CN117493029A - USB storage device management method, device, terminal device and storage medium - Google Patents

USB storage device management method, device, terminal device and storage medium Download PDF

Info

Publication number
CN117493029A
CN117493029A CN202311309847.3A CN202311309847A CN117493029A CN 117493029 A CN117493029 A CN 117493029A CN 202311309847 A CN202311309847 A CN 202311309847A CN 117493029 A CN117493029 A CN 117493029A
Authority
CN
China
Prior art keywords
storage device
usb storage
file
request
accessed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311309847.3A
Other languages
Chinese (zh)
Inventor
曾宪武
滕俐军
胡治国
郭朝阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Rongan Networks Technology Co ltd
Original Assignee
Shenzhen Rongan Networks Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Rongan Networks Technology Co ltd filed Critical Shenzhen Rongan Networks Technology Co ltd
Priority to CN202311309847.3A priority Critical patent/CN117493029A/en
Publication of CN117493029A publication Critical patent/CN117493029A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/52Program synchronisation; Mutual exclusion, e.g. by means of semaphores
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/52Program synchronisation; Mutual exclusion, e.g. by means of semaphores
    • G06F9/526Mutual exclusion algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a USB storage device management method, a device, terminal equipment and a storage medium, and belongs to the technical field of information security. The invention receives the USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.

Description

USB storage device management method, device, terminal device and storage medium
Technical Field
The present invention relates to the field of information security, and in particular, to a method and apparatus for managing a USB storage device, a terminal device, and a storage medium.
Background
In many industrial scenes, various industrial control devices are adopted for industrial production, and USB storage devices can be connected to the industrial control devices to upgrade, configure the functions of the industrial control devices and collect the data of the devices, so that the production requirements are met.
However, at present, when a plurality of USB storage devices and a plurality of accessed devices are transmitted in an interactive manner, the plurality of accessed devices need to be plugged and plugged to switch, and only a single USB storage device is connected with a single accessed device, so that sharing of the plurality of USB storage devices among the plurality of accessed devices is not realized.
The foregoing is provided merely for the purpose of facilitating understanding of the technical solutions of the present invention and is not intended to represent an admission that the foregoing is prior art.
Disclosure of Invention
The main objective of the present application is to provide a method, an apparatus, a terminal device and a storage medium for managing USB storage devices, which are aimed at solving the problem that a plurality of USB storage devices cannot be shared among a plurality of access devices.
In order to achieve the above object, the present application provides a USB storage device management method, including:
receiving a USB storage device connection request;
according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set;
And when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices.
Optionally, the step of connecting a plurality of USB storage devices according to the USB storage device connection request, and obtaining a storage device descriptor set includes:
according to the USB storage device connection request, enumerating and reading descriptors of the plurality of USB storage devices through a preset main controller process;
and acquiring a storage device descriptor set according to the descriptors of the plurality of USB storage devices.
Optionally, when receiving an access request sent by the accessed host, the step of performing an access operation on the USB storage device corresponding to the access request based on the preset virtual hub according to the storage device descriptor set further includes:
acquiring a plurality of accessed device identifiers;
performing equipment registration according to the accessed equipment identifiers to obtain equipment controller identifiers;
constructing a plurality of equipment controller processes according to the equipment controller identifications;
And monitoring the requests sent by the accessed devices through the device controller processes.
Optionally, when receiving an access request sent by the accessed host, the step of performing an access operation on the USB storage device corresponding to the access request based on the preset virtual hub according to the storage device descriptor set includes:
performing conflict detection on the corresponding equipment controller process of the accessed host;
if no conflict exists, locking the equipment controller process based on a preset mutual exclusion lock, and acquiring the locked equipment controller process;
and according to the storage device descriptor set, based on a preset virtual hub, performing access operation on the USB storage device corresponding to the access request through the locked device controller process.
Optionally, the step of performing, according to the storage device descriptor set, an access operation on the USB storage device corresponding to the access request through the locked device controller process based on a preset virtual hub includes:
constructing a transmission pipeline through the locked device controller process based on a preset virtual hub according to the storage device descriptor set;
Judging the access type of the access request;
if the access type is an enumeration request, enumerating and outputting the storage device descriptor set to an accessed device corresponding to the enumeration request through the transmission pipeline;
if the access type is a file reading request, performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline;
and if the access type is a file writing request, performing file writing operation on the accessed equipment corresponding to the file writing request through the transmission pipeline.
Optionally, the step of performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline includes:
acquiring a file to be read according to the file reading request;
based on a preset antivirus engine, carrying out virus searching and killing on the file to be read, and obtaining the file to be read after virus searching and killing;
sending the file to be read after virus killing to the accessed device corresponding to the file reading request through the transmission pipeline;
and unlocking the locked equipment controller process based on the mutual exclusion lock.
Optionally, the step of writing the write file request to the accessed device through the transmission pipeline includes:
Acquiring a file to be written according to the file writing request;
based on a preset backup mechanism, the file to be written is sent to a preset virtual disk for backup, and the file to be written after backup is obtained;
the backed-up file to be written is sent to the USB storage device corresponding to the file writing request through the transmission pipeline;
and unlocking the locked equipment controller process based on the mutual exclusion lock.
Optionally, the step of sending the file to be written to a preset virtual disk for backup based on a preset backup mechanism, and obtaining the backed-up file to be written further includes:
acquiring a file backup time stamp;
when the file backup time stamp exceeds a preset backup persistence limit, deleting the corresponding backup file of the virtual disk;
and deleting the corresponding backup file of the virtual disk according to the file backup time stamp when the storage space of the virtual disk reaches a preset space threshold.
The embodiment of the application also provides a USB storage device management device, which comprises:
the request receiving module is used for receiving a USB storage device connection request;
The storage device connection module is used for connecting a plurality of USB storage devices according to the USB storage device connection request to acquire a storage device descriptor set;
and the access operation module is used for performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set when the access request sent by the accessed host is received.
The embodiment of the application also provides a terminal device, which comprises a memory, a processor and a USB storage device management program stored on the memory and capable of running on the processor, wherein the USB storage device management program realizes the steps of the USB storage device management method when being executed by the processor.
The embodiments of the present application also provide a computer readable storage medium having a USB storage device management program stored thereon, which when executed by a processor, implements the steps of the USB storage device management method described above.
The USB storage device management method, the device, the terminal device and the storage medium provided by the embodiment of the application receive a USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.
Drawings
FIG. 1 is a schematic diagram of functional modules of a terminal device to which a USB storage device management apparatus of the present application belongs;
FIG. 2 is a flowchart of a first exemplary embodiment of a USB storage device management method according to the present application;
FIG. 3 is a functional architecture diagram of a platform for sharing multiple master and multiple slave devices implemented by the USB storage device management method of the present application;
FIG. 4 is a flowchart of a second exemplary embodiment of a USB storage device management method according to the present application;
FIG. 5 is a flowchart illustrating a third exemplary embodiment of a USB storage device management method according to the present application;
FIG. 6 is a flow chart of the method for managing USB storage devices according to the present application for mutual exclusion lock and conflict detection;
FIG. 7 is a flowchart illustrating a fourth exemplary embodiment of a USB memory device management method according to the present application;
FIG. 8 is a schematic flow chart of a process of a device controller processing a read-write request according to the USB storage device management method of the present application;
FIG. 9 is a flowchart illustrating a process monitoring and process stopping triggering process in the USB storage device management method of the present application.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The main solutions of the embodiments of the present application are: receiving a USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.
Technical terms referred to in this application:
mutual exclusion lock: is a synchronization mechanism for multi-threaded programming that protects access to shared resources, ensuring that only one thread can access the protected critical area at any given time. Typically, a lock operation is preceded by entering a critical section and an unlock operation is followed by leaving the critical section. This ensures that each thread can successfully acquire a lock before entering the critical section, while operations in the critical section can be safely executed.
Virtual disk: is a virtualization technology that emulates the function of a physical disk and exists in a computer system in the form of a file. Virtual disks may be identified as a disk drive or partition in an operating system as a separate entity, separated from the physical hardware by virtualization techniques.
In the embodiment of the application, considering that the related technical scheme has certain limitation in the mode of installing virus killing terminal software by the accessed equipment, industrial control equipment such as PLC, RTU and the like in many industrial scenes has fewer resources such as CPU, memory and the like, and is difficult to bear the resources consumed by a virus killing engine and a virus library; the method has the advantages that the method is characterized in that the antivirus software is installed on industrial control equipment, the method belongs to an invasive type installation, the stability and the safety of the antivirus software can influence the main body function of the industrial control equipment, the built antivirus software is inconvenient to update and upgrade virus feature libraries frequently, and a plurality of general embedded industrial control equipment manufacturers are not opened and cannot support the antivirus software to be installed on the industrial control equipment;
the external device is used for carrying out virus checking, killing and isolation on the USB storage equipment, so that only one accessed equipment can be protected, and if a plurality of pieces of equipment need to be protected, a defending safety device needs to be deployed for each accessed equipment; the deployment cost is high, and when the USB storage device needs to be respectively accessed to a plurality of accessed devices, for example, when files are copied to each server, the USB storage device needs to be switched in a plugging manner, and cannot be shared among the plurality of accessed devices.
In addition, the above two technical methods only make security defense on the USB storage device in the upstream direction, but when the accessed device copies the file to the USB storage device, there is a risk of data disclosure due to lack of intervention such as backup audit.
Based on this, the embodiment of the application proposes a solution, and designs an external security defense device with multiple masters and multiple slaves, through an internal virtual hub, a virtual disk and a collision detection mechanism, so that a USB storage device can safely access a plurality of accessed devices in a sharing manner through the defense device, and when files are copied from the accessed devices to the USB storage device, the files are automatically backed up, so that the files are audited later, and sensitive data leakage is prevented.
Specifically, referring to fig. 1, fig. 1 is a schematic functional block diagram of a terminal device to which a USB storage device management apparatus of the present application belongs. The USB storage device management apparatus may be a terminal-independent apparatus capable of USB storage device management, and may be carried on the terminal device in the form of hardware or software. The terminal equipment can be intelligent mobile equipment with USB storage equipment management functions such as mobile phones and tablet computers, fixed terminal equipment or a server with USB storage equipment management functions and the like.
In this embodiment, the terminal device to which the USB storage device management apparatus belongs at least includes an output module 110, a processor 120, a memory 130, and a communication module 140.
The memory 130 stores therein an operating system and a USB storage device management program, and the USB storage device management apparatus may store the received and processed data information in the memory 130; the output module 110 may be a display screen, a speaker, etc. The communication module 140 may include a WIFI module, a mobile communication module, a bluetooth module, and the like, and communicates with an external device or a server through the communication module 140.
Wherein the USB storage device management program in the memory 130, when executed by the processor, performs the steps of:
receiving a USB storage device connection request;
according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set;
and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
According to the USB storage device connection request, enumerating and reading descriptors of the plurality of USB storage devices through a preset main controller process;
and acquiring a storage device descriptor set according to the descriptors of the plurality of USB storage devices.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
acquiring a plurality of accessed device identifiers;
performing equipment registration according to the accessed equipment identifiers to obtain equipment controller identifiers;
constructing a plurality of equipment controller processes according to the equipment controller identifications;
and monitoring the requests sent by the accessed devices through the device controller processes.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
performing conflict detection on the corresponding equipment controller process of the accessed host;
if no conflict exists, locking the equipment controller process based on a preset mutual exclusion lock, and acquiring the locked equipment controller process;
and according to the storage device descriptor set, based on a preset virtual hub, performing access operation on the USB storage device corresponding to the access request through the locked device controller process.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
constructing a transmission pipeline through the locked device controller process based on a preset virtual hub according to the storage device descriptor set;
judging the access type of the access request;
if the access type is an enumeration request, enumerating and outputting the storage device descriptor set to an accessed device corresponding to the enumeration request through the transmission pipeline;
if the access type is a file reading request, performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline;
and if the access type is a file writing request, performing file writing operation on the accessed equipment corresponding to the file writing request through the transmission pipeline.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
acquiring a file to be read according to the file reading request;
based on a preset antivirus engine, carrying out virus searching and killing on the file to be read, and obtaining the file to be read after virus searching and killing;
sending the file to be read after virus killing to the accessed device corresponding to the file reading request through the transmission pipeline;
And unlocking the locked equipment controller process based on the mutual exclusion lock.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
acquiring a file to be written according to the file writing request;
based on a preset backup mechanism, the file to be written is sent to a preset virtual data center for backup, and the file to be written after backup is obtained;
the backed-up file to be written is sent to the USB storage device corresponding to the file writing request through the transmission pipeline;
and unlocking the locked equipment controller process based on the mutual exclusion lock.
Further, the USB storage device management program in the memory 130, when executed by the processor, further performs the steps of:
acquiring a file backup time stamp;
when the file backup time stamp exceeds a preset backup persistence limit, deleting the corresponding backup file of the virtual data center;
and deleting the corresponding backup file of the virtual data center according to the file backup time stamp when the storage space of the virtual data center reaches a preset space threshold.
According to the scheme, the embodiment particularly receives a USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.
Based on the above terminal device architecture, but not limited to the above architecture, the method embodiments of the present application are presented.
Referring to fig. 2, fig. 2 is a flowchart illustrating a first exemplary embodiment of a USB storage device management method according to the present application. The USB storage device management method comprises the following steps:
step S10: receiving a USB storage device connection request;
the main execution body of the method of the present embodiment may be a USB storage device management apparatus, or may be a USB storage device management terminal apparatus or a server, and in this embodiment, the USB storage device management apparatus is exemplified by a USB storage device management apparatus, and the USB storage device management apparatus may be integrated on a terminal apparatus having a data processing function.
According to the scheme of the embodiment, a plurality of USB storage devices are connected through connection requests of the USB storage devices, a device descriptor set is obtained, and access operation is carried out on the USB storage devices according to the device descriptor set and access requests sent by an accessed host.
When the USB storage device needs to be connected, a USB storage device connection request is received, wherein the USB storage device connection request can be sent by one USB storage device or a plurality of USB storage devices. In addition, the USB storage device is connected by a USB interface, and a hardware carrier of the USB storage device can be a USB flash disk or a solid state disk, a mechanical hard disk and other devices with storage functions.
Step S20: according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set;
after receiving the USB storage device connection request, connecting one or more USB storage devices according to the USB storage device connection request, to obtain a descriptor set of one or more USB storage devices, where the storage device descriptor set is a set of descriptions and information of connected USB storage devices, and may include information such as a device type, a capacity, a connection state, and the like.
Step S30: and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices.
When an access request sent by an accessed host is received, a corresponding USB storage device is determined according to the storage device descriptor set, and corresponding access operation is executed. Wherein the access operations in the steps may involve access operations to read or write data, perform file operations, etc. The accessed host may be a plurality of accessed devices, i.e. one or more devices of the access system, and the accessed devices include, but are not limited to, hosts, servers, industrial control devices, and any devices with reserved physical interfaces and supporting access.
Specifically, as shown in fig. 3, in this embodiment, taking a USB interface type storage device, an industrial control device with a USB interface, and a PC host as accessed devices as examples, the USB storage device management method of the present invention may be integrated into a hardware platform with an MCU microcontroller, a RAM memory, a Flash memory, and multiple USB interfaces, and multiple physical interfaces are provided to the outside by embedding multiple USB device controller chips, where each physical interface is fixedly connected with each accessed device through a USB connection line. The hardware platform connects the USB interfaces with the USB storage devices, the industrial control equipment and the PC host, and utilizes the built-in virtual USB hub to realize the connection and data transmission of the USB storage devices among the accessed devices, thereby realizing the sharing of the USB storage devices among the accessed devices.
According to the scheme, the embodiment particularly receives a USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.
Referring to fig. 4, fig. 4 is a flowchart illustrating a USB storage device management method according to a second exemplary embodiment of the present invention.
Based on the first embodiment, a second embodiment of the present application is presented, which differs from the first embodiment in that:
in this embodiment, the step of connecting a plurality of USB storage devices according to the USB storage device connection request, and obtaining a storage device descriptor set includes:
Step S201: according to the USB storage device connection request, enumerating and reading descriptors of the plurality of USB storage devices through a preset main controller process;
step S202: and acquiring a storage device descriptor set according to the descriptors of the plurality of USB storage devices.
Specifically, in order to manage and operate the USB storage devices, first, according to a USB storage device connection request, the descriptors of each USB storage device are enumerated and read through a preset master controller process, so as to obtain descriptors of one or more USB storage devices. The host controller process is a process for directly controlling the USB storage device connected to the physical interface, and may monitor the USB storage device, use an appropriate interface/library function to perform enumeration and reading of storage device descriptors, and obtain descriptors of the connected USB storage device, where the descriptors include information such as identification, type, capacity, status, access rights, and the like of the USB storage device, and will be used for subsequent USB storage device management and access operations.
Finally, a storage device descriptor set is obtained according to the obtained one or more storage device descriptors. The obtained storage device descriptor set may be a data structure or a USB storage device descriptor list, which contains descriptor information of all connected USB storage devices.
More specifically, when the USB storage device is accessed to the apparatus, differential signaling is triggered, USB enumeration is initiated by the USB host controller, and information such as device descriptor, interface descriptor, configuration descriptor, character descriptor, endpoint descriptor, etc. is updated to the descriptor set of the memory.
The storage device descriptor set plays an important role in management and operation of a plurality of USB storage devices, and can be used for realizing functions such as device identification, function support, device initialization, state monitoring and error processing, so that the main controller can effectively interact and manage the USB storage devices.
According to the scheme, descriptors of the plurality of USB storage devices are obtained through enumeration and reading of a preset main controller process according to the USB storage device connection request; and acquiring a storage device descriptor set according to the descriptors of the plurality of USB storage devices. Through the storage device descriptor set, the USB storage devices can be better managed and controlled to help correctly use and operate the plurality of USB storage devices, and meet subsequent access needs to the plurality of USB storage devices.
Referring to fig. 5, fig. 5 is a flowchart illustrating a USB storage device management method according to a third exemplary embodiment of the present invention.
Based on the second embodiment, a third embodiment of the present application is presented, which differs from the second embodiment in that:
in this embodiment, when an access request sent by an accessed host is received, the step of performing an access operation on a USB storage device corresponding to the access request according to the storage device descriptor set further includes:
step S301: acquiring a plurality of accessed device identifiers;
step S302: performing equipment registration according to the accessed equipment identifiers to obtain equipment controller identifiers;
step S303: constructing a plurality of equipment controller processes according to the equipment controller identifications;
step S304: and monitoring the requests sent by the accessed devices through the device controller processes.
Specifically, in order to realize sharing of a plurality of USB storage devices, first, it is necessary to acquire the identities of a plurality of accessed devices involved in an access request sent by an accessed host. Wherein the access device identification may be a unique device ID or other form of identifier for identifying different accessed devices.
And then, the device controller identifiers are obtained by registering the identifiers of the plurality of accessed devices. The mapping relation between the equipment identifier and the equipment controller can be established by utilizing the equipment controller identifier, and the corresponding equipment controller can be searched according to the equipment identifier so as to prepare for subsequent access operation.
Then, based on the obtained device controller identifications, the system needs to build a corresponding number of device controller processes. The device controller process is a process for managing and monitoring the accessed device, and can execute access operation to the USB storage device, communicate with the accessed device, and realize transfer of information and data between the accessed device and the USB storage device.
Finally, the request sent by the related accessed device is monitored through the established device controller process. By listening for these requests, the device controller process may perceive the access request sent by the host and prepare it for the corresponding processing operation.
Further, as an implementation manner, when receiving an access request sent by the access host, the step of performing an access operation on the USB storage device corresponding to the access request according to the storage device descriptor set includes:
step S305: performing conflict detection on the corresponding equipment controller process of the accessed host;
step S306: if no conflict exists, locking the equipment controller process based on a preset mutual exclusion lock, and acquiring the locked equipment controller process;
Step S307: and according to the storage device descriptor set, performing access operation on the USB storage device corresponding to the access request through the locked device controller process.
Specifically, first, collision detection is performed on the corresponding device controller process of the accessed host. By detecting the status of the device controller process and the resource occupancy, it is possible to determine whether conflicting or competing conditions exist.
And then, if no conflict is found in the conflict detection, locking the device controller process based on a preset mutual exclusion lock. The locking can ensure that only one process can execute the operation at the same time, and the problem caused by the concurrency of the processes is avoided. And acquiring the locked equipment controller process through locking operation.
And finally, performing actual access operation on the USB storage device corresponding to the access request according to the storage device descriptor set by using the locked device controller process. The access request may include a request for specific operations of the USB storage device, such as reading, writing, enumerating, deleting, updating, and the like. These operations are managed and performed by the device controller process to ensure that access to the USB storage device is controllable, reliable and secure.
Further, a device controller sub-process of a plurality of accessed devices is enabled, and the number of processes is consistent with the number of device controllers.
Further, various descriptor sets obtained by enumeration can be shared by a plurality of processes of accessed devices, and the accessed host is switched, so that the descriptor sets are not affected.
Further, the device has the functions of user account management and login authentication, the device controller identification and the accessed device identification are registered in a one-to-one correspondence mode, and the accessed device identification can be a host name or an IP, so that the USB storage device can conveniently read, write, record and audit and trace.
More specifically, as shown in fig. 6, the built-in mutex lock of the embodiment realizes conflict detection of each controller process, when one of accessed devices initiates an enumeration USB storage device request or a USB read-write request, the corresponding process acquires the mutex lock to perform conflict detection, if no conflict exists currently, the mutex lock can be successfully acquired, and USB operations such as reading and writing are performed until the mutex lock is released after completion; if the conflict exists, the mutual exclusion lock failure is acquired, corresponding information is prompted, the mutual exclusion lock is retried after waiting for a certain time, and the waiting time is configurable.
According to the scheme, the embodiment particularly obtains the identifiers of the accessed devices; performing equipment registration according to the accessed equipment identifiers to obtain equipment controller identifiers; constructing a plurality of equipment controller processes according to the equipment controller identifications; and monitoring the requests sent by the accessed devices through the device controller processes. Each accessed device can independently respond to the accessed access request, orderly operation of the whole storage system is ensured, and the processing capacity, stability and expandability of the system are improved.
Referring to fig. 7, fig. 7 is a flowchart illustrating a USB storage device management method according to a fourth exemplary embodiment of the present invention.
Based on the third embodiment, a fourth embodiment of the present application is presented, which differs from the third embodiment in that:
in this embodiment, the step of performing, according to the storage device descriptor set, an access operation on the USB storage device corresponding to the access request through the locked device controller process includes:
step S3071: constructing a transmission pipeline through the locked device controller process according to the storage device descriptor set;
step S3072: judging the access type of the access request;
step S3073: if the access type is an enumeration request, enumerating and outputting the storage device descriptor set to an accessed device corresponding to the enumeration request through the transmission pipeline;
step S3074: if the access type is a file reading request, performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline;
step S3075: and if the access type is a file writing request, performing file writing operation on the accessed equipment corresponding to the file writing request through the transmission pipeline.
Specifically, in order to realize access operation of the accessed device to the plurality of USB storage devices, first, a transmission pipe between the USB storage device and the accessed device is constructed through a device controller process that obtains a mutual exclusion lock according to a storage device descriptor set. The transport pipeline may be a buffer or a set of FIFO (first in first out) queues, among others.
Then, the type of the access request is judged. Wherein the type of request may be determined from an identification or instruction in the received access request. For example, the opcode or parameter in the request is checked to determine whether the request is an enumeration request, a read file request, or a write file request.
Then, if the type of access request is an enumeration request, a storage device descriptor set enumeration is output to the accessed device. The USB storage device information in the storage device descriptor set may be packaged according to a defined communication protocol or format and sent to the accessed device through the transmission pipe. The accessed device can analyze the received data packet, and extract the storage device descriptor set information in the data packet for display so as to manage and operate the USB storage device.
Then, if the type of the access request is a read file request, the file specified in the read file request is transmitted to the accessed device through the transmission pipe. The file reading request can specify a path or a file identifier of the file to obtain the file for file transmission.
And finally, if the type of the access request is a file writing request, sending the file to be written corresponding to the file writing request to the USB storage device through a transmission pipeline. The file writing request may include information such as a storage device identifier of the written file and a stored path.
A data transmission channel is established between the device controller process and the accessed device, and corresponding operation is executed according to the type of the access request, so that the access and the operation to the USB storage device are realized. This way, reliable transmission of data is ensured and efficient collaboration and data interaction between devices is performed.
Further, as an implementation manner, the step of performing a file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline includes:
step S30741: acquiring a file to be read according to the file reading request;
step S30742: based on a preset antivirus engine, carrying out virus searching and killing on the file to be read, and obtaining the file to be read after virus searching and killing;
step S30743: sending the file to be read after virus killing to the accessed device corresponding to the file reading request through the transmission pipeline;
Step S30744: and unlocking the locked equipment controller process based on the mutual exclusion lock.
Specifically, first, a file to be read is acquired according to a file reading request. The obtaining mode may be a file path or a file identifier in the file reading request received by the device controller process, and the file path or the file identifier is used for specifying a file to be read from the USB storage device.
And then, according to a preset virus killing engine, carrying out virus killing on the file to be read to obtain a file after virus killing. The file to be read can be scanned through built-in antivirus software or algorithm, viruses possibly existing in the file can be detected and cleared, and the safety of the file can be ensured.
And then, sending the file to be read after virus searching and killing to the accessed device corresponding to the file reading request through a transmission pipeline. The transmission pipeline can ensure reliable transmission of file data and transmit file contents from the USB storage device to the corresponding accessed device.
And finally, unlocking the locked equipment controller process based on the mutual exclusion lock. Wherein, after the request is processed, in order to avoid the concurrent access problem, only one device controller process is ensured to execute the request at a time, and the lock is released after the operation is completed, so that the requests of other accessed devices can be continuously executed.
Further, as an implementation manner, the step of writing the write file request to the accessed device through the transmission pipeline includes:
step S30751: acquiring a file to be written according to the file writing request;
step S30752: based on a preset backup mechanism, the file to be written is sent to a preset virtual disk for backup, and the file to be written after backup is obtained;
step S30753: the backed-up file to be written is sent to the USB storage device corresponding to the file writing request through the transmission pipeline;
step S30754: and unlocking the locked equipment controller process based on the mutual exclusion lock.
Specifically, first, a file to be written is acquired according to a file writing request. The obtaining mode may be that the device controller process receives a file path or a file identifier in the file writing request, and is used for specifying a file to be written into the USB storage device.
And then, based on a preset backup mechanism, the file to be written is sent to a preset virtual disk for backup. The method comprises the steps of storing a file to be written into a storage medium, storing the file to be written into a storage medium, and storing the file to be written into the storage medium, wherein a virtualization technology or other modes can be used for backing up the file to be written into another position, and the backup aims to protect data from being lost or damaged and subsequent audit so as to restore the data when faults occur, and the integrity and the safety of the data can be ensured after the file to be written into is obtained.
And then, the file to be written which is backed up is sent to the USB storage device corresponding to the file writing request through the transmission pipeline. The transmission pipeline can ensure reliable transmission of file data and transfer file content from the device controller process to the accessed device.
And finally, unlocking the locked equipment controller process based on the mutual exclusion lock. The unlocking of the process is to avoid the concurrent access problem, ensure that only one request can access the device controller process at a time, and release the lock after the operation is completed so that other requests can be continuously executed.
Further, as an implementation manner, the step of sending the file to be written to a preset virtual disk for backup based on the preset backup mechanism, and obtaining the backed-up file to be written further includes:
step S307521: acquiring a file backup time stamp;
step S307522: when the file backup time stamp exceeds a preset backup persistence limit, deleting the corresponding backup file of the virtual disk;
step S307523: and deleting the corresponding backup file of the virtual disk according to the file backup time stamp when the storage space of the virtual disk reaches a preset space threshold.
Specifically, first, a time stamp of the file backup is obtained to further process the backup file according to the time stamp.
And then, when the time stamp of the backed-up file exceeds the preset backup persistence limit, deleting the corresponding out-of-date file in the virtual disk so as to ensure the timeliness of other files in the virtual disk and the size of the remained backup space.
And finally, when the space in the virtual disk exceeds a preset space threshold, deleting the backup file with the longest corresponding time stamp in the virtual disk according to the previously acquired file backup time stamp.
Furthermore, the system is internally provided with an antivirus engine, and virus is checked and killed when one of the accessed devices reads the content of the USB storage device. When one of the accessed devices copies out a file to the USB storage device, the file backup is carried out, the backup file retention time is configurable, and when the default reaches a certain limit value, the old backup is automatically deleted to make room for storing a new backup file.
Further, the system has a security policy configuration function, and the security policy includes whether virus is checked or killed, whether automatic backup of the outward copy file is needed, and a retention period and a storage space threshold of the automatic backup file are configured.
Further, the system has a file transmission anti-disclosure backup function:
1) When copying the file from the accessed equipment to the U disk, backing up the file to a device virtual data center;
2) Recording the source physical port of the backed-up file source file and the timestamp when the copying action occurs;
3) And transmitting file backup and automatic clearing functions. Deleting the backup file when the backup file reaches the longest retention period; when the device memory space reaches a threshold, the oldest backup file is deleted.
More specifically, as shown in fig. 8, when the accessed device needs to perform access operations such as enumeration, reading and writing on the USB storage device, pipeline construction is performed based on various descriptor information existing in the device system. If the descriptor set is not initially available, the USB host controller is informed that the driver initiates enumeration acquisition. When the accessed device reads the file from the USB storage device, the built-in antivirus engine of the device system performs virus checking and isolation; automatic backup when copying files from an accessed device to a USB storage device. An administrator or auditor user can log in to check the read-write record and the file backup condition of the USB storage device. Any accessed device can be used as a master device to read and write the USB storage device accessed on the USB security defense device, so that sharing type multi-master multi-slave is realized.
More specifically, as shown in fig. 9, the system listens to the device controller process through a preset process listening task, stops the process when a "stop" event occurs and ends the listening. For example, when one of the accessed devices is disconnected, the device controller stops the device controller process, and the listening process flow is ended.
According to the scheme, the transmission pipeline is constructed through the locked device controller process based on the preset virtual hub according to the storage device descriptor set; judging the access type of the access request; if the access type is an enumeration request, enumerating and outputting the storage device descriptor set to an accessed device corresponding to the enumeration request through the transmission pipeline; if the access type is a file reading request, performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline; and if the access type is a file writing request, performing file writing operation on the accessed equipment corresponding to the file writing request through the transmission pipeline. By adopting the multi-master multi-slave USB storage device security detection method, a plurality of accessed devices can safely share and access the USB storage device, defend the viruses of the storage device and prevent sensitive data from leaking, thereby ensuring the security of file transmission of the USB storage device.
In addition, an embodiment of the present application further provides a USB storage device management apparatus, where the USB storage device management apparatus includes:
the request receiving module is used for receiving a USB storage device connection request;
the storage device connection module is used for connecting a plurality of USB storage devices according to the USB storage device connection request to acquire a storage device descriptor set;
and the access operation module is used for performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set when the access request sent by the accessed host is received.
The principle and implementation process of USB storage device management are implemented in this embodiment, please refer to the above embodiments, and are not described herein again.
In addition, the embodiment of the application also provides a terminal device, which comprises a memory, a processor and a USB storage device management program stored on the memory and capable of running on the processor, wherein the USB storage device management program realizes the steps of the USB storage device management method when being executed by the processor.
Because the present USB storage device management program is executed by the processor, all the technical solutions of all the foregoing embodiments are adopted, and therefore, at least all the beneficial effects brought by all the technical solutions of all the foregoing embodiments are not described herein in detail.
In addition, the embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores a USB storage device management program, and the USB storage device management program realizes the steps of the USB storage device management method when being executed by a processor.
Because the present USB storage device management program is executed by the processor, all the technical solutions of all the foregoing embodiments are adopted, and therefore, at least all the beneficial effects brought by all the technical solutions of all the foregoing embodiments are not described herein in detail.
Compared with the prior art, the USB storage device management method, the device, the terminal device and the storage medium provided by the embodiment of the application are used for receiving the USB storage device connection request; according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set; when an access request sent by an accessed host is received, performing access operation on a USB storage device corresponding to the access request according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices. By the access request of the accessed device, the access operation of a plurality of USB storage devices is carried out, so that the management of the USB storage devices is realized, the problem that a plurality of USB storage devices cannot be shared among a plurality of accessed devices is solved, and the management efficiency of the USB storage devices is improved.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims (11)

1. A USB storage device management method, the USB storage device management method comprising the steps of:
receiving a USB storage device connection request;
according to the USB storage device connection request, connecting a plurality of USB storage devices to obtain a storage device descriptor set;
and when an access request sent by an accessed host is received, performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set, wherein the accessed host comprises a plurality of accessed devices.
2. The USB storage device management method according to claim 1, wherein the step of connecting a plurality of USB storage devices according to the USB storage device connection request, and obtaining a storage device descriptor set includes:
according to the USB storage device connection request, enumerating and reading descriptors of the plurality of USB storage devices through a preset main controller process;
And acquiring a storage device descriptor set according to the descriptors of the plurality of USB storage devices.
3. The USB storage device management method according to claim 1, wherein when receiving the access request sent by the access host, the step of performing, based on the preset virtual hub, an access operation on the USB storage device corresponding to the access request according to the storage device descriptor set further includes:
acquiring a plurality of accessed device identifiers;
performing equipment registration according to the accessed equipment identifiers to obtain equipment controller identifiers;
constructing a plurality of equipment controller processes according to the equipment controller identifications;
and monitoring the requests sent by the accessed devices through the device controller processes.
4. The USB storage device management method according to claim 3, wherein when receiving the access request sent by the access host, the step of performing an access operation on the USB storage device corresponding to the access request based on the preset virtual hub according to the storage device descriptor set includes:
performing conflict detection on the corresponding equipment controller process of the accessed host;
If no conflict exists, locking the equipment controller process based on a preset mutual exclusion lock, and acquiring the locked equipment controller process;
and according to the storage device descriptor set, based on a preset virtual hub, performing access operation on the USB storage device corresponding to the access request through the locked device controller process.
5. The method for managing USB storage devices according to claim 4, wherein the step of performing access operation on the USB storage device corresponding to the access request through the locked device controller process based on the preset virtual hub according to the storage device descriptor set includes:
constructing a transmission pipeline through the locked device controller process based on a preset virtual hub according to the storage device descriptor set;
judging the access type of the access request;
if the access type is an enumeration request, enumerating and outputting the storage device descriptor set to an accessed device corresponding to the enumeration request through the transmission pipeline;
if the access type is a file reading request, performing file reading operation on the accessed device corresponding to the file reading request through the transmission pipeline;
And if the access type is a file writing request, performing file writing operation on the accessed equipment corresponding to the file writing request through the transmission pipeline.
6. The USB storage device management method according to claim 5 wherein the step of performing a file read operation on the accessed device corresponding to the read file request through the transport pipe includes:
acquiring a file to be read according to the file reading request;
based on a preset antivirus engine, carrying out virus searching and killing on the file to be read, and obtaining the file to be read after virus searching and killing;
sending the file to be read after virus killing to the accessed device corresponding to the file reading request through the transmission pipeline;
and unlocking the locked equipment controller process based on the mutual exclusion lock.
7. The USB storage device management method of claim 5, wherein the step of writing the write file request to the corresponding accessed device through the transport pipe includes:
acquiring a file to be written according to the file writing request;
based on a preset backup mechanism, the file to be written is sent to a preset virtual disk for backup, and the file to be written after backup is obtained;
The backed-up file to be written is sent to the USB storage device corresponding to the file writing request through the transmission pipeline;
and unlocking the locked equipment controller process based on the mutual exclusion lock.
8. The method for managing USB storage devices according to claim 7, wherein the step of sending the file to be written to a preset virtual disk for backup based on a preset backup mechanism, and obtaining the backed-up file to be written further comprises:
acquiring a file backup time stamp;
when the file backup time stamp exceeds a preset backup persistence limit, deleting the corresponding backup file of the virtual disk;
and deleting the corresponding backup file of the virtual disk according to the file backup time stamp when the storage space of the virtual disk reaches a preset space threshold.
9. A USB storage device management apparatus, the apparatus comprising:
the request receiving module is used for receiving a USB storage device connection request;
the storage device connection module is used for connecting a plurality of USB storage devices according to the USB storage device connection request to acquire a storage device descriptor set;
And the access operation module is used for performing access operation on the USB storage device corresponding to the access request based on a preset virtual hub according to the storage device descriptor set when the access request sent by the accessed host is received.
10. A terminal device, characterized in that the terminal device comprises: a memory, a processor and a USB storage device management program stored on the memory and executable on the processor, the USB storage device management program configured to implement the steps of the USB storage device management method of any one of claims 1 to 8.
11. A storage medium having stored thereon a USB storage device management program which, when executed by a processor, implements the steps of the USB storage device management method of any one of claims 1 to 8.
CN202311309847.3A 2023-10-10 2023-10-10 USB storage device management method, device, terminal device and storage medium Pending CN117493029A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311309847.3A CN117493029A (en) 2023-10-10 2023-10-10 USB storage device management method, device, terminal device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311309847.3A CN117493029A (en) 2023-10-10 2023-10-10 USB storage device management method, device, terminal device and storage medium

Publications (1)

Publication Number Publication Date
CN117493029A true CN117493029A (en) 2024-02-02

Family

ID=89681715

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311309847.3A Pending CN117493029A (en) 2023-10-10 2023-10-10 USB storage device management method, device, terminal device and storage medium

Country Status (1)

Country Link
CN (1) CN117493029A (en)

Similar Documents

Publication Publication Date Title
US10990371B2 (en) Device driver non-volatile backing-store installation
US11385903B2 (en) Firmware update patch
US20070283444A1 (en) Apparatus And System For Preventing Virus
EP3455775B1 (en) Software container profiling
US20070250910A1 (en) Network Security Enhancement Methods, Apparatuses, System, Media, Signals and Computer Programs
US8843926B2 (en) Guest operating system using virtualized network communication
US11423186B2 (en) Verified inter-module communications interface
CN101551754A (en) Dynamic insertion and removal of virtual software sub-layers
EP1117042A2 (en) Emulation of persistent group reservations
US20180060588A1 (en) Operating system
US20130036431A1 (en) Constraining Execution of Specified Device Drivers
CN102385523A (en) Method for installing and managing driver of cloud operating system
WO2018212474A1 (en) Auxiliary memory having independent recovery area, and device applied with same
CN111782416A (en) Data reporting method, device, system, terminal and computer readable storage medium
CN108885572B (en) Secure driver platform
CN105637521B (en) Data processing method and intelligent terminal
EP3514717A1 (en) Device driver non-volatile backing-store installation
JP2014515858A (en) Method and apparatus for recombining executing instructions
US7062550B1 (en) Software-implemented method for identifying nodes on a network
WO2005103909A1 (en) Security maintenance method, data accumulation device, security maintenance server, and recording medium containing the program
US9032484B2 (en) Access control in a hybrid environment
CN109784041B (en) Event processing method and device, storage medium and electronic device
CN117493029A (en) USB storage device management method, device, terminal device and storage medium
CN116244677A (en) Method and device for detecting right-raising, electronic equipment and storage medium
KR101290852B1 (en) Apparatus and Method for Preventing Data Loss Using Virtual Machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination