CN115659430A - USB port data protection method and system - Google Patents
USB port data protection method and system Download PDFInfo
- Publication number
- CN115659430A CN115659430A CN202211196123.8A CN202211196123A CN115659430A CN 115659430 A CN115659430 A CN 115659430A CN 202211196123 A CN202211196123 A CN 202211196123A CN 115659430 A CN115659430 A CN 115659430A
- Authority
- CN
- China
- Prior art keywords
- usb port
- usb
- mouse
- bios
- keyboard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method and a system for protecting USB port data, which relate to the technical field of USB port safety protection and are characterized in that USB port equipment removal information is obtained; judging whether the USB port device removal information is USB keyboard and mouse equipment or not; if yes, informing the BIOS; sending a command notification to the EC through the BIOS; and the EC is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port. The USB keyboard and mouse device protection method has the advantages that the USB port is protected under the operating system, only USB keyboard and mouse devices are allowed to be used, other USB storage devices cannot be used, data cannot be transferred through the USB port, and the technical problem that internal information of a computer is leaked due to the fact that external equipment of the USB port changes after the data enters the operating system is solved. The technical effects that data in the computer cannot be transferred through the USB port, information safety is guaranteed, and meanwhile the use requirements of users are met are achieved.
Description
Technical Field
The invention relates to the technical field of USB port safety protection, in particular to a USB port data protection method and a USB port data protection system.
Background
USB is an abbreviation of Universal Serial Bus (Universal Serial Bus), is an external Bus standard, is used to standardize the connection and communication between computers and external devices, and is an interface technology applied in the field of PCs. USB may be used to plug in keyboard mouse devices, storage devices, etc. In order to protect the data security of a user in the using process and avoid stealing data through a storage device by using a USB port, in the prior art, when the computer is started, a BIOS scans a USB key mouse device to be inserted into which USB port, and then informs an EC (embedded controller) to cut off signal connection of the port of the inserted non-USB key mouse device, so that the function of forbidding the USB port is achieved, and the USB key mouse can be used. However, this method has a potential safety hazard, and after the operating system is entered, if the USB keyboard or mouse is removed, the corresponding USB port can still be used, and when the USB storage device is inserted again, the problem of information leakage occurs.
Disclosure of Invention
In view of the above technical problems, the present application provides a method and a system for protecting data of a USB port, so as to solve the technical problem that internal information of a computer is leaked due to a change of an external device of the USB port after an operating system is entered.
In view of the above, the present application provides a USB port data protection method and system.
In a first aspect, the present application provides a method for protecting data of a USB port, where the method includes: obtaining USB port device removal information; judging whether the USB port device removal information is USB keyboard and mouse equipment or not; when the device is the USB keyboard mouse device, informing a basic input/output system (BIOS); sending a command notification to the EC via the BIOS; and the EC is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port.
Preferably, the obtaining USB port device removal information includes: detecting the use state of the USB port equipment through the drive of an ACPI system; judging whether the USB port equipment is removed or not; when the USB port device removal occurs, obtaining the USB port device removal information.
Preferably, the method comprises: and sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
In a second aspect, the present application provides a USB port data protection system, the system comprising: a removal information obtaining unit for obtaining USB port device removal information; the judging unit is used for judging whether the USB port equipment removal information is USB keyboard and mouse equipment or not; a first notification unit, configured to notify a basic input output system BIOS when the USB keyboard and mouse device is used; a second notification unit, configured to send a command notification to the EC through the BIOS; and the signal cutting unit is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port by utilizing EC.
Preferably, the removal information obtaining unit includes: the detection unit is used for detecting the use state of the USB port equipment through the ACPI system drive; a device removal judgment unit for judging whether a USB port device is removed; an information obtaining unit, configured to obtain USB port device removal information when USB port device removal occurs.
Preferably, the second notification unit includes: and the notification execution unit is used for sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
In a third aspect, the present application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method of the first aspect when executing the program.
In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of the first aspect.
One or more technical solutions provided in the present application have at least the following technical effects or advantages:
removing information by obtaining USB port equipment; judging whether the USB port device removal information is USB keyboard and mouse equipment or not; when the USB keyboard mouse equipment is used, informing a Basic Input and Output System (BIOS); sending a command notification to the EC via the BIOS; and the EC is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port. The USB keyboard and mouse protection device has the advantages that the USB keyboard and mouse device is only allowed to be used by the USB port under the operation system, other USB storage devices cannot be used, it is ensured that data cannot be transferred through the USB port, the USB port security loophole when the USB storage device is inserted after a USB keyboard or a mouse is pulled out under the operation system is overcome, the data in the computer cannot be transferred through the USB port in the use scene of the computer with high security requirement is achieved, and the technical effect that the use requirement of a user is met while information security is ensured is achieved. The technical problem that after the computer enters an operating system, internal information of the computer is leaked due to the change of the USB port external equipment is solved.
The above description is only an overview of the technical solutions of the present application, and the present application may be implemented in accordance with the content of the description so as to make the technical means of the present application more clearly understood, and the detailed description of the present application will be given below in order to make the above and other objects, features, and advantages of the present application more clearly understood.
Drawings
In order to more clearly illustrate the technical solutions in the present application or the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only exemplary, and for those skilled in the art, other drawings can be obtained according to the provided drawings without inventive effort.
Fig. 1 is a schematic flowchart of a method for protecting data of a USB port according to an embodiment of the present disclosure;
FIG. 2 is a schematic flow chart illustrating obtaining USB port device removal information according to an embodiment of the present application;
FIG. 3 is a schematic flowchart illustrating an overall scheme of a USB port data protection method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a USB port data protection system according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The application provides a method and a system for protecting data of a USB port, and solves the technical problem that internal information of a computer is leaked due to the change of external equipment of the USB port after an operating system is accessed.
According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
In the following, the technical solutions in the present application will be clearly and completely described with reference to the accompanying drawings, and it is to be understood that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments of the present application, and it is to be understood that the present application is not limited by the example embodiments described herein. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without making any creative effort belong to the protection scope of the present application. It should be further noted that, for the convenience of description, only some but not all of the relevant portions of the present application are shown in the drawings.
Example one
Fig. 1 is a schematic structural diagram of a USB port data protection method according to an embodiment of the present application, and as shown in fig. 1, the wireless bluetooth keyboard data transmission device includes:
s10, obtaining USB port equipment removal information;
further, as shown in FIG. 2, the step S10 of obtaining the USB port device removal information includes: s101, detecting the use state of the USB port equipment through the ACPI system drive; step S102, judging whether a USB port device is removed; and S103, when the USB port equipment is removed, obtaining the USB port equipment removal information.
Specifically, the ACPI system driver, i.e., the advanced configuration and power interface system driver, may detect a device status and a device type of the USB port, detect the device status of the USB port using the ACPI system driver, and obtain USB port device removal information when it is detected that the USB port device is removed.
Step S20, judging whether the USB port equipment removal information is USB keyboard and mouse equipment or not;
step S30, when the USB keyboard mouse device is used, a basic input/output system BIOS is informed;
specifically, the ACPI system driver determines whether the removed device is a USB keyboard and mouse device, and if the removed device is a USB keyboard and mouse device, the ACPI system driver obtains information about the removal of the keyboard and mouse device and notifies the information to the BIOS. The BIOS is an abbreviation of the English Basic Input Output System, the name of Chinese after translation is the Basic Input Output System, and the BIOS is a standard firmware interface in the industry on an IBM PC compatible System. It is a set of programs solidified on a ROM chip on the internal mainboard of computer, it stores the most important basic input and output program of computer, self-checking program after starting up and system self-starting program, it can read and write the specific information set by system from CMOS.
S40, sending a command notice to the EC through the BIOS;
further, the method comprises: and sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
And S50, cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port by utilizing EC.
Specifically, the BIOS is notified through the UEFI Runtime Service function of the BIOS, and the BIOS sends a command to notify to the EC, wherein the EC refers to the Embedded Controller. The method is mainly applied to mobile computer systems and embedded computer systems, and provides system management functions for the computers. The EC has the main functions of controlling the power-on time sequence of a computer mainboard, managing the charging and discharging of a battery, providing conventional IO functions such as a keyboard matrix interface, an intelligent fan interface, a serial port, a GPIO (general purpose input/output), a PS/2 interface and the like, and also has a SPI interface which can be connected with a Flash ROM (mainboard BIOS) and other SPI equipment. The EC controls the signal connection state of the USB port, and after receiving the notification sent by the BIOS, the EC cuts off the signal connection of the USB port, thereby ensuring that the port cannot be used and achieving the purpose of protecting information safety. The USB port protection method has the advantages that the USB port is protected to only allow the USB keyboard and mouse equipment to be used under the operating system, after the USB keyboard and mouse equipment is removed, the USB port cuts off signals, other USB storage equipment cannot be used, it is ensured that data cannot be transferred through the USB port, the USB port security loophole when the USB storage equipment is inserted after the USB keyboard or the mouse is pulled out under the operating system is overcome, the purpose that in a computer use scene with high confidentiality requirements, the data in the computer cannot be transferred through the USB port is protected, and the technical effect that the use requirements of users are met while the information security is ensured is achieved. The technical problem that after the computer enters an operating system, internal information of the computer is leaked due to the change of the USB port external equipment is solved.
As shown in fig. 3, for the overall flow framework of the USB port data protection method provided in the present application, the ACPI system driver under the operating system detects whether a device is removed, and the ACPI system driver can obtain the state information of the plug-and-play device. When the USB equipment is removed, judging whether the USB equipment is USB keyboard and mouse (keyboard and mouse) equipment, if not, finishing, if so, notifying the BIOS, and then notifying the BIOS through the UEFI Runtime Service function of the BIOS; the BIOS sends a command to inform the EC; and the EC closes the signal connection of the corresponding USB interface to ensure that the port cannot be used and the operation is finished, thereby achieving the purpose of protecting the information safety.
In summary, the embodiment of the present application has the following beneficial effects:
when the plug-and-play device is removed of a USB keyboard or a mouse, the ACPI system driver informs the BIOS through the UEFI Runtime Service function of the BIOS, the BIOS sends a command to inform the EC, and the EC cuts off the signal connection of the USB port so that the port cannot be used. The security loophole is overcome when the USB storage device is inserted after the USB keyboard or the mouse is pulled out under the operating system, the technical effects that in a computer use scene with high security requirements, data in the computer cannot be transferred through the USB port, and the use requirements of users are met while information security is ensured are achieved.
Example two
Based on the same inventive concept as the USB port data protection method in the foregoing embodiment, as shown in fig. 4, the present application further provides a USB port data protection system, where the system includes:
a removal information obtaining unit for obtaining USB port device removal information;
the judging unit is used for judging whether the USB port equipment removing information is USB keyboard and mouse equipment;
a first notification unit, configured to notify a basic input output system BIOS when the USB keyboard and mouse device is used;
a second notification unit for sending a command notification to the EC through the BIOS;
and the signal cutting unit is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port by utilizing EC.
Further, the removal information obtaining unit includes:
the detection unit is used for detecting the use state of the USB port equipment through the ACPI system drive;
a removal device judgment unit for judging whether a USB port device is removed;
an information obtaining unit, configured to obtain USB port device removal information when USB port device removal occurs.
Further, the second notification unit includes:
and the notification execution unit is used for sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
A specific example of the USB port data protection method in the first embodiment is also applicable to the USB port data protection system in the present embodiment, and a person skilled in the art can clearly know the USB port data protection system in the present embodiment through the foregoing detailed description of the USB port data protection method, so for the brevity of the description, detailed description is omitted here. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
EXAMPLE III
Based on the same inventive concept as the USB port data protection method in the foregoing embodiment, as shown in fig. 5, the present application further provides an electronic device 300, where the electronic device 300 includes a memory 301 and a processor 302, the memory 301 stores a computer program, and the computer program implements the steps of the method in the embodiment when executed by the processor 302.
The electronic device 300 includes: processor 302, communication interface 303, memory 301. Optionally, the electronic device 300 may also include a bus architecture 304. Wherein, the communication interface 303, the processor 302 and the memory 301 may be connected to each other through a bus architecture 304; the bus architecture 304 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus architecture 304 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 5, but that does not indicate only one bus or one type of bus.
The memory 301 may be, but is not limited to, a ROM or other type of static storage device that can store static information and instructions, a RAM or other type of dynamic storage device that can store information and instructions, an Electrically Erasable Programmable Read Only Memory (EEPROM), a compact disc read only memory (CD ROM) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory may be self-contained and coupled to the processor through a bus architecture 304. The memory may also be integral to the processor.
The memory 301 is used for storing computer-executable instructions for implementing the present application, and is controlled by the processor 302 to execute. The processor 302 is used for executing the computer-executable instructions stored in the memory 301, thereby implementing the steps of the method in the first embodiment of the present application.
Example four
The embodiment of the present application provides a computer-readable storage medium, where a computer program is stored on the storage medium, and when the computer program is executed by a processor, the steps of the USB port data protection method in the first embodiment are implemented.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (8)
1. A method for protecting data on a USB port, the method comprising:
obtaining USB port device removal information;
judging whether the USB port device removal information is USB keyboard and mouse equipment or not;
when the device is the USB keyboard mouse device, informing a basic input/output system (BIOS);
sending a command notification to the EC through the BIOS;
and the EC is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port.
2. The USB port data protection method of claim 1, wherein the obtaining USB port device removal information comprises:
detecting the use state of the USB port equipment through the ACPI system drive;
judging whether the USB port equipment is removed or not;
when the USB port device removal occurs, obtaining the USB port device removal information.
3. The USB port data protection method of claim 1, wherein the method comprises:
and sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
4. A USB port data protection system, the system comprising:
a removal information obtaining unit for obtaining USB port device removal information;
the judging unit is used for judging whether the USB port equipment removing information is USB keyboard and mouse equipment;
a first notification unit, configured to notify a basic input output system BIOS when the USB keyboard and mouse device is used;
a second notification unit, configured to send a command notification to the EC through the BIOS;
and the signal cutting unit is used for cutting off the signal connection of the USB keyboard and mouse equipment corresponding to the USB port by utilizing EC.
5. The USB port data protection system according to claim 4, wherein the removal information obtaining unit includes:
the detection unit is used for detecting the use state of the USB port equipment through the ACPI system drive;
a device removal judgment unit for judging whether a USB port device is removed;
an information obtaining unit, configured to obtain USB port device removal information when USB port device removal occurs.
6. The USB port data protection system of claim 4, wherein the second notification unit comprises:
and the notification execution unit is used for sending keyboard and mouse removal information to the BIOS through the UEFI service function of the BIOS.
7. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1-3 are implemented when the processor executes the program.
8. A computer-readable storage medium, characterized in that the storage medium has stored thereon a computer program which, when being executed by a processor, carries out the method of any one of claims 1-3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211196123.8A CN115659430A (en) | 2022-09-29 | 2022-09-29 | USB port data protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211196123.8A CN115659430A (en) | 2022-09-29 | 2022-09-29 | USB port data protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115659430A true CN115659430A (en) | 2023-01-31 |
Family
ID=84985337
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211196123.8A Pending CN115659430A (en) | 2022-09-29 | 2022-09-29 | USB port data protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115659430A (en) |
-
2022
- 2022-09-29 CN CN202211196123.8A patent/CN115659430A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108427649B (en) | Access management method, terminal device, system and storage medium of USB interface | |
| KR101408524B1 (en) | System and method for sharing atrusted platform module | |
| CN110472421B (en) | Mainboard and firmware safety detection method and terminal equipment | |
| US10869176B1 (en) | Near field communication (NFC) enhanced computing systems | |
| KR20100138776A (en) | Information processing apparatus and control method thereof | |
| TW201133269A (en) | Setting method of power lock-up and electronic apparatus thereof | |
| US10212272B1 (en) | Near field communication enhanced computing systems | |
| CN115659430A (en) | USB port data protection method and system | |
| CN110609713A (en) | Implementation method for controlling battery to enter transportation power saving mode and electronic device | |
| WO2020113562A1 (en) | Computing power control method, apparatus and device, and storage medium | |
| US7093142B2 (en) | Method, apparatus and program for user-determined operational state of a portable computer prior to detachment | |
| JP2016197360A (en) | Information processing device, control program of information processing device, and method for controlling information processing device | |
| CN111610995B (en) | Device firmware upgrading method and device, electronic device and storage medium | |
| US6550007B1 (en) | BIOS-level floppy boot-sector virus prevention | |
| CN109491947B (en) | Method and related device for sending heat removal information of PCIE (peripheral component interface express) external card | |
| CN113868080A (en) | Expiration alarm method, device and medium for security certificate | |
| CN112463228A (en) | Storage pool hybrid deployment method and device | |
| CN109739564B (en) | Electronic equipment and control method | |
| CN105787343A (en) | Method, device and electronic equipment for external equipment certification management | |
| CN110626296A (en) | Pre-starting method and system for central control terminal, computer readable storage medium and central control terminal | |
| CN114139168B (en) | TPCM measuring method, device and medium | |
| TW201303603A (en) | Universal Serial Bus control device and initial method thereof | |
| EP3340010B1 (en) | Printing apparatus and method for controlling the same | |
| US20230252151A1 (en) | Anti-virus chip and anti-virus method | |
| CN115525466A (en) | Log reading method, system, device, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |