CN114925344A - U-coil control method, device, equipment and medium - Google Patents
U-coil control method, device, equipment and medium Download PDFInfo
- Publication number
- CN114925344A CN114925344A CN202210706567.5A CN202210706567A CN114925344A CN 114925344 A CN114925344 A CN 114925344A CN 202210706567 A CN202210706567 A CN 202210706567A CN 114925344 A CN114925344 A CN 114925344A
- Authority
- CN
- China
- Prior art keywords
- disk
- usb flash
- flash disk
- mounting
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a U coil control method, a device, equipment and a medium, and the method relates to the technical field of computers, and comprises the following steps: when a USB flash disk is inserted, determining a unique identifier of the USB flash disk, acquiring mounting information and target information which correspond to the USB flash disk currently, and then determining the current USB flash disk authority corresponding to the unique identifier; the target information comprises a U disk initial path; generating a U disk mounting path based on the mounting information and the U disk initial path; determining a target mounting path matched with the USB flash disk mounting path in preset mounting paths respectively corresponding to all process execution operations and the preset operations of all files; and performing corresponding blocking processing or releasing processing on the process execution operation and/or the preset operation of the file corresponding to the target mounting path based on the current U disk authority. According to the method and the device, the USB flash disk mounting path is generated and the USB flash disk authority is set, so that USB flash disk management and control can be well done, and the safety is improved.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a U-coil control method, a U-coil control device, U-coil control equipment and a U-coil control medium.
Background
Currently, people have strong dependence on a Universal Serial Bus (USB) flash drive, but with the increasing number of USB flash viruses, people expect that the security and controllability of a USB flash drive are stronger. When a U disk with viruses is inserted into a linux server or a Personal Computer (PC), the viruses are infected to corresponding equipment, so that data leakage is caused if the viruses are not detected, and the server is down and paralyzed if the viruses are detected, so that the U disk needs to be managed in a centralized manner and is managed and controlled.
In summary, how to perform usb flash disk management and control to improve security is a problem to be solved urgently.
Disclosure of Invention
In view of this, the present invention provides a method, an apparatus, a device and a medium for controlling a U-coil, which can perform U-coil control to improve safety. The specific scheme is as follows:
in a first aspect, the present application discloses a U-coil pipe control method, including:
when a USB flash disk is inserted, determining a unique identifier of the USB flash disk, acquiring mounting information and target information which correspond to the USB flash disk currently, and then determining the current USB flash disk authority corresponding to the unique identifier; the target information comprises a USB flash disk initial path;
generating a U disk mounting path based on the mounting information and the U disk initial path;
determining a target mounting path matched with the USB flash disk mounting path in preset mounting paths respectively corresponding to all process execution operations and preset operations of all files;
and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission.
Optionally, when the usb disk is inserted, determining the unique identifier of the usb disk includes:
when a U disk is inserted, detecting whether a unique identifier exists in a main guide record of the U disk;
and if the unique identifier does not exist in the master boot record of the U disk, setting the unique identifier for the U disk according to a preset identifier setting rule.
Optionally, the determining the current U disk permission corresponding to the unique identifier includes:
acquiring a target USB flash disk authority set for the USB flash disk, and determining the target USB flash disk authority as a current USB flash disk authority corresponding to the unique identifier;
or, determining the set USB flash disk authority corresponding to the unique identifier as the current USB flash disk authority.
Optionally, the obtaining a target U disk permission set for the U disk and determining the target U disk permission as a current U disk permission corresponding to the unique identifier includes:
and acquiring a target USB flash disk authority set for the USB flash disk, deleting the set USB flash disk authority corresponding to the unique identifier, and determining the target USB flash disk authority as the current USB flash disk authority corresponding to the unique identifier.
Optionally, after determining the unique identifier of the usb disk and acquiring the mount information currently corresponding to the usb disk and the target information including the initial path of the usb disk, the method further includes:
and acquiring the user basic information corresponding to the U disk to complete user registration.
Optionally, after performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mount path and/or the preset operation of the file based on the current U disk permission, the method further includes:
and generating a mount log which comprises the target mount path and corresponds to the stop processing, and converting the target mount path into a target USB flash disk path to acquire and display the USB flash disk log.
In a second aspect, the present application discloses a U-coil control device, including:
the USB flash disk permission determining module is used for determining a unique identifier of the USB flash disk when the USB flash disk is inserted, acquiring the current mounting information and target information corresponding to the USB flash disk, and then determining the current USB flash disk permission corresponding to the unique identifier; the target information comprises a USB flash disk initial path;
a mounting path generating module of the U disk, configured to generate a mounting path of the U disk based on the mounting information and the initial path of the U disk;
the target mounting path determining module is used for determining a target mounting path which is matched with the USB flash disk mounting path in preset mounting paths respectively corresponding to all the process execution operations and the preset operations of all the files;
and the processing module is used for performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current USB flash disk permission.
Optionally, the usb disk permission determining module includes:
the detection unit is used for detecting whether the main guide record of the U disk has the unique identifier or not when the U disk is inserted;
and the unique identifier setting unit is used for setting the unique identifier for the USB flash disk according to a preset identifier setting rule if the unique identifier does not exist in the main guide record of the USB flash disk.
In a third aspect, the present application discloses an electronic device comprising a processor and a memory; wherein the processor implements the U-coil control method disclosed above when executing the computer program stored in the memory.
In a fourth aspect, the present application discloses a computer readable storage medium for storing a computer program; wherein the computer program when executed by a processor implements the U-coil control method disclosed above.
Therefore, when a USB flash disk is inserted, the unique identification of the USB flash disk is determined, the mounting information and the target information which correspond to the USB flash disk at present are obtained, and then the current USB flash disk permission corresponding to the unique identification is determined; the target information comprises a U disk initial path; generating a USB flash disk mounting path based on the mounting information and the USB flash disk initial path; determining target mounting paths matched with the U disk mounting paths in preset mounting paths respectively corresponding to all process execution operations and all file preset operations; and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission. Therefore, the U disk is identified by the unique identification mark, and the U disk authority is associated with the unique identification mark, so that the U disk authority is obtained through the unique identification mark, and the method is convenient and quick; the USB flash disk access control method and the USB flash disk access control device can set the USB flash disk access, are favorable for improving safety, and prevent viruses from infecting equipment inserted into the USB flash disk; the mounting information and the initial path of the U disk are utilized to generate the U disk mounting path, corresponding stopping processing or releasing processing is carried out on the target mounting path by utilizing the U disk authority, and U disk coil control can be carried out to improve safety.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flow chart of a method for controlling a U-coil according to the present application;
FIG. 2 is a flow chart of a specific U-coil control method provided by the present application;
fig. 3 is a schematic diagram of a U-coil control structure provided in the present application;
FIG. 4 is a schematic diagram of a unique identifier generation process provided in the present application;
FIG. 5 is a schematic diagram of a U-coil control process provided herein;
fig. 6 is a schematic structural diagram of a U-coil control device provided in the present application;
fig. 7 is a block diagram of an electronic device provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
At present, when the USB flash disk with the virus is inserted into a linux server or a PC, the virus can be infected to corresponding equipment, data leakage is caused to the light, and downtime of the server is caused to the heavy.
In order to overcome the problems, the application provides a U disk management and control scheme, and U disk management and control can be well done to improve safety.
Referring to fig. 1, an embodiment of the present application discloses a U-coil pipe control method, including:
step S11: when a USB flash disk is inserted, determining a unique identifier of the USB flash disk, acquiring mounting information and target information which correspond to the USB flash disk currently, and then determining the current USB flash disk authority corresponding to the unique identifier; the target information comprises an initial path of the USB flash disk.
In the embodiment of the application, mount information and target information corresponding to the current usb disk are obtained, where the target information includes, but is not limited to, a drive letter of the usb disk, and is not specifically limited herein, and in addition, the target information includes an initial path of the usb disk. In a specific embodiment, a secondary file block under the system/bus/sci/devices is read, a disk of the usb, i.e. dev/sdx, is identified, and the current corresponding target information of the usb disk is obtained. It should be noted that the mounting information and the target information corresponding to different times of the usb disk are the same or different.
In the embodiment of the application, mounting information of all disks in equipment into which a USB flash disk is inserted is firstly obtained, and then the mounting information of the USB flash disk is obtained from all the mounting information;
in the embodiment of the application, when the U disk is inserted, whether the unique identifier exists in the main guide record of the U disk is detected; if the unique identifier does not exist in the main guide record of the U disk, setting the unique identifier for the U disk according to a preset identifier setting rule; and if the unique identifier exists in the main guide record of the U disk, directly determining the unique identifier of the U disk. It should be noted that the unique identifier of the usb flash disk is stored in the master boot record of the usb flash disk, so that when the usb flash disk is inserted into the device, the device obtains the unique identifier from the master boot record. It should be noted that the master boot record (mbr) is a series of parameters including the hard disk and a piece of master boot program, i.e. a piece of boot code located at the forefront of the disk.
In the embodiment of the application, after the unique identifier of the U disk is determined, and the mount information corresponding to the U disk at present and the target information including the initial path of the U disk are obtained, the user basic information corresponding to the U disk needs to be obtained to complete user registration. It should be noted that the basic user information includes, but is not limited to, a user of the usb disk and a contact information of the user, and a field may also be added according to a requirement of the user, which is not specifically limited herein.
It should be noted that, after the usb disk is registered for the first time, the usb disk is inserted again, and the basic information of the user can be modified, added, and deleted.
In the embodiment of the application, the unique identifier and the USB flash disk permission of the USB flash disk have a corresponding relation, so that when the current USB flash disk permission corresponding to the unique identifier is determined, if the unique identifier has the corresponding USB flash disk permission, the unique identifier can have the corresponding USB flash disk permission as the current USB flash disk permission, a new USB flash disk permission can be obtained again as the current USB flash disk permission, and if the unique identifier has each corresponding USB flash disk permission, the new USB flash disk permission is directly obtained as the current USB flash disk permission.
In the embodiment of the application, the steps of determining the unique identifier of the U disk and acquiring the mounting information and the target information which correspond to the U disk at present are finished by a monitoring end; the step of user registration is completed by a registration end; and the step of determining the current U disk authority corresponding to the unique identifier is completed by a management center.
In the embodiment of the application, the target information can be displayed in the management center so as to perform visual processing on the target information of the USB flash disk, and the unified management of the USB flash disk is realized; in addition, the U disk authority corresponds to the unique identifier, but is stored in the U disk sector, so that the front line of the U disk can be changed.
Step S12: and generating a U disk mounting path based on the mounting information and the U disk initial path.
In the embodiment of the application, a USB flash disk mounting path is generated based on the mounting information and the USB flash disk initial path; for example, dev/sdx is mounted to media/usb 1.
Step S13: and determining a target mounting path matched with the U disk mounting path in the preset mounting paths respectively corresponding to the execution operation of all processes and the preset operation of all files.
In the embodiment of the application, first, preset mount paths corresponding to all process execution operations and preset operations of all files are hijacked through a kernel state based on a selinux (Security-Enhanced Linux) framework, and a target mount path matched with the U disk mount path is determined from the preset paths.
Note that SELinux is an expansion mandatory access control Security module for Linux developed by The National Security Agency (NSA, The National Security Agency) and SCC (Security Computing Corporation). Originally developed on Fluke, released as GNU GPL in 2000. SELinux is a domain-type model (domain-type) based mandatory Access Control (MAC, Media Access Control layer) security system, which is written and designed such that a kernel module is included in a kernel, and some corresponding security-related applications are patched by SELinux, and finally, a corresponding security policy. SELinux is a Mandatory Access Control (MAC) system provided in the Linux kernel version 2.6.
Step S14: and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission.
In the embodiment of the application, after the mount path is determined, corresponding blocking processing or releasing processing can be performed on the process execution operation corresponding to the target mount path and/or the preset operation of the file according to the current U disk permission.
In the embodiment of the application, after performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mount path and/or the preset operation of the file based on the current U disk permission, a mount log including the target mount path corresponding to the blocking processing needs to be generated, and the target mount path is converted into a target U disk path to acquire and display the U disk log; it should be noted that the management center can display the usb disk log again, so as to realize visualization of events that are not controlled by the usb disk authority, and facilitate tracing.
In the embodiment of the present application, the present application is applicable to linux, and a linux system call table (sys _ call _ table) refers to all operating systems having some built-in functions in their kernels, and these functions can be used to complete some system-level functions. Such a function is used by the Linux system.
Therefore, when a USB flash disk is inserted, the unique identification of the USB flash disk is determined, the mounting information and the target information which correspond to the USB flash disk at present are obtained, and then the current USB flash disk permission corresponding to the unique identification is determined; the target information comprises a U disk initial path; generating a U disk mounting path based on the mounting information and the U disk initial path; determining target mounting paths matched with the U disk mounting paths in preset mounting paths respectively corresponding to all process execution operations and all file preset operations; and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission. Therefore, the USB flash disk is identified by the unique identification mark, and the USB flash disk permission is associated with the unique identification mark, so that the USB flash disk permission is obtained through the unique identification mark, and convenience and rapidness are realized; the USB flash disk access control method and the USB flash disk access control device can set the USB flash disk access, are favorable for improving safety, and prevent viruses from infecting equipment inserted into the USB flash disk; according to the method and the device, the mounting information and the initial path of the U disk are used for generating the mounting path of the U disk, the authority of the U disk is used for correspondingly preventing or releasing the target mounting path, and U disk coil control can be well performed so as to improve safety; in addition, the U disk information is visualized, and the U disk can be managed uniformly; the method and the device realize visualization of the USB flash disk logs related to the blocking processing, and are convenient for tracing the blocking processing; the U disk permission is not written into the U disk sector, and the U disk permission is conveniently changed.
Referring to fig. 2, an embodiment of the present application discloses a specific U-coil control method, which includes:
step S21: when a U disk is inserted, determining a unique identifier of the U disk, and acquiring mounting information and target information which correspond to the U disk at present; the target information comprises a U disk initial path.
In the embodiment of the application, management and control of the U disk authority need to be accurate to a specific U disk, authority control of different U disks is different, and at the moment, how to identify the unique U disk is related, so that the unique identifier is set for the U disk, and the unique identifier is stored in the main guide record of the U disk.
In the embodiment of the application, a linux kernel hook frame based on linux realizes management and control of a U disk by controlling the read, write and file execution permission of a kernel file system; a USB flash drive (USB flash drive) is a micro high-capacity mobile storage product without a physical drive and using a USB (Universal Serial Bus) interface, and is mainly used for storing data. The USB plug-and-play device mainly comprises a shell and a machine core, is connected with a computer through a USB interface, realizes plug-and-play, and is very simple and convenient to use and good in safety. The method is mainly applied to storage of personal data, computer repair, system management and carrying of application programs to other computers. A file system is a method and data structure used by an operating system to reference files on a storage device or partition; i.e. a method of organizing files on a storage device. The software mechanism in the operating system that is responsible for managing and storing file information is called a file management system, referred to as a file system for short.
Step S22: acquiring a target USB flash disk permission set for the USB flash disk, and determining the target USB flash disk permission as the current USB flash disk permission corresponding to the unique identifier; or, determining the set USB flash disk authority corresponding to the unique identifier as the current USB flash disk authority.
In the embodiment of the application, when the unique identifier does not have the corresponding set U disk authority, directly acquiring the target U disk authority set for the U disk, and determining the target U disk authority as the current U disk authority corresponding to the unique identifier; when the unique identifier has the corresponding set U disk permission, if the target U disk permission set for the U disk through a management center is obtained, deleting the set U disk permission corresponding to the unique identifier, and then determining the target U disk permission as the current U disk permission corresponding to the unique identifier; and if the target USB flash disk permission set for the USB flash disk through the management center is not acquired, determining the set USB flash disk permission corresponding to the unique identifier as the current USB flash disk permission.
In the embodiment of the application, the U disk authority is set to be read only, forbidden and not subjected to authority control.
Step S23: and generating a U disk mounting path based on the mounting information and the U disk initial path.
In this embodiment, for the specific process of the step S23, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not repeated herein.
Step S24: and determining a target mounting path matched with the U disk mounting path in the preset mounting paths respectively corresponding to the execution operation of all processes and the preset operation of all files.
In this embodiment, as to the specific process of the step S24, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not repeated herein.
Step S25: and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission.
In this embodiment, for the specific process of the step S25, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not repeated herein.
Therefore, when the USB flash disk is inserted, the unique identification of the USB flash disk is determined, and the current mounting information and the target information corresponding to the USB flash disk are obtained; the target information comprises a USB flash disk initial path; acquiring a target USB flash disk authority set for the USB flash disk, and determining the target USB flash disk authority as a current USB flash disk authority corresponding to the unique identifier; or, determining the set U disk authority corresponding to the unique identifier as the current U disk authority; generating a U disk mounting path based on the mounting information and the U disk initial path; determining target mounting paths matched with the U disk mounting paths in preset mounting paths respectively corresponding to all process execution operations and all file preset operations; and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission. Therefore, the U disk is identified by the unique identification mark, and the U disk authority is associated with the unique identification mark, so that the U disk authority is obtained through the unique identification mark, and the method is convenient and quick; the method and the device can set the U disk authority, are favorable for improving the safety and preventing viruses from infecting equipment into which the U disk is inserted; according to the method and the device, the mounting information and the initial path of the USB flash disk are utilized to generate the USB flash disk mounting path, corresponding stopping processing or releasing processing is carried out on the target mounting path by utilizing the USB flash disk authority, and USB flash disk coil control can be well carried out to improve safety.
As shown in fig. 3, a schematic diagram for implementing a U-disc controller includes a management center, a monitoring end, a U-disc registration end, and a kernel state; the management center mainly has the following functions: functions of displaying U disk information, editing and issuing U disk rules (U disk permission), displaying U disk log information and the like; the monitoring end mainly has the following functions: acquiring target information of the USB flash disk, and transmitting registration information of the USB flash disk; rule conversion (converting a U disk path into a mounting path, namely converting a rule comprising the U disk path and a U disk authority into a file authority path rule comprising the mounting path and the U disk authority), and issuing the file authority path rule (mounting information and the U disk authority) to a kernel state; receiving mounting log information used by the kernel-mode USB flash disk, converting the mounting log information into USB flash disk operation log information and sending the USB flash disk operation log information to a management center; the functions of the USB flash disk registration end mainly comprise: the system is responsible for registering basic information (registered user basic information) of the USB flash disk, such as basic information of a user of the USB flash disk, a mobile phone number and the like, and transmitting the registered information to a monitoring end; the kernel mode mainly has the following functions: a selinux frame hijacking process is used for executing an event, a file opening event related to file _ open and a file writing event related to file _ permission, an event path is matched with a mounting path in a configured file path permission rule, different error codes are returned according to different rules, and permission control over a file system, namely the U disk, is achieved; and generating a log of the event which violates the authority rule, and reporting the log to the monitoring end.
As shown in fig. 4, a process for generating a unique identifier includes a first step of obtaining disk mounting information, extracting usb disk mounting information from the disk mounting information, and a second step of reading a secondary file block under the system/bus/sci/devices, and identifying a usb disk, i.e., dev/sdx, that is, target information of the usb disk, including a usb disk path; thirdly, determining a USB flash disk mounting path according to the USB flash disk mounting information and the USB flash disk path, wherein the USB flash disk mounting path is mounted to media/usb1 if dev/sdx; fourthly, randomly surveying a unique identifier corresponding to the USB flash disk, and writing the unique identifier into a master boot directory of the USB flash disk; wherein, the third step and the fourth step are not in sequence.
As shown in fig. 5, a schematic diagram of a U-coil control process is shown; firstly, when installing software, a kernel-mode program needs to be installed, namely, initialization is carried out, and after initialization, a kernel (kernel mode) hijacks all process execution operations and preset operations of all files on the basis of a selinux framework in real time to respectively correspond to preset mounting paths; then, in the first step, the monitoring end identifies the information of the U disk when the U disk is inserted in the step 1), and writes the unique identification mark, if the U disk has written the unique identification mark, the U disk is not processed; secondly, transmitting the information of the U disk to a registration end, wherein the information of the U disk comprises information of a disk identifier, mounting and the like of the U disk; thirdly, registering basic information of the user at a registration end, wherein information such as the user, contact information and the like of the USB flash disk can be written in the basic information, and fields can be added according to the self requirements of the user; fourthly, sending the registration information to a management center; fifthly, the management center sets different U disk authorities for different U disks; sixthly, issuing the U disk permission to a monitoring end; seventhly, acquiring a U disk mounting path based on the U disk mounting information and the U disk path, forming a file authority path rule by the U disk mounting path and the U disk authority, and operating the authority under the mounting path, namely operating the authority on the U disk; eighthly, issuing the file authority path rule to a kernel state; ninth, when the kernel hijacks the reading and writing of the file and the execution of the process based on the selinux framework, whether the path of the file event and the path of the executable program are matched with the path of the U disk rule or not is judged, if the paths are matched, different results are returned, and then the authority control of the U disk is achieved; tenth step, sending the mount log formed by the read-write operation of the blocked file and the execution operation of the process to the monitoring end; step eleven, converting the mounting log into a USB flash disk log; and step two, sending the USB flash disk log to a management center for displaying.
It should be noted that in the U-disk management process, different U-disks may need different permissions, so in the first step, a unique identifier is set for different U-disks, and then the unique identifier is written into the mbr of the U-disk, so that one U-disk can be uniquely identified; the U disk has the unique identification, once the U disk is inserted into the equipment, the monitoring end sends the U disk information to the management center, and the management center issues different authorities to different U disks; after the monitoring end takes the authority issued by the USB flash disk, converting the USB flash disk path into a mounting path, and forming a file authority path rule by the USB flash disk authority and the mounting path, wherein the conversion mode depends on the mounting information of the USB flash disk, and then issuing the file authority path rule to a kernel state; the kernel mode performs different processing on the reading and writing of the file and the execution of the process based on the selinux framework according to different file permission path rules, and then achieves the result of U disk permission management and control. Note that, writing an identifier into the usb disk track guide record is used to identify the uniqueness of the usb disk; acquiring an actual working path (mounting path) of the U disk in a file system according to the mounting information of the U disk; using selinux framework to hijack read and write operations and execution operations of processes in the file system; collecting and managing the U disk assets, and modifying the U disk control authority in real time; the method and the device can not rewrite the sector of the disk, can flexibly update the rule of the USB flash disk, and can report the log in use of the USB flash disk in real time for visual management.
Referring to fig. 6, an embodiment of the present application discloses a U-coil control device, including:
the USB flash disk permission determining module 11 is configured to determine, when a USB flash disk is inserted, a unique identifier of the USB flash disk, acquire mount information and target information currently corresponding to the USB flash disk, and then determine a current USB flash disk permission corresponding to the unique identifier; the target information comprises a U disk initial path;
a U-disk mounting path generating module 12, configured to generate a U-disk mounting path based on the mounting information and the U-disk initial path;
a target mounting path determining module 13, configured to determine a target mounting path that matches the usb disk mounting path in preset mounting paths corresponding to all the process execution operations and the preset operations of all the files, respectively;
a processing module 14, configured to perform corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mount path and/or the preset operation of the file based on the current usb disk permission;
in some embodiments, the usb flash disk permission determining module includes:
the detection unit is used for detecting whether the main guide record of the U disk has the unique identifier or not when the U disk is inserted;
and the unique identifier setting unit is used for setting the unique identifier for the USB flash disk according to a preset identifier setting rule if the unique identifier does not exist in the main guide record of the USB flash disk.
For more specific working processes of the modules, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not repeated here.
Therefore, when a USB flash disk is inserted, the unique identification of the USB flash disk is determined, the mounting information and the target information which correspond to the USB flash disk at present are obtained, and then the current USB flash disk permission corresponding to the unique identification is determined; the target information comprises a USB flash disk initial path; generating a U disk mounting path based on the mounting information and the U disk initial path; determining a target mounting path matched with the USB flash disk mounting path in preset mounting paths respectively corresponding to all process execution operations and preset operations of all files; and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission. Therefore, the USB flash disk is identified by the unique identification mark, and the USB flash disk permission is associated with the unique identification mark, so that the USB flash disk permission is obtained through the unique identification mark, and convenience and rapidness are realized; the USB flash disk access control method and the USB flash disk access control device can set the USB flash disk access, are favorable for improving safety, and prevent viruses from infecting equipment inserted into the USB flash disk; according to the method and the device, the mounting information and the initial path of the USB flash disk are utilized to generate the USB flash disk mounting path, corresponding stopping processing or releasing processing is carried out on the target mounting path by utilizing the USB flash disk authority, and USB flash disk coil control can be well carried out to improve safety.
Further, an electronic device is provided in the embodiments of the present application, and fig. 7 is a block diagram of an electronic device 20 according to an exemplary embodiment, which should not be construed as limiting the scope of the application.
Fig. 7 is a schematic structural diagram of an electronic device 20 according to an embodiment of the present disclosure. The electronic device 20 may specifically include: at least one processor 21, at least one memory 22, a power supply 23, an input output interface 24, a communication interface 25, and a communication bus 26. Wherein the memory 22 is used for storing a computer program, and the computer program is loaded and executed by the processor 21 to implement the relevant steps of the U-coil control method disclosed in any of the foregoing embodiments.
In this embodiment, the power supply 23 is configured to provide a working voltage for each hardware device on the electronic device 20; the communication interface 25 can create a data transmission channel between the electronic device 20 and an external device, and the communication protocol followed by the communication interface is any communication protocol that can be applied to the technical solution of the present application, and is not specifically limited herein; the input/output interface 24 is configured to acquire external input data or output data to the outside, and a specific interface type thereof may be selected according to specific application requirements, which is not specifically limited herein.
In addition, the storage 22 is used as a carrier for resource storage, and may be a read-only memory, a random access memory, a magnetic disk or an optical disk, etc., the storage 22 is used as a non-volatile storage that may include a random access memory as an operating memory and a storage purpose for an external memory, and the storage resources on the storage include an operating system 221, a computer program 222, etc., and the storage manner may be a transient storage or a permanent storage.
The operating system 221 is used for managing and controlling each hardware device and the computer program 222 on the electronic device 20 on the source host, and the operating system 221 may be Windows, Unix, Linux, or the like. The computer program 222 may further include a computer program that can be used to perform other specific tasks in addition to the computer program that can be used to perform the U-coil control method performed by the electronic device 20 disclosed in any of the foregoing embodiments.
In this embodiment, the input/output interface 24 may specifically include, but is not limited to, a USB interface, a hard disk reading interface, a serial interface, a voice input interface, a fingerprint input interface, and the like.
Further, the embodiment of the application also discloses a computer readable storage medium for storing a computer program; wherein the computer program when executed by a processor implements the U-coil control method disclosed above.
For the specific steps of the method, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not repeated here.
The computer-readable storage medium includes a Random Access Memory (RAM), a Memory, a Read-Only Memory (ROM), an electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a magnetic or optical disk, or any other form of storage medium known in the art. Wherein the computer program when executed by a processor implements the aforementioned U-coil tubing control method. For the specific steps of the method, reference may be made to the corresponding contents disclosed in the foregoing embodiments, which are not described herein again.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. For the device disclosed in the embodiment, since it corresponds to the U-coil control method disclosed in the embodiment, the description is simple, and the relevant points can be referred to the description of the method part.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of an algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The U-coil control method, apparatus, device and medium provided by the present invention are described in detail above, and specific examples are applied herein to explain the principle and the implementation of the present invention, and the description of the above embodiments is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A U-coil control method is characterized by comprising the following steps:
when a U disk is inserted, determining a unique identifier of the U disk, acquiring mounting information and target information which correspond to the U disk at present, and then determining the authority of the U disk at present which corresponds to the unique identifier; the target information comprises a USB flash disk initial path;
generating a USB flash disk mounting path based on the mounting information and the USB flash disk initial path;
determining target mounting paths matched with the U disk mounting paths in preset mounting paths respectively corresponding to all process execution operations and all file preset operations;
and performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current U disk permission.
2. The method for controlling a USB flash disk according to claim 1, wherein determining the unique ID of the USB flash disk when the USB flash disk is inserted comprises:
when a U disk is inserted, detecting whether a unique identifier exists in a main guide record of the U disk;
and if the unique identifier does not exist in the main guide record of the U disk, setting the unique identifier for the U disk according to a preset identifier setting rule.
3. The USB flash disk management method according to claim 1, wherein the determining the current USB flash disk right corresponding to the unique identifier comprises:
acquiring a target USB flash disk authority set for the USB flash disk, and determining the target USB flash disk authority as a current USB flash disk authority corresponding to the unique identifier;
or, determining the set USB flash disk authority corresponding to the unique identifier as the current USB flash disk authority.
4. The method for controlling the U-disk according to claim 1, wherein the obtaining of the target U-disk permission set for the U-disk and the determining of the target U-disk permission as the current U-disk permission corresponding to the unique identifier include:
and acquiring a target USB flash disk authority set for the USB flash disk, deleting the set USB flash disk authority corresponding to the unique identifier, and determining the target USB flash disk authority as the current USB flash disk authority corresponding to the unique identifier.
5. The method according to claim 1, wherein after determining the unique identifier of the usb flash disk and acquiring the current mounting information corresponding to the usb flash disk and the target information including an initial path of the usb flash disk, the method further includes:
and acquiring the user basic information corresponding to the USB flash disk to complete user registration.
6. The USB flash disk management method according to any one of claims 1 to 5, wherein after performing the corresponding blocking or releasing process on the process execution operation corresponding to the target mount path and/or the preset operation of the file based on the current USB flash disk permission, the USB flash disk management method further comprises:
and generating a mounting log which comprises the target mounting path and corresponds to the stopping processing, and converting the target mounting path into a target U disk path to obtain and display the U disk log.
7. A U coil accuse device, its characterized in that includes:
the USB flash disk permission determining module is used for determining a unique identifier of the USB flash disk when the USB flash disk is inserted, acquiring mounting information and target information which correspond to the USB flash disk at present, and then determining the current USB flash disk permission which corresponds to the unique identifier; the target information comprises a USB flash disk initial path;
the USB flash disk mounting path generating module is used for generating a USB flash disk mounting path based on the mounting information and the USB flash disk initial path;
the target mounting path determining module is used for determining a target mounting path which is matched with the USB flash disk mounting path in preset mounting paths respectively corresponding to all the process execution operations and the preset operations of all the files;
and the processing module is used for performing corresponding blocking processing or releasing processing on the process execution operation corresponding to the target mounting path and/or the preset operation of the file based on the current USB flash disk permission.
8. The USB flash disk drive control device according to claim 7, wherein the USB flash disk permission determination module comprises:
the detection unit is used for detecting whether the main guide record of the U disk has the unique identifier or not when the U disk is inserted;
and the unique identifier setting unit is used for setting the unique identifier for the USB flash disk according to a preset identifier setting rule if the unique identifier does not exist in the main guide record of the USB flash disk.
9. An electronic device comprising a processor and a memory; wherein the processor, when executing the computer program stored in the memory, implements the U-coil control method of any of claims 1 to 6.
10. A computer-readable storage medium for storing a computer program; wherein the computer program when executed by a processor implements the U-coil control method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210706567.5A CN114925344A (en) | 2022-06-21 | 2022-06-21 | U-coil control method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210706567.5A CN114925344A (en) | 2022-06-21 | 2022-06-21 | U-coil control method, device, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114925344A true CN114925344A (en) | 2022-08-19 |
Family
ID=82815255
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210706567.5A Pending CN114925344A (en) | 2022-06-21 | 2022-06-21 | U-coil control method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114925344A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117827768A (en) * | 2024-03-05 | 2024-04-05 | 国网江西省电力有限公司电力科学研究院 | USB flash disk file resource management method and system based on FTP |
-
2022
- 2022-06-21 CN CN202210706567.5A patent/CN114925344A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117827768A (en) * | 2024-03-05 | 2024-04-05 | 国网江西省电力有限公司电力科学研究院 | USB flash disk file resource management method and system based on FTP |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7386609B2 (en) | Method, system, and program for managing devices in a network | |
| CN105938448B (en) | Method and apparatus for data duplication | |
| CN103412769B (en) | External card parameter configuration, equipment and system | |
| CN101393525B (en) | Systems and methods for patching computer programs | |
| AU2018223809B2 (en) | Systems and methods for role-based computer security configurations | |
| RU2693188C1 (en) | Control method and unit for portable storage devices and storage medium | |
| CN109614203B (en) | Android application cloud data evidence obtaining and analyzing system and method based on application data simulation | |
| CN109783346B (en) | Keyword-driven automatic testing method and device and terminal equipment | |
| CN103020522A (en) | System and method for correcting antivirus records to minimize false malware detection | |
| JP2009510563A (en) | Method and system for managing and organizing installation of software packages | |
| CN112558946A (en) | Method, device and equipment for generating code and computer readable storage medium | |
| CN109815697B (en) | Method and device for processing false alarm behavior | |
| US20180034780A1 (en) | Generation of asset data used in creating testing events | |
| WO2015164576A1 (en) | Method for completing a secure erase operation | |
| WO2021247913A1 (en) | Dynamic, runtime application programming interface parameter labeling, flow parameter tracking and security policy enforcement | |
| CN114925344A (en) | U-coil control method, device, equipment and medium | |
| EP3682332A1 (en) | Method and apparatus for erasing or writing flash data | |
| CN105760761A (en) | Software behavior analyzing method and device | |
| US9557918B2 (en) | Storage device data overlay tracking and prevention | |
| CN106970865B (en) | Monitoring and management of software as a service in a micro-cloud environment | |
| KR101954421B1 (en) | Method for preventing real-time alteration of the data in WORM storage device based on hard disk or SSD | |
| CN112818331A (en) | Adb tool encryption control method, device, equipment and storage medium | |
| CN110427747B (en) | Identity authentication method and device supporting service security mark | |
| CN109725856B (en) | Shared node management method and device, electronic equipment and storage medium | |
| US11681798B2 (en) | Security screening of a universal serial bus device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |