CN1834977A - Authentication protection method based on USB device - Google Patents
Authentication protection method based on USB device Download PDFInfo
- Publication number
- CN1834977A CN1834977A CNA2006100115443A CN200610011544A CN1834977A CN 1834977 A CN1834977 A CN 1834977A CN A2006100115443 A CNA2006100115443 A CN A2006100115443A CN 200610011544 A CN200610011544 A CN 200610011544A CN 1834977 A CN1834977 A CN 1834977A
- Authority
- CN
- China
- Prior art keywords
- usb device
- software
- user
- usb
- binding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention relates to the computer field, disclosing a USB device-based attestation protecting method, comprising the steps of: setting code for software and storing user data by encryption, and also comprising the steps of: 1) a software user appoints a USB device needing to be bond to the software; 2) after completing the binding, and as the user runs the software, the bond USB device need be inserted, otherwise the software can not run; 3) in the running course, the user data encrypted storage adopts hardware information of the bond USB device as part of a secret key, and the hardware information of the USB device need be read, otherwise the user data can not be encrypted. And it improves security in user identification attestation and data protection of personal private software, simple to operate and convenient to use.
Description
Technical field
The present invention relates to computer realm, be specifically related to a kind of authentication and data guard method based on USB device.
Background technology
In the prior art, only supplying the safety problem of the private software systems of individual subscriber visit, mainly is to control access rights by user's password, adopts the mode storaging user data of encrypting simultaneously.And the software protection mode of traditional USB-KEY or USB house dog to be manufacturer by software distribute these USB hardware devices of management, patent CN99124432.X for example, its purpose prevents piracy normally in order to protect the copyright of software.
These technical protection means of prior art can't satisfy the protection demand of user for individual software gradually; more typical Password Management software for example; the user has stored some account numbers and encrypted message in this software; this software is a typical individual private software for the user.Usually, the user can be password of this software setting, and the disabled user does not know that this password can't start this software.Simultaneously, software can adopt the mode of encryption to deposit user's data.But the higher hacker of technical merit but can break through these safeguard measures by the mode that cracks.
Summary of the invention
(1) technical matters that will solve
The purpose of this invention is to provide a kind of authentication and data protection security good, easy and simple to handle authentication and data guard method based on USB device.
(2) technical scheme
In order to achieve the above object, the present invention takes following scheme:
A kind of authentication protection method based on USB device of the present invention is included as the software setting password, encrypts storaging user data, and is further comprising the steps of:
1) user of software specifies the USB device that needs binding for this software;
2) after binding is finished, when the user moves this software, the USB device of being bound must be inserted, otherwise software can't move;
3) in the operational process, the part of the hardware information of the USB device of binding as key adopted in the encryption of described user data storage, must read the hardware information of this USB device, otherwise can't the decrypted user data.
Wherein, described step 1) is that the user can be prompted to specify the USB device that needs binding when moving the first time of software.
Wherein, can check all when software starts at every turn whether the USB device of binding exists, if this USB device is not inserted, software can't start; Whether during the running software, can the self-verifying USB device exist, if extract USB device, software can withdraw from automatically.
Wherein, if the user data of described step 3) is illegally copied to other place, must have the hardware information of the USB device of binding, otherwise user data can't be deciphered.
Wherein, the USB device of described binding comprises the electronic equipment of USB flash disk or MP3 or use USB interface.
(3) beneficial effect
1, because USB device and individual private software context are got up, the authenticating user identification of individual private software and the security of data protection have been improved; 2, the present invention is simple to operate, easy to use.
Description of drawings
Fig. 1 is the process flow diagram of software binding USB device and startup;
Fig. 2 is the process flow diagram that regularly detects USB device during the running software;
Fig. 3 is the process flow diagram of software cryptography decrypted user data.
Embodiment
Following examples are used to illustrate the present invention, but are not used for limiting the scope of the invention.
The present invention can be applied to the authenticating user identification and the data protection of any individual private software.Present embodiment is an example with dynamic password software, further specifies content of the present invention and embodiment.
Dynamic password software is the development along with Internet service; for satisfying a kind of cryptoguard mode that more and more urgent hope better protection user account number and password occur that is used for; on basis in conjunction with the traditional static cryptographic technique, a kind of dynamic password technology that development forms.Use dynamic password software, when the user logins Internet service, need to use the dynamic password computed in software go out the disposal password of a dynamic change at every turn, and together be input to the service server end with static password and verify.And a cover dynamic password software can be managed a plurality of account numbers, but the use of software is individual private.
As shown in Figure 1, software is behind each the startup, the USB bound flag is read in the capital earlier, judges whether to have finished the USB binding then: if finish, then software can scan the whole USB device that have been connected to computing machine, and judge whether the USB bound device exists, if do not detect, then point out the user to insert the USB bound device, and continue scanning, if successfully detected, then enter software master interface; If do not finish the USB binding as yet, then software can real time scan be connected to whole USB device of computing machine and have generated the list of devices of a real-time update, and the user need to select the equipment of binding from tabulation then, and is last, write the USB bound flag, enter software master interface.
As shown in Figure 2, the user is when using business, and things are as usual, and selecting oneself needs the account number of use, and click generates password and gets final product.During running software, even software is in waiting status, for example minimized in Windows system the inside, the whole USB device that are connected to computing machine also can timing (for example per second) be scanned in the backstage, and judge whether the USB bound device is pulled out, if do not have, then continue timing scan, be pulled out if detect the USB bound device, locked software and point out the user to insert the USB bound device immediately then, software can real time scan be connected to whole USB device of computing machine then, and judge whether the USB bound device exists, if detect correct USB bound device, then unlock and recover normal condition, continue timing scan then; If do not detect, whether then check and overtime (for example 60 seconds), then continue real time scan, otherwise software to withdraw from automatically if not overtime.
As shown in Figure 3, dynamic password software can be used some users' significant data when calculating dynamic password, and these data are to encrypt storage.Need to read out the hardware information (for example manufacturer, product type and sequence number etc.) of USB bound device in the process of encryption and decryption, that is to say, the hardware information of USB bound device is the part of key, the necessary condition that to have this USB bound device be the calling party data.When storaging user data, software at first reads the hardware information of USB bound device, handles and obtain key then, uses this secret key encryption user data, obtains encrypt data and storage at last.When being written into user data, also at first need to read the hardware information of USB bound device, handle and obtain key then, use this secret key decryption user data, obtain clear data at last and be written into.If data are by bootlegging owing to lack the hardware information of USB bound device, other people be can't calling party significant data.
The present invention is that the USB device with individual subscriber private software and user's appointment associates, and preferably resolves the problem of authenticating user identification and data protection.Improved the security of software.All within above-mentioned spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within the claim scope of the present invention.
Claims (5)
1, a kind of authentication protection method based on USB device is included as the software setting password, encrypts storaging user data, it is characterized in that further comprising the steps of:
1) user of software specifies the USB device that needs binding for this software;
2) after binding is finished, when the user moves this software, the USB device of being bound must be inserted, otherwise software can't move;
3) in the operational process, the part of the hardware information of the USB device of binding as key adopted in the encryption of described user data storage, must read the hardware information of this USB device, otherwise can't the decrypted user data.
2, a kind of authentication protection method based on USB device as claimed in claim 1 is characterized in that: described step 1) is the user can be prompted to specify the needs binding when moving the first time of software a USB device.
3, a kind of authentication protection method as claimed in claim 1 based on USB device, it is characterized in that: whether the USB device that all can check binding when described software starts at every turn exists, if this USB device is not inserted, software can't start; Whether during the running software, can the self-verifying USB device exist, if extract USB device, software can withdraw from automatically.
4, a kind of authentication protection method as claimed in claim 1 based on USB device; it is characterized in that: if the user data of described step 3) is illegally copied to other place; the hardware information that must have the USB device of binding, otherwise user data can't be deciphered.
5, a kind of authentication protection method based on USB device as claimed in claim 1 is characterized in that: the USB device of described binding comprises USB flash disk or MP3 or uses the electronic equipment of USB interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100115443A CN100495421C (en) | 2006-03-23 | 2006-03-23 | Authentication protection method based on USB device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100115443A CN100495421C (en) | 2006-03-23 | 2006-03-23 | Authentication protection method based on USB device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1834977A true CN1834977A (en) | 2006-09-20 |
| CN100495421C CN100495421C (en) | 2009-06-03 |
Family
ID=37002719
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100115443A Expired - Fee Related CN100495421C (en) | 2006-03-23 | 2006-03-23 | Authentication protection method based on USB device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100495421C (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100449561C (en) * | 2007-03-05 | 2009-01-07 | 北京邮电大学 | Divulging secrets prevention system of USB storage device date based on certificate and transparent encryption technology |
| CN100449560C (en) * | 2006-09-26 | 2009-01-07 | 南京擎天科技有限公司 | Computer data security protective method |
| CN101515319B (en) * | 2008-02-19 | 2011-01-26 | 联想(北京)有限公司 | Cipher key processing method, cipher key cryptography service system and cipher key consultation method |
| CN101996293A (en) * | 2010-12-13 | 2011-03-30 | 深圳市江波龙电子有限公司 | Software authentication method based on softdog |
| CN102289607A (en) * | 2010-06-17 | 2011-12-21 | 鸿富锦精密工业(深圳)有限公司 | Universal serial bus (USB) device verification system and method |
| CN102479091A (en) * | 2010-11-30 | 2012-05-30 | 深圳市金蝶友商电子商务服务有限公司 | Method and device for running software and moveable storage medium |
| CN102685139A (en) * | 2012-05-21 | 2012-09-19 | 中国联合网络通信集团有限公司 | Network software authentication method and device |
| CN101296226B (en) * | 2007-04-24 | 2013-09-11 | 三星电子株式会社 | Method of sharing bus key and apparatus thereof |
| US8701207B2 (en) | 2009-07-02 | 2014-04-15 | Feitian Technologies Co., Ltd. | Method, device and system for protecting software |
| CN104636655A (en) * | 2015-02-06 | 2015-05-20 | 电子科技大学 | Credibility verifying method of hot plug device |
| CN105045612A (en) * | 2015-06-26 | 2015-11-11 | Tcl集团股份有限公司 | Peripheral equipment upgrade recovery method and system for Android terminal |
| CN105095556A (en) * | 2015-02-11 | 2015-11-25 | 洛阳汉鼎起重机械有限公司 | Method and device for generating scheme of hoisting machinery equipment |
| CN107463810A (en) * | 2017-08-15 | 2017-12-12 | 合肥爱吾宠科技有限公司 | The method that protecting computer software is realized based on network communication |
-
2006
- 2006-03-23 CN CNB2006100115443A patent/CN100495421C/en not_active Expired - Fee Related
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100449560C (en) * | 2006-09-26 | 2009-01-07 | 南京擎天科技有限公司 | Computer data security protective method |
| CN100449561C (en) * | 2007-03-05 | 2009-01-07 | 北京邮电大学 | Divulging secrets prevention system of USB storage device date based on certificate and transparent encryption technology |
| CN101296226B (en) * | 2007-04-24 | 2013-09-11 | 三星电子株式会社 | Method of sharing bus key and apparatus thereof |
| CN101515319B (en) * | 2008-02-19 | 2011-01-26 | 联想(北京)有限公司 | Cipher key processing method, cipher key cryptography service system and cipher key consultation method |
| US8701207B2 (en) | 2009-07-02 | 2014-04-15 | Feitian Technologies Co., Ltd. | Method, device and system for protecting software |
| CN102289607A (en) * | 2010-06-17 | 2011-12-21 | 鸿富锦精密工业(深圳)有限公司 | Universal serial bus (USB) device verification system and method |
| CN102479091B (en) * | 2010-11-30 | 2015-06-10 | 深圳市金蝶友商电子商务服务有限公司 | Method and device for running software and moveable storage medium |
| CN102479091A (en) * | 2010-11-30 | 2012-05-30 | 深圳市金蝶友商电子商务服务有限公司 | Method and device for running software and moveable storage medium |
| CN101996293A (en) * | 2010-12-13 | 2011-03-30 | 深圳市江波龙电子有限公司 | Software authentication method based on softdog |
| CN102685139A (en) * | 2012-05-21 | 2012-09-19 | 中国联合网络通信集团有限公司 | Network software authentication method and device |
| CN104636655A (en) * | 2015-02-06 | 2015-05-20 | 电子科技大学 | Credibility verifying method of hot plug device |
| CN105095556A (en) * | 2015-02-11 | 2015-11-25 | 洛阳汉鼎起重机械有限公司 | Method and device for generating scheme of hoisting machinery equipment |
| CN105045612A (en) * | 2015-06-26 | 2015-11-11 | Tcl集团股份有限公司 | Peripheral equipment upgrade recovery method and system for Android terminal |
| CN105045612B (en) * | 2015-06-26 | 2020-05-26 | Tcl科技集团股份有限公司 | Peripheral upgrading recovery method and system for Android terminal |
| CN107463810A (en) * | 2017-08-15 | 2017-12-12 | 合肥爱吾宠科技有限公司 | The method that protecting computer software is realized based on network communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100495421C (en) | 2009-06-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100495421C (en) | Authentication protection method based on USB device | |
| JP3614057B2 (en) | Access qualification authentication method and apparatus, and auxiliary information creation method and apparatus for certification | |
| CN100449561C (en) | Divulging secrets prevention system of USB storage device date based on certificate and transparent encryption technology | |
| JP4764639B2 (en) | File encryption / decryption program, program storage medium | |
| US10992480B2 (en) | Method and system for performing a transaction and for performing a verification of legitimate access to, or use of digital data | |
| KR101509377B1 (en) | Device and method for a backup of rights objects | |
| US20060053302A1 (en) | Information processing apparatus with security module | |
| CN1828623A (en) | Method for protecting computer login using disposable password | |
| CN102948114A (en) | Single-use authentication methods for accessing encrypted data | |
| CN102227734A (en) | Client computer for protecting confidential file, server computer therefor, method therefor, and computer program | |
| CN105740725A (en) | File protection method and system | |
| CN101848207A (en) | Information-leakage prevention system based on integrated control management | |
| CN103971034A (en) | Method and device for protecting Java software | |
| CN103250160A (en) | Authenticate a fingerprint image | |
| KR101625785B1 (en) | Method and device for information security management of mobile terminal, and mobile terminal | |
| CN101923616A (en) | Service provision device in copyright protection, user terminal and copyright protection method | |
| WO2001073533A1 (en) | System and method for safeguarding electronic files and digital information in a network environment | |
| CN1266617C (en) | Computer data protective method | |
| JP4587688B2 (en) | Encryption key management server, encryption key management program, encryption key acquisition terminal, encryption key acquisition program, encryption key management system, and encryption key management method | |
| US20090070594A1 (en) | Transient on-demand data security control | |
| CN101692265A (en) | Method of encrypting and protecting files | |
| CN101692266A (en) | Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID | |
| JP2012215973A (en) | Method for preventing information leakage | |
| CN102831360B (en) | Personal electronic document safety management system and management method thereof | |
| EP2037390A1 (en) | System and method of protecting content of an electronic file for sending and receiving |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090603 Termination date: 20120323 |