CN206133568U - USB port access control system based on multifactor authentication - Google Patents

USB port access control system based on multifactor authentication Download PDF

Info

Publication number
CN206133568U
CN206133568U CN201620749122.5U CN201620749122U CN206133568U CN 206133568 U CN206133568 U CN 206133568U CN 201620749122 U CN201620749122 U CN 201620749122U CN 206133568 U CN206133568 U CN 206133568U
Authority
CN
China
Prior art keywords
usb
module
user
control system
access control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201620749122.5U
Other languages
Chinese (zh)
Inventor
郭玉其
刘铮
马泽龙
黄波
杨柳
喻鑫
刘智臣
陈婷婷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu North Bow Intelligent Technology Co Ltd
Original Assignee
Jiangsu North Bow Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu North Bow Intelligent Technology Co Ltd filed Critical Jiangsu North Bow Intelligent Technology Co Ltd
Priority to CN201620749122.5U priority Critical patent/CN206133568U/en
Application granted granted Critical
Publication of CN206133568U publication Critical patent/CN206133568U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The utility model relates to an information security domain especially relates to a USB port access control system based on multifactor authentication. The utility model provides a USB port access control system including be used for receiving with detect the USB that USB connects insert the module, be used for according to user configuration the tabulation manage the USB visit configuration module of USB access module, be used for managing the USB data access logic the USB data access module, be used for confirming the multifactor authentication module of user's legitimacy and being used for handling concrete data interchange's inside storage module through authentication. The utility model discloses a mobile device USB port access control system has protection mobile device data security's advantage.

Description

USB port access control system based on multifactor authentication
Technical field
The present invention relates to field of information security technology, and in particular to a kind of USB port based on multifactor authentication is visited Ask control system.
Background technology
Nowadays (Universal Serial Bus, general serial is total all with USB for mobile device (such as mobile phone, flat board) Line) interface, on the one hand as the charging inlet of mobile device, on the other hand facilitate user to carry out data exchange with mobile device.
In existing mobile device, after mobile device connects computer by USB interface, user only needs to select USB Access module i.e. may have access to mobile device data, thus bring potential safety hazard.When mobile device loss or not at one's side When, interior data is possible to easily be obtained by USB interface by other people, so as to cause information leakage.Access for USB Safety problem, what existing safety precautions was relied primarily on is screen lock or by technological means limiting mobile device USB is accessed and is used position, but these technical schemes are disadvantageous in that security is relatively low or lack flexibility.
Utility model content
The utility model provides a kind of USB port access control system based on multifactor authentication, its objective is to carry High pass USB accesses the security of mobile device internal data.
A kind of USB port access control system based on multifactor authentication, including:
The USB AM access modules of USB connections are received and detected for the USB port access control system;
Accessed according to the USB that user configuring list is managed USB access modules for the USB port access control system Configuration module;
For the usb data access modules that the USB port access control system administration usb data accesses logic;
Authentication is carried out for the USB port access control system determine whether the legal multifactor authentication of user Module;
And for the storage inside module of the USB port access control system concrete data access of process.
The USB AM access modules are detected after USB device insertion, will be triggered the USB and be accessed configuration module according to user Configured list ejects selection interface;If user-selected number is according to access, the internal number of the usb data access modules initialization is triggered According to access, then triggering the multifactor authentication module carries out user validation confirmation;If user is legal, triggering is described Storage inside module carries out data access, and final data is transferred to circumscribed USB equipment by the USB AM access modules.
Preferably, the USB AM access modules include that USB type-C hardware interfaces, USB drive and detection module.
Preferably, the storage inside module is using EXT4 file management systems and EMMC Flash hardware store moulds Block.
Further, the multifactor authentication module includes:First password for carrying out cipher authentication recognizes mould Block and the living body faces identification module for living body faces certification;
The certification mode selected according to user triggers living body faces identification module collection user's living body faces information and enters Row face authentication, if certification passes through, confirms that user is legal, triggers the storage inside module and completes data access;If certification Failure, then trigger the first password identification module receiving user's input password, and the first password identification module will prestore The password of password and user input is compared certification;If certification passes through, confirm that user is legal, trigger the storage inside mould Block completes data access;If authentification failure, terminate accessing.
Preferably, the living body faces identification module includes 720P high definitions front-facing camera and corresponding driving and face Algorithm unit.
Further, the multifactor authentication also includes:
For carrying out the second password identification module of cipher authentication;
For the fingerprint identification module of finger print identifying;
The certification mode selected according to user triggers the fingerprint identification module collection user fingerprints information and preservation in advance Fingerprint compare certification, if certification passes through, confirm that user is legal, trigger the storage inside module and complete data visit Ask;If authentification failure, the second password identification module receiving user's input password, the second password identification module are triggered The password of the password for prestoring and user input is compared certification;If certification passes through, confirm that user is legal, trigger in described Portion's memory module completes data access;If authentification failure, terminate accessing.Preferably, the fingerprint identification module adopts optics Fingerprint module.
Compared to the USB port access control system based on multifactor authentication that prior art, the utility model are provided System has following beneficial effect:
1. security is more preferable:The utility model increased multifactor authentication module, specifically include first password certification Module, fingerprint authentication module, the second cipher authentication module and living body faces identification module, password are carried out respectively to user, are referred to Line and the collection comparison of living body faces characteristic information complete authentication, only could be passed through by the validated user of authentication USB accesses the data of mobile device, so compared to existing technology, there is provided various identification authentication modes increased USB access Security.
2. accuracy is higher:The 720P high-definition cameras and living body faces algorithm that living body faces identification module is adopted can The reliability of guarantee identification in terms of two is extracted from data source collection and late feature;Specific capacitance fingerprint module is adopted simultaneously The identification fingerprint that more preferably optical fingerprint identification module can be faster more accurate, automatically updates fingerprint characteristic and fingerprint recognition is not received Season, environment, finger wear affect, so as to ensure that the accuracy of fingerprint recognition.
3. access speed is faster:USB type-C hardware interfaces are adopted in the system and is deposited based on EMMC Flash hardware The ext4 file management systems of storage module, from two angles of reading and writing data and transmission USB access speeds, Consumer's Experience are improve More preferably.
4. flexibility is more preferable:The system increased multifactor authentication mould on the basis of traditional USB access controls Block, from the angle of Consumer's Experience the authenticating step of fingerprint either living body faces or password is only increased, but unlimited Mobile device processed must could be used in some specific regions or position, for the protected mode compared with existing restricted area, The flexibility of mobile device has been remained in that while security is protected.
Description of the drawings
Technical scheme in order to be illustrated more clearly that the utility model embodiment, below will be to being made in embodiment description Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present utility model, For those of ordinary skill in the art, on the premise of not paying creative work, can be with according to these accompanying drawings acquisitions Other accompanying drawings, wherein:
Fig. 1 is the structural frames of the USB port access control system based on multifactor authentication that the utility model is provided Figure;
Fig. 2 is a kind of workflow diagram of the multifactor authentication module that the utility model is provided;
Fig. 3 is another kind of workflow diagram of the multifactor authentication module that the utility model is provided.
Specific embodiment
In order that the purpose of this utility model, technical scheme and advantage become more apparent, below in conjunction with accompanying drawing and enforcement Example, is further elaborated to the utility model.It should be appreciated that specific embodiment described herein is only to explain The utility model, is not used to limit the utility model.
The utility model provide the USB port access control system based on multifactor authentication, can flexibly and peace It is complete to being protected by the internal data of USB interface access mobile device.
Fig. 1 is the structural frames of the USB port access control system based on multifactor authentication that the utility model is provided Figure, for convenience of description, illustrate only the part related to the utility model embodiment.As shown in Figure 1:
The USB port access control system based on multifactor authentication be located at mobile device 100, specifically include with Lower module:
USB AM access modules 101:Including USB type-C hardware interfaces, USB drive and detection module, for as with USB The data transmission channel and detection USB device insert state of equipment;
USB accesses configuration module 102, for configuring the pattern of USB access, for example, only charges or debugs, data Access etc.;
Usb data access modules 103, for the data that management accesses mobile device;
Multifactor authentication module 104, for the identity validation of user;
Storage inside module 105, for processing the data of mobile device storage;
USB interface device 200, the external connection of the internal data for indicating a desire to access the mobile device 100 sets It is standby, such as PC etc..
With reference to above-mentioned modular system, the workflow of the USB port access control system is specifically described below:
The USB interface device 200 connects the mobile device 100 by USB connecting lines;
The USB AM access modules 101, to there is USB to connect, will be produced connection event and given by USB interface contact level detection The mobile device 100;
The USB accesses configuration module 102 and gets USB connection events from the mobile device 100, is configured according to USB File, will eject user interface and selects for user, give tacit consent to as charge option.
If now user does not do any selection, the mobile device 100 will be in USB charged states;If now user Selection carries out usb data access, then the USB accesses configuration module 102 and will perform the usb data access modules 103;
The initialization of usb data access modules 103 internal data is accessed, and judges whether to access first, if first, then The combination that interface for users selects multifactor authentication is ejected, the multifactor authentication module will be then called 104 carry out password, finger print information or living body faces information.
If not accessing first, then the multifactor authentication module 104 is called to carry out whether authentication determines user It is legal.
If user is legal, the usb data access modules 103 will call the storage inside module 105, the inside The employing EMMC FALSH hardware stores modules of memory module 105 and EXT4 file management systems, are connect by file management system Mouth reads the data being stored in hardware module, transfers data to the USB by the USB AM access modules 101 then and connects Jaws equipment 200, completes whole process.
In a kind of example based on the USB port access control system of multifactor authentication that the utility model is provided, The multifactor authentication module 104 can be one kind of two kinds of logical combinations, including:
The first combination:Fingerprint identification module 111+ first passwords identification module 113;
Second combination:Living body faces identification module the second password identifications of 211+ module 213.
Fig. 2 is referred to, is a kind of workflow diagram of the multifactor authentication module that the utility model is provided.Specially What the first was combined described in the present embodiment implements logic, specifically includes:
The finger print information of the prior typing user of the fingerprint identification module 111;Specifically, the fingerprint identification module 111 The finger print information of user is quickly and accurately gathered using optical finger print module, and the information for collecting is stored in into given zone Domain, using as comparison finger print information a reference value.
The first password identification module 113 preserves in advance the password set by user;
User carries out the fingerprint recognition certification, the collection active user's finger print information of the fingerprint identification module 111 and thing The finger print information a reference value of first typing is compared, if the match is successful, then it is assumed that active user is legal, completes the multifactor body Part certification;If matching error, into the first password identification module 113.The first password identification module 113 is received works as The password of front user input is compared with the prior password for preserving, if the match is successful, then it is assumed that active user is legal;If matching Mistake, then it is assumed that active user is illegal, and the multifactor authentication terminates, authentication result is failure.
Fingerprint identification technology extensively using fields such as mobile payments, has fully been demonstrated its security reliability, Therefore the demand of identification is disclosure satisfy that by the way of fingerprint recognition, while aid in first password identification module 113, can be with Cipher authentication is carried out when user fingerprints are inconvenient to gather, it is ensured that the flexibility of identification is increased while security.
3 are referred to, is another kind of workflow diagram of the multifactor authentication module that the utility model is provided.Specially Described in the present embodiment second combination implement logic, specifically include:
The living body faces information of the prior typing user of the living body faces identification module 211;
Specifically, the living body faces identification module 211 includes 720P high-definition cameras, respective drive module and people Face recognizer module, it is original that the living body faces identification module 211 drives camera to catch face information by driver Information, then living body faces characteristic information in advance is analyzed to raw information by face recognition algorithms module, so as to complete to live Body face information gathers and is stored in specific region, using as comparison living body faces a reference value.
The second password identification module 213 preserves in advance the password set by user;
User carries out the living body faces identification certification, and the living body faces identification module 211 gathers active user's live body Face information is compared with the living body faces a reference value of prior typing, if the match is successful, then it is assumed that active user is legal, is completed The multifactor authentication;If matching error, into the second password identification module 213.Second password identification Module 213 receives the password of active user's input and the prior password for preserving is compared, if the match is successful, then it is assumed that current to use Family is legal;If matching error, then it is assumed that active user is illegal, and the multifactor authentication terminates, authentication result is failure.
Living body faces technology of identification has been widely used for the fields such as customs, public security system, has fully been demonstrated it With more high safety reliability, therefore living body faces identification can be as a kind of effective identification mode, while auxiliary the Two password identification modules, can carry out cipher authentication when living body faces collection is inconvenient, not only ensure that security but also increased Flexibility.
To sum up, the utility model proposes the USB port access control system based on multifactor authentication by high safety Property authentication with USB access in combination with, that is, the flexibility for maintaining data access increased Information Security again.
Preferred embodiment of the present utility model is the foregoing is only, it is all at this not to limit the utility model Any modification, equivalent and improvement made within the spirit and principle of utility model etc., should be included in the utility model Protection domain within.

Claims (7)

1. a kind of USB port access control system based on multifactor authentication, it is characterised in that include:
The USB AM access modules of USB connections are received and detected for the USB port access control system;
Configuration is accessed according to the USB that user configuring list is managed USB access modules for the USB port access control system Module;
For the usb data access modules that the USB port access control system administration usb data accesses logic;
Authentication is carried out for the USB port access control system determine whether the legal multifactor authentication mould of user Block;
And for the storage inside module of the USB port access control system concrete data access of process;
The USB AM access modules are detected after USB device insertion, will be triggered the USB and be accessed configuration module according to user configuring Selection interface is ejected in list, if user-selected number is according to access, is triggered the usb data access modules initialization internal data and is visited Ask, then triggering the multifactor authentication module carries out user validation confirmation, if user is legal, triggers the inside Memory module carries out data access, and final data is transferred to circumscribed USB equipment by the USB AM access modules.
2. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute State USB AM access modules to drive and detection module including USB type-C hardware interfaces, USB.
3. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute Storage inside module is stated using EXT4 file management systems and EMMC Flash hardware store modules.
4. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute Stating multifactor authentication module includes:For carrying out the first password identification module of cipher authentication and for living body faces certification Living body faces identification module;
The certification mode selected according to user triggers living body faces identification module collection user's living body faces information and enters pedestrian Face certification, if certification passes through, confirms that user is legal, triggers the storage inside module and completes data access;If authentification failure, Then trigger the first password identification module receiving user's input password, the first password identification module by the password for prestoring with The password of user input is compared certification;If certification passes through, confirm that user is legal, trigger the storage inside module and complete Data access;If authentification failure, terminate accessing.
5. the USB port access control system of multifactor authentication is based on according to claim 4, it is characterised in that institute Living body faces identification module is stated including 720P high definitions front-facing camera and corresponding driving and face algorithm unit.
6. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute Stating multifactor authentication module also includes:For carrying out the second password identification module of cipher authentication and for finger print identifying Fingerprint identification module;
The certification mode selected according to user triggers the fingerprint identification module collection user fingerprints information and the prior finger for preserving Line is compared certification, if certification passes through, confirms that user is legal, is triggered the storage inside module and is completed data access;If Authentification failure, then trigger the second password identification module receiving user's input password, and the second password identification module will be pre- The password deposited and the password of user input are compared certification;If certification passes through, confirm that user is legal, trigger the inside and deposit Storage module completes data access;If authentification failure, terminate accessing.
7. the USB port access control system of multifactor authentication is based on according to claim 6, it is characterised in that institute Fingerprint identification module is stated using optical finger print module.
CN201620749122.5U 2016-07-15 2016-07-15 USB port access control system based on multifactor authentication Active CN206133568U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201620749122.5U CN206133568U (en) 2016-07-15 2016-07-15 USB port access control system based on multifactor authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201620749122.5U CN206133568U (en) 2016-07-15 2016-07-15 USB port access control system based on multifactor authentication

Publications (1)

Publication Number Publication Date
CN206133568U true CN206133568U (en) 2017-04-26

Family

ID=58561385

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201620749122.5U Active CN206133568U (en) 2016-07-15 2016-07-15 USB port access control system based on multifactor authentication

Country Status (1)

Country Link
CN (1) CN206133568U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109474631A (en) * 2018-12-28 2019-03-15 深圳竹云科技有限公司 A kind of multinode authentication method of dynamic tracing
CN112740205A (en) * 2018-09-18 2021-04-30 三星电子株式会社 Electronic device and method for controlling connection of external device using the same

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112740205A (en) * 2018-09-18 2021-04-30 三星电子株式会社 Electronic device and method for controlling connection of external device using the same
CN109474631A (en) * 2018-12-28 2019-03-15 深圳竹云科技有限公司 A kind of multinode authentication method of dynamic tracing

Similar Documents

Publication Publication Date Title
CN109886697B (en) Operation determination method and device based on expression group and electronic equipment
WO2017113380A1 (en) Fingerprint recognition method and apparatus, and touch-screen terminal
US9245131B2 (en) Multi-user universal serial bus (USB) key with customizable file sharing permissions
CN104574599A (en) Authentication method and device, and intelligent door lock
CN103366107A (en) Method, device and mobile phone for protecting access permission of application program
CN101986597A (en) Identity authentication system with biological characteristic recognition function and authentication method thereof
CN105447927B (en) Control method, access controller and the access control system that gate inhibition's electric lock is opened
US11861946B2 (en) Locking system with a lock operable in different modes for allowing access using a sharable digital key
CN102201917B (en) Method and device for identity authentication of ATM (automatic teller machine)
CN105701386A (en) Security certification method and device
CN103824391B (en) Self-aided terminal is anti-to exchange chucking method and device
CN102456102A (en) Method for carrying out identity recertification on particular operation of information system by using Usb key technology
CN206133568U (en) USB port access control system based on multifactor authentication
CN104778587A (en) Safety payment method and device
CN107657454A (en) Biological method of payment, device, equipment and storage medium
CN106098069A (en) A kind of identity identifying method and terminal unit
CN107295016A (en) Auth method and device
US11354394B2 (en) Identity verification using autonomous vehicles
CN105791139A (en) Routing device, network access method and device of communication terminal
US20150143512A1 (en) Iris key, system and method of unlocking electronic device using the iris key
CN106845197A (en) A kind of fingerprint identification method and device
CN105303092B (en) A kind of identity identifying method and device
CN101419577A (en) Mobile memory apparatus with handwriting identification identity confirming function and implementing method thereof
CN103593596A (en) USB KEY for collecting external biological characteristics
CN106295291A (en) The unlocking method of terminal and device

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant