的数据操作命令;2、数据处理系统主机检验用户认证功能是否开放,是否需要进行用户认证;3、将用户提供的认证信息与半导体存储设备中的用户认证信息比较,根据比较结果判断用户是否具有半导体存储设备的访问权限;4、对于具有访问权限的用户,判断其操作命令类型,采用相应执行步骤:对于读数据操作命令,所述半导体存储设备中的固化软件程序根据所述读操作命令读取半导体存储介质中的数据,经所述二级加密解密模块进行二级解密,经通用接口返回给数据处理系统主机,经所述一级加密解密模块进行一级解密后,由数据处理系统主机返回给用户执行结果或状态信息;对于写数据操作命令或修改用户 Embodiment data security access method of a semiconductor memory device using the data access security system as described above, comprising the steps of: a user issues an operation command to the data through the host device of the semiconductor memory; 2, the data processing system host test user authentication function is open, the need for user authentication; 3, comparing the user authentication information is authentication information of the semiconductor memory device provided by the user, and determines whether the user has access to a semiconductor memory device according to the comparison result; 4, to have access to user privileges, the operation command type is determined using corresponding step: a command for a data read operation, the firmware program of the semiconductor memory device of the semiconductor storage medium to read data in accordance with the read command, via the two two stage encryption and decryption module decrypts the data processing system is returned to the host via the common interface, one after the decrypting an encryption and decryption module, the data processing system returns the execution result to the user or host state information; write data for or modify a user operation command 认证信息操作命令,数据处理系统主机将要写入的数据发给一级加密解密模块进行一级加密处理,经通用接口发送给半导体存储设备,所述半导体存储设备中的二级加密解密模块进行二级加密处理后,由固化软件程序将所述进行两级加密后的要写入的数据写入半导体存储介质中,返回执行结果或状态信息;对于不具有访问权限的用户,返回状态信息并禁止其数据操作请求。 Authentication information of the operation command, the data processing system of the host to be written is sent to a cryptographic module an encrypted, transmitted to the semiconductor memory device via the universal interface, the semiconductor memory device of the secondary two cryptographic module after stage encryption process, the firmware program to the data to be written after writing the two encrypted semiconductor storage medium, the execution result or status information returned; the user does not have access to, and returns state information in prohibition its data operation request.

步骤4包括,所述驱动程序把所述数据处理系统主机中,上层主机操作系统要求数据操作的标准磁盘读操作命令转换成对所述半导体存储设备的特定读写操作命令,并对转换后的读操作命令打包,发送给底层操作系统,由底层操作系统把所述特定读操作命令通过所述通用接口发送给微处理器单元,由所述固化软件程序执行读操作。 Step 4 comprises a driver to the host data processing system, the host operating system requirements upper standard disk read command data converting operation of said pair of read-write semiconductor memory device specific operation command, and after conversion read command packaged, transmitted to the underlying operating system, by the underlying operating system to read the specific command is sent to the microprocessor of the universal interface unit, the read operation is performed by a firmware program.

步骤4还包括,所述驱动程序把所述数据处理系统主机中,上层操作系统对所述半导体存储设备的标准磁盘写操作命令转换成三个不同的内部操作--读、擦除和写:执行一个内部读操作,把写位置的原有内容读出来并保存;执行一个内部擦除操作以清除写位置的数据;把需要写的新数据和原有数据结合在一起,并对结合后的数据执行一个内部写操作。 Step 4 further comprises a driver to the host data processing system, the upper layer of the operating system standard disk write operation command to the semiconductor memory device into three different internal operations - read, erase and write: perform an internal read operation, write the location of the original content read out and saved; combines the need to write new data and original data, and binding; perform an erase operation to clear the internal data writing position perform an internal data write operation.

与现有技术相比较,本发明采用独特设计,在半导体存储设备中提供用户认证和数据加解密功能,使该半导体存储设备可以存入重要的保密信息,并通过用户认证及数据加密解密模块对使用该半导体存储设备的用户加以身份认证,方便用户操作和携带保密数据,使得在没有采取保密措施的主机上操作存取保密信息成为可能。 Compared with the prior art, the present invention uses a unique design that provides user authentication and data encryption and decryption in a semiconductor memory device, the semiconductor memory device so that important confidential information can be stored, and user authentication and data encryption and decryption module users using the semiconductor memory device to be authentication, user-friendly operation and carry confidential data, such that in the absence of security measures taken by the host operating access confidential information possible. 本发明提供具有写保护开关的硬保护功能,在物理上保护半导体存储设备的内容不被改写或擦除,防止数据丢失,防止病毒侵入。 The present invention provides a write-protect switch hardware protection, content protection, a semiconductor memory device not be overwritten or erased physically, to prevent data loss, against viruses. 本发明提供休眠及唤醒电路在主机无操作命令时,使半导体存储设备进入休眠状态,降低能耗。 The present invention provides a sleep and wake-up circuit when the host is no operation command, the semiconductor memory device enters a sleep state to reduce power consumption. 本发明使用新型半导体存储介质和通用通道接口,可实现无驱动器、无外接电源的活动外存,并可带电插拔、即插即用、无需关机;存取速度快,容量大大超过软磁盘;体积小,携带方便,不易损坏;可同时连接二十多个快闪存储设备到数据系统上,可使用于任何支持通用通道的数据处理系统。 The present invention is a semiconductor storage medium with the new channel and the common interface may be implemented without drive, no external power supply external memory activity, and hot plug, plug and play, no downtime; access speed, greatly exceeds the capacity of floppy disk; Volume small, portable, easy to damage; can connect more than twenty flash memory device to a data system, the data processing system can be used to support any generic channel.

附图说明 BRIEF DESCRIPTION

图1是本发明半导体存储设备的软硬件功能模块示意图;图2是本发明半导体存储设备的用户认证及数据加密解密工作流程示意图;图3是本发明采用有线通用接口实施例的结构原理框图;图4是本发明采用USB接口的结构原理框图;图5是本发明采用IEEE1394接口的结构原理框图;图6是本发明采用USB接口时写保护开关电路原理图;图7是本发明采用USB接口时微处理器单元和休眠及唤醒电路的电路原理图;图8是本发明采用USB接口时直流电源变换器的电路原理图;图9是本发明采用USB接口时接口控制器的电路原理图;图10是本发明采用USB接口和快闪存储器实施例的控制管理软件系统示意图;图11是本发明采用USB接口和快闪存储器实施例的驱动程序流程图;图12是本发明的采用USB接口和快闪存储器实施例的固化软件流程图。 FIG 1 is a semiconductor memory device according to the present invention, the hardware and software functional block schematic diagram; FIG. 2 is a semiconductor memory device of the user authentication and data encryption and decryption according to the present invention, a schematic work flow; FIG. 3 is a block diagram showing the structure of the present invention uses the principle of an embodiment of a wired universal interface ; FIG. 4 is a schematic block diagram of the USB interface of the present invention is employed; FIG. 5 is a schematic block diagram of an IEEE1394 interface of the present invention is employed; FIG. 6 is a write protect switch circuit schematic diagram of the present invention using a USB interface; FIG. 7 is the present invention uses the USB when the interface circuit diagram of a microprocessor unit and dormancy wakeup circuit; FIG. 8 is a circuit diagram of the present invention uses USB interface DC power converter; FIG. 9 is a circuit diagram of the present invention uses USB interface Interface controller ; FIG. 10 is a schematic view of the present invention employs a control system management software embodiment USB interface and flash memory embodiment; FIG. 11 is an embodiment of the present invention employ drivers embodiment USB interface and flash memory flowchart; FIG. 12 is a USB using the present invention Example firmware interface and flash memory flowchart.

具体实施方式 detailed description

下面结合附图对本发明做进一步详尽的说明,如图1~12所示:实施使用半导体存储设备的数据安全存取系统,所述半导体存储设备包括设备控制模块、半导体存储介质模块1和数据存取模块;所述半导体存储设备与数据处理系统主机通过通用接口相连并通过基于通用接口的信息交换通道进行数据交换,所述数据处理系统主机包括对应于所述半导体存储设备的文件系统处理模块和设备驱动模块,尤其是数据处理系统主机端还包括:一级加密解密模块,将欲存入所述存储设备的数据进行加密,将从该存储设备读出的数据进行解密;用户认证模块,用于进行用户对存储设备的访问权限检验;用户控制模块,支持具有存储设备访问权限的用户选择开放/禁止用户认证机制及数据加密解密机制;所述半导体存储设备端还包括二级加密解密模块25,将由所述通用接 DRAWINGS further detailed explanation of the present invention, shown in FIGS. 1 to 12: data security access system embodiment using a semiconductor memory device, the semiconductor memory device includes a device control module, a semiconductor storage medium 1 and the data storage module taking module; said semiconductor memory device is connected to a host data processing system and a common interface for data exchange by information exchange channels based on the common interface, the host data processing system includes a file system corresponding to the semiconductor memory device and a processing module device driver modules, in particular, host data processing system further comprising: an encryption and decryption module, the data to be stored in the storage device is encrypted, from the storage device decrypts the data read out; the subscriber identity module, with to verify user access to the storage device; user control module, allows users access to a storage device selection open / disable the user authentication and data encryption and decryption mechanisms mechanism; said semiconductor memory device further comprises two end encryption and decryption module 25 , by said generic access 口接收到的数据进行加密,或者将从所述存储设备中读取的数据进行解密;所述二级加密解密模块25可以采用与一级加密解密模块相同或不同的加密解密算法。 Port received data is encrypted, the data from the storage device or read decrypting; the two modules 25 and a cryptographic encryption and decryption modules of the same or different encryption and decryption algorithms may be employed.

所述设备控制模块包括通用接口控制器22和微处理器单元21;所述微处理器单元21用于控制通用接口控制器22和所述半导体存储介质1的工作,包括固化软件程序,由固化软件程序实现对半导体存储介质1进行数据操作;所述通用接口控制器22与所述半导体存储介质1相连,所述微处理器单元21与半导体存储介质1、通用接口控制器22和二级加密解密模块25相连,上述连接支持数据和信息的双向交流。 The device comprises a control module common interface controller 22 and the microprocessor unit 21; the microprocessor unit 21 for controlling the general-purpose interface 22 and the controller operates said semiconductor storage medium 1, a software program comprising curing, the cured a software program for a semiconductor storage medium for data manipulation; the common interface controller 22 of the semiconductor storage medium 1, the microprocessor unit 21 and the semiconductor storage medium 1, the common interface controller 22 and two encryption decryption module 25 is connected, the connection of data and information to support two-way communication.

所述微处理器单元21和所述通用接口控制器22可以合并为一个功能单元或使用一个集成电路模块。 The microprocessor unit 21 and the common interface controller 22 may be combined into one functional unit or a module integrated circuits.

所述设备控制模块中还包括休眠及唤醒电路24,与所述设备控制模块相连接并受其控制,以实现空闲时使本设备进入休眠状态,有操作请求时激活进入唤醒状态的功能。 The apparatus further includes a sleep control module and a wake-up circuit 24, the device is connected to and controlled by the control module, so that the device enters the sleep state to achieve idle, enters the activation function when awake state operation request.

所述用户认证模块可以结合现有技术的软、硬件实现,认证方法可以包括要求用户提供密码、检测用户的声纹、检测用户的视网膜血管分布图和/或检测用户的指纹。 The subscriber identity module may be combined with the prior art software, hardware, the user authentication method may include providing claim voiceprint password, the user is detected, retinal vascular detect a user's profile and / or detecting the user's fingerprint.

所述用户通过所述用户控制模块禁止/开放用户认证功能,用户认证功能免除后,用户不需进行用户认证即可访问所述半导体存储设备;用户认证功能开放后,用户必须通过用户认证方可取得对所述半导体存储设备的访问权限。 The user via the user control module prohibiting / open a user authentication function, user authentication function exemption, the user need not perform user authentication to access the semiconductor memory device; open after the user authentication, user authentication before the user must to obtain access to the semiconductor memory device.

所述通用接口不仅包括USB接口、IEEE 1394接口,还可以包括无线蓝牙接口、IrDA红外接口、HomeRF接口、IEEE 802.11a接口和/或IEEE 802.11b接口。 The universal interface only the USB interface, IEEE 1394 interface may further include a wireless Bluetooth interface, IrDA infrared interface, HomeRF interfaces, IEEE 802.11a interface and / or IEEE 802.11b interface.

所述半导体存储设备,其中使用的存储介质可以包括快闪存储器、DRAM、EEPROM、SRAM、FRAM和/或MRAM,由一块或多快芯片按各种现有寻址方式连接。 Said semiconductor memory device, wherein the storage medium may include a flash memory, DRAM, EEPROM, SRAM, FRAM and / or an MRAM, or connected by a fast chip in various conventional addressing mode.

所述半导体存储介质1中设有专用信息区,用于存储设备描述信息、用户认证信息、用户认证选择信息和/或数据加密解密选择信息。 The semiconductor storage medium 1 has a special information area for storing the device description information, user authentication information, user authentication information to select and / or data encryption and decryption selection information.

所述半导体存储设备还包括写保护开关电路4,利用开关对半导体存储介质1提供物理保护,使其内容不被改写或擦除;所述写保护开关电路4分别与微处理器单元21和半导体存储介质1相连接。 Said semiconductor memory device further comprises a write-protect switch circuit 4 using a semiconductor switch provided for physical protection of the storage medium 1, so that the content will not be rewritten or erased; the write-protect switch circuit 421 and the semiconductor, respectively, and a microprocessor unit 1 is connected to the storage medium.

实施半导体存储设备中的数据安全存取方法,采用如上所述的数据安全存取系统,包括步骤:(1)、用户通过主机发出对半导体存储装置的数据操作命令;(2)、数据处理系统主机检验用户认证功能是否开放,是否需要进行用户认证;(3)、将用户提供的认证信息与半导体存储装置中的用户认证信息比较,根据比较结果判断用户是否具有半导体存储装置的访问权限;(4)、对于具有访问权限的用户,判断其操作命令类型,采用相应执行步骤:对于读数据操作命令,所述半导体存储设备中的固化软件程序根据所述读操作命令读取半导体存储介质1中的数据,经所述二级加密解密模块25进行二级解密,经通用接口返回给数据处理系统主机,经所述一级加密解密模块进行一级解密后,由数据处理系统主机返回给用户执行结果或状态信息;对于写数据操作命令或修改 Data security access method of a semiconductor memory device using the data access security system as described above, comprising the steps of: (1), the host sends the user through data manipulation commands to the semiconductor memory device; (2), the data processing system host verify user authentication function is open, the need for user authentication; (3), comparing the user authentication information is authentication information of the semiconductor memory device of the user provided, and determines whether the user has access to a semiconductor memory device according to a comparison result; ( 4), the user has access, which determines the type of the operation command, using corresponding execution steps of: a command for a data read operation, the firmware program of the semiconductor memory device is read in the semiconductor storage medium 1 in accordance with the read command data, via the two two cryptographic module 25 decrypts the data processing system is returned to the host computer via the common interface, one after the decrypting an encryption and decryption module, the data processing system by the host execution back to the user result or status information; operation command for the write data or modified 户认证信息操作命令,数据处理系统主机将要写入的数据发给一级加密解密模块进行一级加密处理,经通用接口发送给半导体存储设备,所述半导体存储设备中的二级加密解密模块25进行二级加密处理后,由固化软件程序将所述进行两级加密后的要写入的数据写入半导体存储介质1中,返回执行结果或状态信息;对于不具有访问权限的用户,返回状态信息并禁止其数据操作请求。 User authentication information of the operation command data, the data processing system host to be written is sent to a cryptographic module an encrypted, transmitted to the semiconductor memory device via the universal interface, the semiconductor memory device of the secondary encryption and decryption module 25 after two encrypted by the firmware program data to be written after writing the encrypted two semiconductor storage medium 1, to return an execution result or status information; user does not have access rights, the state returns and its data is prohibited information operation request.

步骤(4)包括,所述驱动程序把所述数据处理系统主机中,上层主机操作系统要求数据操作的标准磁盘读操作命令转换成对所述半导体存储设备的特定读写操作命令,并对转换后的读操作命令打包,发送给底层操作系统,由底层操作系统把所述特定读操作命令通过所述通用接口发送给微处理器单元21,由所述固化软件程序执行读操作。 Step (4) comprises a driver to the host data processing system, the host operating system requirements upper standard disk read command data read and write operations convert a specific command to the semiconductor memory device of the pair, and the conversion after the read command packaged, transmitted to the underlying operating system, by the underlying operating system to the particular operation command read by the universal interface unit 21 is sent to the microprocessor, the read operation is performed by a firmware program.

步骤(4)还包括,所述驱动程序把所述数据处理系统主机中,上层操作系统对所述半导体存储设备的标准磁盘写操作命令转换成三个不同的内部操作--读、擦除和写:执行一个内部读操作,把写位置的原有内容读出来并保存;执行一个内部擦除操作以清除写位置的数据;把需要写的新数据和原有数据结合在一起,并对结合后的数据执行一个内部写操作。 Step (4) further comprises a driver to the host data processing system, the upper layer of the operating system standard disk write operation command to the semiconductor memory device into three different internal operations - read, erase, and write: perform an internal read operation, write the contents of the original position of the read out and saved; perform an erase operation to clear the internal data writing position; combines the need to write new data and original data, and binding after the implementation of an internal data write operation.

图1是本发明半导体存储设备的软硬件功能模块示意图,包括由通用接口相连接的运行在主机中的软件部分和用于存储数据的半导体存储设备及其固化软件部分。 FIG 1 is a semiconductor memory device according to the present invention, the hardware and software functional block schematic diagram, including part of the software executed by a general-purpose interface connecting the host and the semiconductor memory device for storing data and firmware portion.

这里通用接口指有线通用接口或者无线通用接口,例如USB接口、IEEE1394接口、蓝牙(Bluetooth)接口、IrDA红外接口、HomeRF接口、IEEE802.11a接口、IEEE802.11b接口。 Herein refers to a wired universal interface or wireless universal interface common interface such as a USB interface, IEEE1394 interface, a Bluetooth (Bluetooth) the interface, IrDA infrared interface, HomeRF interface interfaces the IEEE802.11a, IEEE802.11b interface.

运行在主机中的软件部分中包括用户认证模块、一级加密解密模块、用户控制模块文件系统处理模块和设备驱动模块。 Run module includes a user authentication, an encryption and decryption module, the user module control processing module and the file system module in the device driver software in the host portion. 其中,用户认证模块接受用户输入的认证信息,同时从半导体存储设备中读取所存储的认证信息,并将二者加以比较后反馈比较结果,若匹配则用户获得使用该设备的权利,否则该用户被拒绝使用;用户认证模块还支持通过认证的用户修改其用户认证信息,修改后的用户认证信息被写入半导体存储设备。 Wherein the subscriber identity module accepts the authentication information input by the user while reading the stored authentication information from the semiconductor memory device, and the comparison results are compared after both feedback, if the matching user obtains the right to use the device, otherwise users are denied used; subscriber identity module also supports user authentication through modifying its user authentication information, user authentication information is written into the semiconductor memory device modifications. 用户控制模块支持通过认证的用户选择免除用户认证过程的设置;免除后,支持用户恢复要求用户认证过程的设置。 User control module supports authenticated user selection exempt setting user authentication process; after exemption support user authentication process requires the user to restore the settings. 用户控制模块还支持通过认证的用户选择免除数据加密解密过程的设置;免除后,读写到半导体存储设备的数据不需要经过第一和第二加密解密模块进行加密解密;免除后,用户可以恢复数据加密解密功能的设置;一级加密解密模块将欲存入半导体存储设备的数据进行加密,将从半导体存储设备中读出的数据进行解密;文件系统处理模块按照文件系统所要求的格式执行读操作和写操作,解释来自主机的文件操作指令并把该指令转换为半导体存储设备操作指令;设备驱动模块的功能包括:①按照所选用通用接口的协议建立主机与半导体存储设备之间的连接;②接受文件系统处理模块传来的操作指令和数据并按照所选用通用接口的协议要求格式发送给半导体存储设备;③从通用接口接受半导体存储设备返回的数据和状态信息,并发送给文件系统处理模 The control module also supports the user to select a data encryption and decryption exemption provided by a user authentication process; after dispense, read and write data to the semiconductor memory device does not require first and second cryptographic encryption and decryption modules; after dispense, the user can restore setting data encryption and decryption functions; a cryptographic module data to be stored in the semiconductor memory device is encrypted, the data from the semiconductor memory device decrypts the read out; the file system processing module according to the file format required by the system to perform a read and write operations, interpret the file operation instruction from the host and transfers the instruction into a semiconductor memory device operation instruction; function device driver modules include: ① establishing a connection between the host and the semiconductor memory device according to the selected common interface protocol; ② accepts operation instructions and data coming from the file system processing module and a common interface according to the selected protocol to a format required by the semiconductor memory device; ③ receive data and status information returned from the semiconductor memory device common interface, and sends the file system processing mold .

图2是本发明半导体存储设备的工作流程示意图,在开始状态用户认证模块向半导体存储介质请求提出所存储的用户认证信息并与用户输入的用户认证信息比较,设置认证检验标志,若相同则允许使用,否则拒绝使用。 FIG 2 is a workflow diagram of a semiconductor memory device according to the present invention, comparison is proposed user authentication information stored in the initial state the subscriber identity module to the semiconductor storage media request and the user input user authentication information, setting an authentication test flag if the same is allowed use, or refuse to use. 进入使用的用户可能要求读文件、写文件、修改用户认证信息,这三种操作都需要通过认证检验标志的检验,若通过检验,则写文件和修改后的密码经过一级加密模块加密和二级加密模块加密后存入半导体存储介质;读文件则从半导体存储介质中读出文件并经过二级解密模块和一级解密模块解密。 Into the use of the user may be required to read files, write files, modify user authentication information, these three operations require inspection by the inspection and certification marks, by checking if the password, then write and modify files through an encryption module to encrypt and II level cryptographic module stored in the semiconductor storage medium encrypted; file read from the semiconductor storage medium and read out the file and a decryption module via two decryption module.

用户控制模块支持通过认证的用户选择免除用户认证过程的设置。 User control module supports user authentication via user authentication settings option exemption process. 免除后,任何用户都可以不经过用户认证过程使用半导体存储设备进行数据存储,在免除用户认证的状态下,任何用户都可以恢复要求用户认证过程的设置。 After dispense, without any user can use the user authentication process of the semiconductor memory device for data storage, user authentication at exempt status, any user can restore the settings requires the user authentication process. 用户认证模块还支持通过认证的用户选择免除数据加密解密功能,免除后,任何用户所读写到半导体存储设备的数据不需要经过第一加密解密模块和第二加密解密模块进行加密和解密,在免除数据加密解密的状态下,任何用户都可以恢复数据加密解密功能的设置。 Subscriber identity module also supports the function selected by the exemption data encryption and decryption of user authentication, after dispense, any user to read and write data to the semiconductor memory device does not require the encryption and decryption of the first module and the second cryptographic encryption and decryption modules, in the state exempt from data encryption and decryption, any user can restore the settings data encryption and decryption functions. 半导体存储介质中有专用信息区,用于存储设备描述信息、用户认证信息、用户认证选择信息、数据加密解密选择信息。 The semiconductor storage medium with a special information area for storing the device description information, user authentication information, user authentication information is selected, data encryption and decryption selection information.

如图3的结构原理框图所示,本发明采用有线通用接口实施例的结构包括半导体存储介质1、存储控制电路2、直流电源变换器3、写保护开关4。 Structural principle block diagram in FIG. 3, the present invention adopts the general structure of an embodiment of a wired interface includes a semiconductor storage medium 1, the memory control circuit 2, a DC power supply converter 3, the write-protect switch 4. 半导体存储介质1包括一个或一个以上半导体存储器模块,用于存储数据和控制信息;存储控制电路2控制半导体存储设备,实现半导体存储设备与主机之间的通讯、在半导体存储介质中的数据读写、所读写数据的加密解密功能;直流电源变换器3从通用通道取得供电源为半导体存储设备供电,写保护开关4具有硬件保护功能,保护半导体存储介质中的内容不会被改变或擦除。 The semiconductor storage medium 1 comprises one or more semiconductor memory module for storing the data and control information; memory control circuit controls the semiconductor memory device 2, communication between the host and the semiconductor memory device, reading and writing data in a semiconductor storage medium , the read and write data encryption and decryption functions; DC power converter 3 to obtain the semiconductor memory device from the power supply source for the common channel, write-protect switch 4 has a hardware protection function to protect the contents of the semiconductor storage medium will not be changed or erased . 存储控制电路2控制半导体存储介质1并检查写保护开关4的状态。 Memory control circuit 2 controls the semiconductor storage medium 1 and 4 to check the state of the write-protect switch.

存储控制电路2包括主机连接接口20、接口插座23、接口控制器22、微处理器单元21、休眠及唤醒电路24、二级数据加解密模块25。 Memory control circuit 2 includes a host connection interface 20, an interface socket 23, interface controller 22, a microprocessor unit 21, sleep and wake-up circuit 24, two data encryption and decryption module 25. 主机连接接口连接半导体存储设备和主机,这里所述的主机包括但不限于各种个人计算机、数码相机、PDA、Pocket PC、小型计算机、数据处理工作站以及各种需要存储设备的专用数据处理系统。 Host connection interface of the semiconductor memory device and a host, where the host include but are not limited to various personal computers, digital cameras, PDA, Pocket PC, minicomputers, workstations and data processing storage device needs specific data processing system. 二级数据加密解密模块25实现用户在通过认证的前提下将数据加密写入或解密读出半导体存储介质1。 Secondary data encryption and decryption module 25 implemented by the user to the authentication premise writes the encrypted or decrypted data read out of the semiconductor storage medium 1.

对用户进行身份认证的方法,可以是要求用户输入密码,并验证该密码是否正确,如果输入密码不正确,可以允许有限次数的重试,始终不正确,则拒绝读写半导体存储介质1。 The method of the user authentication, the user may be required to enter a password and verify the password is correct, if the input password is incorrect, allows a limited number of retries, is not always correct, the semiconductor storage medium 1 read rejected. 对用户进行身份认证的方法,可以是要求用户提供密码,还可以是结合现有技术提供的软硬件验证用户的指纹、瞳孔、声纹,只有其指纹和瞳孔、声纹的特征符合的用户才被允许读写半导体存储器1,必须说明不限于此处罗列的,其他种类用户认证识别办法结合在本发明的半导体存储设备中也属于本发明的保护范围。 The method of the user authentication, the user may be required to provide a password, a combination of hardware and software may also be provided in the prior art to verify the user's fingerprint, pupil, voiceprint, fingerprint and its features only pupil voiceprint matching user only a semiconductor memory device is allowed to read, must be listed here described is not limited to, other types of user authentication recognition approach incorporated in a semiconductor memory device according to the present invention also fall within the scope of the present invention.

休眠及唤醒电路24在主机无操作命令时,使快闪存储设备进入休眠状态,降低能耗,在主机有操作命令时将快闪存储设备从休眠状态中唤醒激活进入正常操作状态。 Sleep and wake-up circuit 24 when the host is no operation command, so that a flash memory device enters a sleep state, reduce energy consumption, with an operation command in the host into the flash memory device to activate the normal operation state wakeup from hibernation.

接口控制器22通过接口插座与主机连接电缆相连,接口控制器22在微处理器单元21和休眠及唤醒电路24的控制下工作,接收主机来的命令,并控制其与半导体存储介质1之间的数据操作。 1 is connected between the interface controller 22 via the interface cable connected to the host receptacle, the interface controller 22 operates under the control of the sleep and wake-up circuit 21 and the microprocessor unit 24, the received command from the host, and which controls the semiconductor storage medium data manipulation. 微处理器单元21还控制半导体存储介质1和休眠及唤醒电路24、二级数据加密解密模块25、查询写保护开关4。 The microprocessor unit 21 further controls the semiconductor storage medium 1 and the sleep and wake-up circuit 24, secondary data encryption and decryption module 25, write-protect switch 4 query.

本发明的半导体存储设备在外型结构上设计成一个整体,全部元器件容纳于单一壳体内,布置于电路板上,在驱动软件的驱动下实现存储功能。 The semiconductor memory device according to the present invention is designed on the exterior structure as a whole, all of the components housed within a single housing, is arranged on the circuit board, memory function implemented in driver software drivers. 本发明的快闪存储设备没有机械转动部件,工作时整个设备处于静止状态,其体积可以做得非常小,像大拇指一样大,便于携带和使用。 Flash memory device according to the present invention has no mechanical moving parts, the entire apparatus in a stationary state during operation, the volume can be made very small, as large as the thumb, easy to carry and use. 作为本发明的一个实施例,半导体存储设备也可以没有壳体。 As an embodiment of the present invention, a semiconductor memory device may not be the case.

如图4所示是本发明采用通用串行总线USB接口的一个实施例。 4 that the present invention employs a universal serial bus (USB) interface, an illustrated embodiment. 本实施例的半导体存储介质采用快闪存储器,并采用USB连接接口使半导体存储介质与主机相连,采用USB插座231作为接口插座,采用USB接口控制器221控制半导体存储设备与主机之间的命令信息和数据的传输。 The semiconductor storage medium according to the present embodiment adopts a flash memory, and uses a USB connection interface enables the semiconductor storage medium connected to the host using the interface socket of a USB socket 231, USB interface controller 221 using information of a control command between the host and the semiconductor memory device and data transmission. USB接口控制器221和微处理器单元21可以是同一模块。 USB interface controller 221 and the microprocessor unit 21 may be the same module. 在该模块和快闪存储器之间有二级加密解密模块25。 Between the module and the flash memory module 25 has two encryption and decryption. 根据USB标准,直流电源变换器3通过USB插座231从主机接入电源。 According to the USB standard, the DC power converter 3 from the mains outlet 231 access via USB.

USB已成为新的个人电脑行业标准,当今所有配置为奔腾II或以上电脑及兼容机均带有USB接口,因此本实施例快闪存储设备可替代现有软驱和软盘成为这些电脑的标准件。 USB has become a new industry standard for personal computers, all of today configured Pentium II or above computers and are compatible with a USB interface, a flash memory device of the present embodiment can replace the existing floppy diskette and these become the standard PC.

如图5所示是本发明采用IEEE1394接口的一个实施例。 The present invention is a use of FIG IEEE1394 interface 5 of the embodiment illustrated. 本实施例采用IEEE1394连接接口202使半导体存储设备与主机相连,采用IEEE1394插座232作为接口插座,采用IEEE1394接口控制器222控制半导体存储设备与主机之间的命令信息和数据的交换和传输。 The present embodiment uses IEEE1394 interface 202 connected to the semiconductor memory device connected to the host using the interface socket IEEE1394 connector 232, using the IEEE1394 interface controller 222 controls the switching and transmission of command information and data between the host and the semiconductor memory device. 根据IEEE1394标准,直流电源变换器3与IEEE1394插座232接入主机电源。 According to IEEE1394 standard, the DC power supply converter 3 and the IEEE1394 connector 232 access the host computer.

图6是本发明采用USB接口时半导体存储介质1采用快闪存储器的电路原理图,采用快闪存储器芯片D1,本发明不限于示于图中的只有一个闪存芯片的实施例,也可以使用多个闪存芯片按各种现有寻址方式连接和管理。 FIG 6 is a semiconductor storage medium 1 using the circuit diagram of a flash memory according to the present invention, when a USB interface using a flash memory chip D1, the present invention is not limited to only one embodiment of the flash memory chip shown in Figure, and may be used multiple a flash memory chip in various conventional addressing modes and connection management. 如图6所示,其快闪存储器芯片D1用于存储数据,它可以采用但不限于一片或多片型号为TC58V64FT/128FT/256FT/512FT/100FT/K9F6408/K9F2808/K9F2808/K9F5608/K9K1208的芯片,该芯片D1的5脚与写保护开关S1的5脚连接。 6, which is a flash memory chip for storing data D1, but are not limited to, one or more sheets model TC58V64FT / 128FT / 256FT / 512FT / 100FT / K9F6408 / K9F2808 / K9F2808 / K9F5608 / K9K1208 chips that may be employed , pin 5 of the chip D1 is connected to the write-protect switch S1 is 5 feet.

图7是本发明采用USB接口、快闪存储器时的微处理器和休眠及唤醒电路的电路原理图,微处理器单元21用于控制USB控制器221、快闪存储器1和休眠及唤醒电路24。 FIG 7 is a USB interface of the present invention, when the flash memory and a microprocessor and dormancy wakeup circuit diagram of the circuit, the microprocessor unit 21 for controlling the USB controller 221, a flash memory and a sleep and wake-up circuit 24 . 它含有微处理器芯片D4及两个型号为4053的多路模拟开关芯片D5、D6,芯片D5的12、1、3脚、D6的12脚短接后接芯片D4的12脚,芯片D5的13、2、5脚、D6的13脚短接后接芯片D4的13脚;芯片D5的11、10、9脚和D6的11脚分别接芯片D4的44、1、2、3脚;芯片D4的DATA0~DATA7脚分别与USB控制器221的芯片D2以及快闪存储器芯片D1对应的接线脚相连;芯片D5的4号脚接快闪存储器D1的4号脚,芯片D6的14脚接快闪存储器D1的42脚;芯片D5的14、15脚接D2的15、16脚。 It contains a microprocessor chip D4 and two models of analog multiplexer 4053 of the chip D5, D6, D5, 12,1,3 foot chip, D6 12 feet short of the chip 12 after receiving the pin D4, D5 of the chip 13,2,5 foot, D6 13 feet after 13 feet to shorted the chip D4; 11,10,9 chip D5 and pin 11 feet D6 are respectively connected to pin chip D4, 44,1,2,3; chip DATA0 ~ DATA7 foot D4 are respectively connected to the USB controller chip D2 221 and the flash memory chip D1 corresponding to the pins; 4 feet to the flash memory chip D1 D5 of 4 feet, 14 feet chip D6 is connected fast 42 feet of the flash memory D1; D5 chips 14, 15 15 and 16 feet to pin D2.

休眠及唤醒电路24含有三极管V1、电容C4、二极管V2、电阻R5~R9;三极管V1的基极经电阻R9、电容C4和电阻R8后接通串行总线接口控制器22的芯片D2的12脚,三极管V1的发射极接微处理器芯片D4的4脚。 Sleep and wake-up circuit 24 comprises transistor V1, the capacitor C4, a diode V2, resistor R5 ~ R9; triode V1 after the base resistor R9, a capacitor C4 and a resistor R8 turns the serial bus interface controller chip D2 22 12 feet , the transistor V1 is connected to the emitter of the microprocessor chip D4 of 4 feet.

图8是本发明采用USB接口、快闪存储器的直流电源变换器的电路原理图;采用三端电源D3,并在其端口1VSS和端口2VOUT之间并联连接电容器C3和C6,将输入电压VCC-BUS转换成输出电压FVCC-33。 FIG 8 is a DC power converter according to the present invention is a circuit diagram USB interface flash memory; three-terminal power D3, and connected in parallel between its port and port 2VOUT 1VSS capacitors C3 and C6, the input voltage VCC- BUS into an output voltage FVCC-33.

图9是采用USB接口、快闪存储器的实施例的接口控制器的电路原理图,其USB接口控制器221可采用但不限于型号为PDIUSBD12的芯片D2、晶振Y1、电容C1~C2、C7~C8、电阻R1~R3、R10、发光二极管V3;晶振Y1、电容C1~C2互相串接形成闭合回路,在晶振Y1的两端分别接芯片D2的22和23脚,芯片D2的25、26脚分别经电阻R1、R2接通用串行总线插座23的2、3号脚。 9 is a circuit diagram using the interface controller embodiment of a USB interface, a flash memory, the USB interface controller 221 may be employed but are not limited to chip PDIUSBD12 model D2, crystal Y1, capacitor C1 ~ C2, C7 ~ C8, resistors R1 ~ R3, R10, LED V3; crystal Y1, capacitor C1 ~ C2 connected in series to each other to form a closed loop, then the chip 22 and the pin 23 at both ends of the crystal Y1 D2 respectively, 25 and 26 feet of the chip D2 respectively through resistors R1, R2 connected to the USB socket 23 of the pin 2 and 3. 该USB接口控制器221负责USB数据流的输入输出及其控制,符合USB1.0及1.1或2.0标准,具有可与大多数单片机相接的快速且简单的并行接口,并可实现DMA的功能。 The input and output USB USB interface controller 221 is responsible for control and data flow, in line with standard USB1.0 or 2.0 and 1.1, having a fast and simple parallel interface in contact with most microcontrollers, and can realize the function of DMA.

本发明采用USB接口和快闪存储器时无需驱动器和外接电源,在控制管理软件的控制下工作,其控制管理软件包括用户认证模块、上层操作系统、驱动程序(Driver)、底层操作系统和固化软件程序(Firmware),如图10所示。 No drive and the external power supply of the present invention using a USB interface and flash memory, under the control of the control management software, which controls the management software includes a user authentication module, the upper operating system, driver (Driver), the underlying operating system and firmware program (Firmware), as shown in FIG. 固化软件程序是被固化在微处理器单元21中的管理程序,固化软件程序与底层操作系统互动,驱动程序被装载在主机的底层操作系统和上层操作系统之间,并与底层操作系统和上层操作系统互动。 Curing is cured in the software program in the microprocessor unit 21 of the management program, firmware program to interact with the underlying operating system, the driver is loaded between upper layer and the underlying operating system of the host operating system and the underlying operating system and an upper layer operating system interaction. 驱动程序与固化软件程序的流程图如图11和图12所示。 With the flowchart of FIG driver firmware program shown in FIG. 11 and 12.

下面以采用USB接口和快闪存储器的半导体存储设备为例,结合附图11、图12、图10说明本发明在控制管理软件系统的控制下的工作过程。 Below semiconductor memory device using the USB interface and a flash memory for example, in conjunction with FIG. 11, FIG 12, FIG 10 illustrates operation of the present invention under the control of the control management software system.

当插入半导体存储设备,主机操作系统通过对USB接口的自动检测,立即激活用户认证模块和驱动程序,提示用户输入或修改用户认证信息,驱动程序即执行初始化操作,并指示上层操作系统产生一个相应的可移动存储设备配置(或称为活动存储设备配置),上层操作系统即为插入的该存储设备产生可移动存储设备配置并分配相应的设备符。 When inserting a semiconductor memory device, the host operating system through the automatic detection of the USB interface, immediately activate the subscriber identity module and drivers, prompts the user to enter or modify a user authentication information, the driver i.e., initialization is performed, and instructs the upper operating system generates a corresponding the removable storage device configuration (called active storage device or configuration), the upper layer storage device to generate an operating system that is inserted into the removable storage device configuration and assign the corresponding device identifier. 当用户点击设备符时,驱动程序检查用户认证标志,并根据该标志作出判断,接受通过认证的用户或拒绝未通过认证的用户存取半导体存储设备。 When the user clicks the device identifier, the driver checks the user authentication mark, and judgment based on the flag, the user is authenticated to accept or reject unauthenticated user access semiconductor memory device. 此后驱动程序进入等候操作请求状态。 After the driver enters the wait state operation request.

当半导体存储设备插入到主机的USB接口时,被激活的还有固化软件程序,微处理器单元21立即开始执行固化在其中的固化软件程序,进行初始化,此时上层操作系统会查询USB接口芯片D2,D2会产生中断请求传送给微处理器单元21,微处理器单元21通过对USB接口芯片D2中断请求的响应而与上层操作系统取得联系,操作系统根据USB接口芯片D2与微处理器单元21所反馈的各种特性状态或标志,通知USB接口芯片D2与微处理器D4进行有关的初始设置,为下一步数据交换做好准备。 When the semiconductor memory device into the USB interface of a host, as well as curing the activated software program, microprocessor unit 21 immediately starts executing a software program cured cured therein, initialization, the operating system will query the upper case USB interface chip D2, D2 will generate an interrupt request to the microprocessor unit 21, the microprocessor unit 21 to contact the upper layer of the operating system through the USB interface chip D2 in response to the interrupt request, the operating system in accordance with the USB interface chip D2 microprocessor unit 21 states or various characteristics of the feedback flag informs the USB interface chip D2 and D4 microprocessor initial settings relating to preparation for the next data exchange. 初始化完毕固化软件程序即进入等待状态,等待操作请求。 I.e., initialized firmware program enters a wait state, waiting for the operation request.

当该半导体存储设备从主机的USB接口拔出时,固化软件程序立即终止执行。 When the semiconductor memory device interface unplugged from the USB host, the firmware program execution is immediately terminated. 主机操作系统自动检测到这一事件立即通知驱动程序;驱动程序执行有关处理,并指示操作系统消除与该半导体存储设备对应的可移动存储设备配置;上层主机操作系统取消相应的可移动存储设备符。 Host operating system automatically detects this event immediately inform the driver; driver performs the relevant processing, and instructs the operating system configuration and eliminating the removable storage device corresponding to a semiconductor memory device; upper host operating system to cancel the respective removable storage device identifier .

当上层主机操作系统要求读操作时,会把读操作命令送给驱动程序。 When the upper layer host operating system requires a read operation, a read operation will command to the driver. 由于该操作命令属于标准的磁盘读操作命令,不符合快闪存储器的读操作方式要求,因此驱动程序把该读操作命令转换成快闪存储设备的特定操作命令。 Since the operation command is the standard magnetic disk read command, a read operation does not meet the requirements of the flash memory, the driver converts the read command into flash memory device specific operation command. 之后,驱动程序进一步对转换后的操作命令进行USB打包,并把打包后的读操作命令发给底层操作系统,由底层操作系统把读操作命令通过USB接口发送给微处理器单元21中的固化软件程序,由固化软件程序执行读操作,即USB接口控制器D2接到读操作命令后通知微处理器D4,而微处理器D4在固化软件程序控制下从快闪存储器D1中读取所要求的数据送入二级解密模块进行解密后,将数据及相关信息通过USB接口传给底层操作系统,并把读取的数据及状态信息经USB接口通过底层操作系统返回给驱动程序,驱动程序中包含一级加密解密模块,该模块对所读数据进行解密,并把解密后的数据和状态信息发送给上层操作系统。 Thereafter, the operation of the driver is further converted commands for USB packaged, and the packaging operation after the read command to the underlying operating system, by the underlying operating system command to read through the USB interface unit 21 is sent to the microprocessor cured software program, a read operation performed by the firmware program, i.e. D2 USB interface controller to notify the microprocessor D4 read operation command, the microprocessor reads the requested D4 D1 from the flash memory under firmware program control after the data into two decryption module decrypts the data and related information to the underlying operating system through the USB interface, and the read data and status information via the USB interface to the operating system returns to the driver through the bottom, the driver comprising an encryption and decryption module which decrypts the data to read, and sends the data and status information to the upper layer the decrypted operating system.

当上层主机操作系统要求写存储器时,会把该写操作命令发送给驱动程序。 When the upper layer host operating system required to write the memory, the write command will be sent to the driver. 由于该操作命令属于标准的磁盘写操作命令,与快闪存储器要求的操作命令不一样,因此驱动程序会把它转换成快闪存储设备的特定操作命令。 Since the operation command is the standard magnetic disk write operation command, and the flash memory operation command requested is not the same, so the driver will convert it to the particular flash memory device operation command. 当写操作命令到达快闪存储器D1时,如果写位置已经包含有效数据,则新的数据无法直接写入,只有当有效数据被移动后,才能写入新的数据。 When the write command arrives flash memory D1, if the writing position already contains valid data, the new data can not be written directly, only when the valid data is moved, to write new data. 基于这种原因,驱动程序把写操作转换成三个不同的内部操作:读、擦除和写。 For this reason, the driver converts the write operation into three different internal operations: read, erase and write. 首先,驱动程序的一级加密解密程序需要写入的新数据进行加密,然后再执行一个内部读操作,把写位置的原有内容读出来并保存;然后再执行一个内部擦除操作,以清除写位置的所有数据;最后,把需要写的新数据和原有数据结合在一起,并对结合后的数据执行一个内部写操作。 First, the new data encryption and decryption program a driver needs to be written is encrypted, and then perform an internal read operation, write the location of the original content read out and saved; then perform an internal erase operation to clear All the data writing position; and finally, to combine the need to write new data and original data, and performs an internal write data binding. 当上述三个操作都完成后,驱动程序把写操作的执行状态信息返回给上层操作系统,完成写操作。 When the above-mentioned three operations are complete, the driver writes the execution state information returned to the upper operating system, the write operation is completed. 其操作过程是,当写操作命令至快闪存储器D1时,USB接口控制器D2通知微处理器D4,而微处理器D4在固化软件程序控制下从USB接口控制芯片D2中读取相应的数据送入快闪存储器D1。 Its operation, when the write command to the flash memory D1, USB interface controller notifies the microprocessor D2 D4, D4 and the microprocessor reads the corresponding data from the USB interface controller chip D2 under firmware program control into the flash memory D1. 当操作系统要对快闪存储器D1进行擦写时,通用通道接口电路D2会通知微处理器D4,D4会送一串命令给快闪存储器D1,从而擦除D1内相应区域的内容。 When the operating system to allow erasing the flash memory D1, D2 Common Channel interface circuit will notify the microprocessor D4, D4 will send a series of commands to the flash memory D1, thereby erasing the contents of the corresponding region D1. 驱动程序会对上述三个内部操作分别进行USB打包,并把打包后的操作发给底层操作系统,由底层操作系统通过USB接口发送给微处理器单元21中的固化软件程序,固化软件程序执行该操作,并把操作后的数据及状态信息通过USB返回给底层操作系统,然后由底层操作系统发给驱动程序。 Drivers have the above-described three USB internal operations were packaged and sent to the operation of the underlying operating system package, performed by the underlying operating system through the USB transmission interface 21 to the microprocessor unit firmware program, firmware program the operation and the post operation data and status information back to the underlying operating system via USB, and then sent to the driver by the underlying operating system.

如图12、图11所示,本发明半导体存储设备除支持上层主机操作系统要求的磁盘操作以外,还支持即插即用或其他特定操作,该即插即用和其他特定操作的请求来自上层主机操作系统,再经驱动程序处理成适合半导体存储设备的格式给底层操作系统按USB标准打包后经USB接口传给USB接口控制器D2,在固化软件程序的控制下执行,并将执行结果信息给接口控制器D2,经USB接口返还给上层主机操作系统。 12, FIG. 11, the semiconductor memory device of the present invention other than the host operating system support for the upper disk operations required, further or other specific support plug and play operation, the plug and play and other requests from an upper layer of a specific operation host operating system, and then treated by the driver into a format suitable for the semiconductor memory device after packaging to the underlying operating system by USB standard interface to pass through the USB D2 USB interface controller, executed under control of the firmware program, and the execution result information to interface controller D2, through the USB interface to the host operating system back to the top.

实践证明,本发明采用独特设计,在半导体存储设备中提供用户认证和数据加解密功能,使该半导体存储设备可以存入重要的保密信息,并通过用户认证及数据加密解密模块对使用该半导体存储设备的用户加以身份认证,方便用户操作和携带保密数据,使得在没有采取保密措施的主机上操作存取保密信息成为可能。 Practice has proved that the present invention is a unique design that provides user authentication and data encryption and decryption in a semiconductor memory device, the semiconductor memory device so that important confidential information can be stored, and user authentication and data encryption and decryption module using the semiconductor memory user authentication device to be user-friendly operation and carry confidential data, such that in the absence of security measures taken by the host operating access confidential information possible. 本发明提供具有写保护开关的硬保护功能,在物理上保护半导体存储设备的内容不被改写或擦除,防止数据丢失,防止病毒侵入。 The present invention provides a write-protect switch hardware protection, content protection, a semiconductor memory device not be overwritten or erased physically, to prevent data loss, against viruses. 本发明提供休眠及唤醒电路在主机无操作命令时,使半导体存储设备进入休眠状态,降低能耗。 The present invention provides a sleep and wake-up circuit when the host is no operation command, the semiconductor memory device enters a sleep state to reduce power consumption. 本发明使用新型半导体存储介质和通用通道接口,可实现无驱动器、无外接电源的活动外存,并可带电插拔、即插即用、无需关机;存取速度快,容量大大超过软磁盘;体积小,携带方便,不易损坏;可同时连接二十多个快闪存储设备到数据系统上,可使用于任何支持通用通道的数据处理系统。 The present invention is a semiconductor storage medium with the new channel and the common interface may be implemented without drive, no external power supply external memory activity, and hot plug, plug and play, no downtime; access speed, greatly exceeds the capacity of floppy disk; Volume small, portable, easy to damage; can connect more than twenty flash memory device to a data system, the data processing system can be used to support any generic channel.

Claims (13)

1.一种使用半导体存储设备的数据安全存取系统,所述半导体存储设备包括设备控制模块、半导体存储介质(1)、数据存取模块;所述半导体存储设备与数据处理系统主机通过通用接口相连并通过基于通用接口的信息交换通道进行数据交换,所述数据处理系统主机包括对应于所述半导体存储设备的文件系统处理模块和设备驱动模块,其特征在于,数据处理系统主机端包括:一级加密解密模块,将欲存入所述存储设备的数据进行加密,或将从该存储设备读出的数据进行解密;用户认证模块,用于进行用户对存储设备的访问权限检验;用户控制模块,支持通过认证的用户选择开放/免除用户认证机制和/或数据加密解密机制;所述半导体存储设备端还包括二级加密解密模块(25),将由所述通用接口接收到的数据进行加密,或者将从所述存储设备中读取的数据 A semiconductor memory device using the data security access system, the semiconductor memory device includes a device control module, a semiconductor storage medium (1), a data access module; said semiconductor memory device and the data processing system through the universal interface to the host are connected by data exchange and based on general information exchange channel interface, the host data processing system includes a file system processing module and device driver module corresponding to the semiconductor memory device, wherein the host data processing system comprising: a level encryption and decryption module, the data to be stored in the storage device is encrypted, or read out from the storage device decrypts the data; a user authentication module configured to verify user access to the storage device; user control module support authenticated user selection open / release the user authentication mechanism, and / or data encryption and decryption mechanism; end of the semiconductor memory device further comprises two data encryption and decryption module (25), received by the universal interface to encrypt, or the data read from the storage device of 行解密;所述二级加密解密模块(25)可以采用与一级加密解密模块不同的加密解密算法。 Decrypting; the two encryption and decryption module (25) with a cryptographic encryption and decryption modules of different algorithms can be used.
2.根据权利要求1所述的数据安全存取系统,其特征在于,所述设备控制模块包括通用接口控制器(22)和微处理器单元(21);所述微处理器单元(21)用于控制通用接口控制器(22)和所述半导体存储介质(1)的工作,包括固化软件程序,由固化软件程序实现对半导体存储介质(1)进行数据操作;所述通用接口控制器(22)与所述半导体存储介质(1)相连,所述微处理器单元(21)与半导体存储介质(1)、通用接口控制器(22)和二级加密解密模块(25)相连,上述连接支持数据和信息的双向交流。 2. Data security access system according to claim 1, characterized in that the device comprises a control module common interface controller (22) and a microprocessor unit (21); said microprocessor unit (21) a controller for controlling the common interface (22) and the semiconductor storage medium (1), including curing a software program, firmware program implemented by a semiconductor storage medium (1) for data manipulation; the universal interface controller ( 22) of the semiconductor storage medium (1) is connected to the universal interface controller (22) and the two encryption and decryption module coupled to said microprocessor unit (21) and the semiconductor storage medium (1) (25), the connection support data and two-way exchange of information.
3.根据权利要求2所述的数据安全存取系统,其特征在于,所述微处理器单元(21)和所述通用接口控制器(22)可以合并为一个功能单元或使用一个集成电路模块。 The data security access system according to claim 2, characterized in that said microprocessor unit (21) and said universal interface controller (22) can be combined into one functional unit or a integrated circuit module .
4.根据权利要求1所述的数据安全存取系统,其特征在于,所述设备控制模块中还包括休眠及唤醒电路(24),与所述设备控制模块相连接并受其控制,以实现空闲时使本设备进入休眠状态,有操作请求时激活进入唤醒状态的功能。 The data security access system according to claim 1, wherein said apparatus further comprises a sleep control module and a wakeup circuit (24), the device is connected to and controlled by the control module, in order to achieve this makes the device enters an idle hibernation state, an operation entry function activation request awake state.
5.根据权利要求1所述的数据安全存取系统,所述用户认证模块可以结合现有技术的软、硬件实现,认证方法可以包括要求用户提供密码、检测用户的声纹、检测用户的视网膜血管分布图和/或检测用户的指纹。 The data security access system according to claim 1, the user authentication module may be combined with the prior art software and hardware, the user authentication method may include providing claim voiceprint password, user detection, detects a user's retina vascular distribution and / or detect the user's fingerprint.
6.根据权利要求1所述的数据安全存取系统,用户通过所述用户控制模块免除/开放用户认证功能,用户认证功能免除后,用户不需进行用户认证即可访问所述半导体存储设备;用户认证功能开放后,用户必须通过用户认证方可取得对所述半导体存储设备的访问权限。 The data security access system according to claim 1, a user through the user control module Exclusion / open a user authentication function, user authentication function exemption, the user need not perform user authentication to access the semiconductor memory device; after opening a user authentication function, the user must access in order to obtain the semiconductor memory device by the user authentication.
7.根据权利要求1所述的数据安全存取系统,其特征在于,所述通用接口不仅包括USB接口、IEEE1394接口,还可以包括无线蓝牙接口、IrDA红外接口、HomeRF接口、IEEE802.11a接口和/或IEEE802.11b接口。 The data security access system according to claim 1, wherein said universal interface only the USB interface, IEEE1394 interface may also include a wireless Bluetooth interface, IrDA infrared interface, HomeRF interface, and interfaces the IEEE802.11a / or IEEE802.11b interfaces.
8.根据权利要求1所述的数据安全存取系统,其特征在于,所述半导体存储设备,其中使用的存储介质可以包括快闪存储器、DRAM、EEPROM、SRAM、FRAM和/或MRAM,由一块或多快芯片按各种现有寻址方式连接。 8. The data security access system according to claim 1, wherein said semiconductor memory device, wherein the storage medium may include a flash memory, DRAM, EEPROM, SRAM, FRAM and / or an MRAM, one of or how fast a chip is connected by the conventional addressing various ways.
9.根据权利要求1所述的数据安全存取系统,其特征在于,所述半导体存储介质(1)中设有专用信息区,用于存储设备描述信息、用户认证信息、用户认证选择信息和/或数据加密解密选择信息。 9. The data security access system according to claim 1, wherein said semiconductor storage media have special information region (1), for storing the device description information, user authentication information, user authentication information and the selection / or data encryption and decryption selection information.
10.根据权利要求1所述的数据安全存取系统,其特征在于,所述半导体存储设备还包括写保护开关电路(4),利用开关对半导体存储介质(1)提供物理保护,使其内容不被改写或擦除;所述写保护开关电路(4)分别与微处理器单元(21)和半导体存储介质(1)相连接。 10. A data security access system according to claim 1, wherein said semiconductor memory device further comprises a write-protect switch circuit (4), using a switch provided for physical protection to the semiconductor storage medium (1), its contents not be rewritten or erased; the write-protect switch circuit (4) are connected to a microprocessor unit (21) and a semiconductor storage medium (1).
11.一种半导体存储设备中的数据安全存取方法,采用如权利要求1所述的数据安全存取系统,包括步骤:1、用户通过主机发出对半导体存储设备的数据操作命令;2、数据处理系统主机检验是否需要进行用户认证,用户认证功能是否开放;3、如果需要进行用户认证,则将用户提供的认证信息与半导体存储设备中存储的用户认证信息比较,根据比较结果判断用户是否具有半导体存储设备的访问权限;4、对于具有访问权限的用户,判断其操作命令类型,采用相应执行步骤:对于读数据操作命令,所述半导体存储设备中的固化软件程序根据所述读操作命令读取半导体存储介质(1)中的数据,经所述二级加密解密模块(25)进行二级解密,经通用接口返回给数据处理系统主机,经所述一级加密解密模块进行一级解密后,由数据处理系统主机返回给用户执行结果或 11. A data security method for accessing a semiconductor memory device using the data security access system as claimed in claim 1, comprising the steps of: a user issues an operation command to the data through the host device of the semiconductor memory; 2, data verify whether the host processing system requires user authentication, a user authentication function is open; 3, if the user authentication information is required and the semiconductor memory device information for user authentication, the user is provided stored according to the comparison results to determine whether the user has access to the semiconductor memory device; 4, the user has access, which determines the type of the operation command, using corresponding execution steps of: a command for a data read operation, the firmware program of the semiconductor memory device is read according to the read operation command after the data fetch (1) of the semiconductor storage medium, decrypts the two for secondary encryption and decryption module (25), via the universal interface returns to the host data processing system, for decrypting an encrypted decryption module via the one , the data processing system returns the execution result to the user or host computer 态信息;对于写数据操作命令或修改用户认证信息操作命令,数据处理系统主机将要写入的数据发给一级加密解密模块进行一级加密处理,经通用接口发送给半导体存储设备,所述半导体存储设备中的二级加密解密模块(25)进行二级加密处理后,由固化软件程序将所述进行两级加密后的要写入的数据写入半导体存储介质(1)中,返回执行结果或状态信息;对于不具有访问权限的用户,返回状态信息并禁止其数据操作请求。 State information; for a data write command or data manipulation operation command to modify the user authentication information, the data processing system host to be written is sent to a cryptographic module an encrypted, transmitted to the semiconductor memory device via the universal interface, the semiconductor data to be written in the secondary storage device after encryption and decryption module (25) for secondary encryption process, the firmware is encrypted in two program writes the semiconductor storage medium (1), returns an execution result or status information; the user does not have access to, and returns state information in its data operation request is prohibited.
12.根据权利要求11所述的数据安全存取方法,其步骤4包括,所述驱动程序把所述数据处理系统主机中,上层主机操作系统要求数据操作的标准磁盘读操作命令转换成对所述半导体存储设备的特定读写操作命令,并对转换后的读操作命令打包,发送给底层操作系统,由底层操作系统把所述特定读操作命令通过所述通用接口发送给微处理器单元(21),由所述固化软件程序执行读操作。 Standard disk reads data security access command 12. The method according to claim 11, which comprises the step 4, the driver of the data processing system to the host, the host operating system requires an upper layer operation of data conversion of the pairs specific write operation command to said semiconductor memory device, and read the converted operation command packaged, transmitted to the underlying operating system, by the underlying operating system to read the specific command interface to a microprocessor unit via the universal ( 21), the read operation is performed by a firmware program.
13.根据权利要求11所述的数据安全存取方法,其步骤4包括,所述驱动程序把所述数据处理系统主机中,上层操作系统对所述半导体存储设备的标准磁盘写操作命令转换成三个不同的内部操作--读、擦除和写:执行一个内部读操作,把写位置的原有内容读出来并保存——执行一个内部擦除操作以清除写位置的数据;把需要写的新数据和原有数据结合在一起,并对结合后的数据执行一个内部写操作。 13. A method of accessing data security according to claim 11, which comprises the step 4, the driver to the host data processing system, the upper layer of the operating system standard disk write operation command to the semiconductor memory device into three different internal operations - read, erase and write: perform an internal read operation, write the location of the original content read out and save - perform an erase operation to clear the internal data writing position; the need to write the new data and existing data together, and performs an internal write data binding.
CN 01114762 2001-05-30 2001-05-30 Data safety access method and system using semiconductor memory device CN1147793C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 01114762 CN1147793C (en) 2001-05-30 2001-05-30 Data safety access method and system using semiconductor memory device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 01114762 CN1147793C (en) 2001-05-30 2001-05-30 Data safety access method and system using semiconductor memory device

Publications (2)

Publication Number Publication Date
CN1317744A true CN1317744A (en) 2001-10-17
CN1147793C true CN1147793C (en) 2004-04-28

Family

ID=4661382

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 01114762 CN1147793C (en) 2001-05-30 2001-05-30 Data safety access method and system using semiconductor memory device

Country Status (1)

Country Link
CN (1) CN1147793C (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1318934C (en) * 2005-01-18 2007-05-30 利特国际有限公司 Data encrypting and deciphering method of data storing device with laminated storing structure
CN100478921C (en) 2005-02-05 2009-04-15 北京凯诚高清电子技术有限公司 Intelligent playing device and its self-protecting method

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003044732A1 (en) * 2001-11-23 2003-05-30 Netac Technology Co., Ltd. Semiconductor storage method and device supporting multi-interfaces
CN1331061C (en) * 2001-11-28 2007-08-08 联想(北京)有限公司 Movable external memory content enciphering method independent of computer
CN1302390C (en) * 2002-07-25 2007-02-28 联想(北京)有限公司 Method and apparatus for using NOT-AND flash as system memory
CN1276363C (en) * 2002-11-13 2006-09-20 深圳市朗科科技有限公司 Method of actualizing safety data storage and algorithm storage in virtue of semiconductor memory device
JP4242682B2 (en) 2003-03-26 2009-03-25 パナソニック株式会社 Memory device
US6961852B2 (en) 2003-06-19 2005-11-01 International Business Machines Corporation System and method for authenticating software using hidden intermediate keys
CN1301465C (en) * 2003-08-11 2007-02-21 其乐达科技股份有限公司 Method, device and system for planning storage unit
US20050235364A1 (en) 2004-04-15 2005-10-20 Wilson Christopher S Authentication mechanism permitting access to data stored in a data processing device
CN1700643B (en) 2004-05-20 2014-07-16 深圳市朗科科技股份有限公司 Data exchange unit and network based data exchange method
JP4119881B2 (en) 2004-11-15 2008-07-16 任天堂株式会社 Semiconductor memory device
JP2006268766A (en) 2005-03-25 2006-10-05 Fujitsu Ltd Apparatus, method and program for drive control
CN100446018C (en) 2006-07-11 2008-12-24 北京飞天诚信科技有限公司 Secure information storage method and information security apparatus thereof
CN100395733C (en) 2006-08-01 2008-06-18 浪潮齐鲁软件产业有限公司 Method for improving SOC chip security dedicated for financial tax control
CN100437618C (en) 2006-12-29 2008-11-26 北京飞天诚信科技有限公司 Portable information safety device
CN100517290C (en) 2007-03-14 2009-07-22 北京飞天诚信科技有限公司 Method for realizing universal series bus key compound equipment
CN101106455B (en) 2007-08-20 2010-10-13 北京飞天诚信科技有限公司 Identity authentication method and intelligent secret key device
CN101345619B (en) 2008-08-01 2011-01-26 清华大学深圳研究生院 Electronic data protection method and device based on biological characteristic and mobile cryptographic key
CN101635019B (en) 2009-08-25 2011-07-20 中国华录集团有限公司 Encryption system of embedded type software program based on safe MCU

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1318934C (en) * 2005-01-18 2007-05-30 利特国际有限公司 Data encrypting and deciphering method of data storing device with laminated storing structure
CN100478921C (en) 2005-02-05 2009-04-15 北京凯诚高清电子技术有限公司 Intelligent playing device and its self-protecting method

Also Published As

Publication number Publication date Type
CN1317744A (en) 2001-10-17 application

Similar Documents

Publication Publication Date Title
US7136951B2 (en) Multifunction semiconductor storage device and a method for booting-up computer host
US20100082893A1 (en) Flash Memory Controller For Electronic Data Flash Card
US7702984B1 (en) High volume testing for USB electronic data flash cards
US20020010827A1 (en) A portable data storage device having a secure mode of operation
US20070136501A1 (en) Media card command pass through methods
US7873837B1 (en) Data security for electronic data flash card
US20070168668A1 (en) Media card with command pass through mechanism
US20060047604A1 (en) Methods and apparatus providing portable application and data
CN101957807A (en) Method for USB device to recognize version type of Windows operating system
JP2003186819A (en) Computer system equipped with usb device with security function
US20080126810A1 (en) Data protection method for optical storage media/device
US7690030B1 (en) Electronic data flash card with fingerprint verification capability
CN101788959A (en) Solid state hard disk secure encryption system
CN102043751A (en) Method for identifying host operation system by using USB equipment
CN1866224A (en) Mobile memory device and method for accessing encrypted data in mobile memory device
CN1987843A (en) Self adapting method for USB protocol
CN1707399A (en) Portable electronic apparatus having an openable lid, program product and method of controlling portable electronic apparatus
CN1467750A (en) Secure flash memory device and method of operation
JP2010146048A (en) Computer having biometric authentication device
US20100115201A1 (en) Authenticable usb storage device and method thereof
US20100115465A1 (en) Logon System and Method Thereof
CN101266590A (en) Method and system for dynamically switching equipment arrangement
CN101751306A (en) Data recovery device of defect hard disk and recovery method
JPH07104882A (en) Portable computer system
CN201654768U (en) Active type intelligent security USB (Universal Serial Bus) removable storage equipment

Legal Events

Date Code Title Description
C10 Entry into substantive examination
C06 Publication
C14 Grant of patent or utility model
C56 Change in the name or address of the patentee

Owner name: SHENZHEN CITY LANGKE TECHNOLOGY CO.,LTD.

Free format text: FORMER NAME OR ADDRESS: LANGKE SCIENCE AND TECHNOLOGY CO LTD, SHENZHEN CITY