CN206133568U - USB port access control system based on multifactor authentication - Google Patents
USB port access control system based on multifactor authentication Download PDFInfo
- Publication number
- CN206133568U CN206133568U CN201620749122.5U CN201620749122U CN206133568U CN 206133568 U CN206133568 U CN 206133568U CN 201620749122 U CN201620749122 U CN 201620749122U CN 206133568 U CN206133568 U CN 206133568U
- Authority
- CN
- China
- Prior art keywords
- usb
- module
- user
- control system
- access control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model relates to an information security domain especially relates to a USB port access control system based on multifactor authentication. The utility model provides a USB port access control system including be used for receiving with detect the USB that USB connects insert the module, be used for according to user configuration the tabulation manage the USB visit configuration module of USB access module, be used for managing the USB data access logic the USB data access module, be used for confirming the multifactor authentication module of user's legitimacy and being used for handling concrete data interchange's inside storage module through authentication. The utility model discloses a mobile device USB port access control system has protection mobile device data security's advantage.
Description
Technical field
The present invention relates to field of information security technology, and in particular to a kind of USB port based on multifactor authentication is visited
Ask control system.
Background technology
Nowadays (Universal Serial Bus, general serial is total all with USB for mobile device (such as mobile phone, flat board)
Line) interface, on the one hand as the charging inlet of mobile device, on the other hand facilitate user to carry out data exchange with mobile device.
In existing mobile device, after mobile device connects computer by USB interface, user only needs to select USB
Access module i.e. may have access to mobile device data, thus bring potential safety hazard.When mobile device loss or not at one's side
When, interior data is possible to easily be obtained by USB interface by other people, so as to cause information leakage.Access for USB
Safety problem, what existing safety precautions was relied primarily on is screen lock or by technological means limiting mobile device
USB is accessed and is used position, but these technical schemes are disadvantageous in that security is relatively low or lack flexibility.
Utility model content
The utility model provides a kind of USB port access control system based on multifactor authentication, its objective is to carry
High pass USB accesses the security of mobile device internal data.
A kind of USB port access control system based on multifactor authentication, including:
The USB AM access modules of USB connections are received and detected for the USB port access control system;
Accessed according to the USB that user configuring list is managed USB access modules for the USB port access control system
Configuration module;
For the usb data access modules that the USB port access control system administration usb data accesses logic;
Authentication is carried out for the USB port access control system determine whether the legal multifactor authentication of user
Module;
And for the storage inside module of the USB port access control system concrete data access of process.
The USB AM access modules are detected after USB device insertion, will be triggered the USB and be accessed configuration module according to user
Configured list ejects selection interface;If user-selected number is according to access, the internal number of the usb data access modules initialization is triggered
According to access, then triggering the multifactor authentication module carries out user validation confirmation;If user is legal, triggering is described
Storage inside module carries out data access, and final data is transferred to circumscribed USB equipment by the USB AM access modules.
Preferably, the USB AM access modules include that USB type-C hardware interfaces, USB drive and detection module.
Preferably, the storage inside module is using EXT4 file management systems and EMMC Flash hardware store moulds
Block.
Further, the multifactor authentication module includes:First password for carrying out cipher authentication recognizes mould
Block and the living body faces identification module for living body faces certification;
The certification mode selected according to user triggers living body faces identification module collection user's living body faces information and enters
Row face authentication, if certification passes through, confirms that user is legal, triggers the storage inside module and completes data access;If certification
Failure, then trigger the first password identification module receiving user's input password, and the first password identification module will prestore
The password of password and user input is compared certification;If certification passes through, confirm that user is legal, trigger the storage inside mould
Block completes data access;If authentification failure, terminate accessing.
Preferably, the living body faces identification module includes 720P high definitions front-facing camera and corresponding driving and face
Algorithm unit.
Further, the multifactor authentication also includes:
For carrying out the second password identification module of cipher authentication;
For the fingerprint identification module of finger print identifying;
The certification mode selected according to user triggers the fingerprint identification module collection user fingerprints information and preservation in advance
Fingerprint compare certification, if certification passes through, confirm that user is legal, trigger the storage inside module and complete data visit
Ask;If authentification failure, the second password identification module receiving user's input password, the second password identification module are triggered
The password of the password for prestoring and user input is compared certification;If certification passes through, confirm that user is legal, trigger in described
Portion's memory module completes data access;If authentification failure, terminate accessing.Preferably, the fingerprint identification module adopts optics
Fingerprint module.
Compared to the USB port access control system based on multifactor authentication that prior art, the utility model are provided
System has following beneficial effect:
1. security is more preferable:The utility model increased multifactor authentication module, specifically include first password certification
Module, fingerprint authentication module, the second cipher authentication module and living body faces identification module, password are carried out respectively to user, are referred to
Line and the collection comparison of living body faces characteristic information complete authentication, only could be passed through by the validated user of authentication
USB accesses the data of mobile device, so compared to existing technology, there is provided various identification authentication modes increased USB access
Security.
2. accuracy is higher:The 720P high-definition cameras and living body faces algorithm that living body faces identification module is adopted can
The reliability of guarantee identification in terms of two is extracted from data source collection and late feature;Specific capacitance fingerprint module is adopted simultaneously
The identification fingerprint that more preferably optical fingerprint identification module can be faster more accurate, automatically updates fingerprint characteristic and fingerprint recognition is not received
Season, environment, finger wear affect, so as to ensure that the accuracy of fingerprint recognition.
3. access speed is faster:USB type-C hardware interfaces are adopted in the system and is deposited based on EMMC Flash hardware
The ext4 file management systems of storage module, from two angles of reading and writing data and transmission USB access speeds, Consumer's Experience are improve
More preferably.
4. flexibility is more preferable:The system increased multifactor authentication mould on the basis of traditional USB access controls
Block, from the angle of Consumer's Experience the authenticating step of fingerprint either living body faces or password is only increased, but unlimited
Mobile device processed must could be used in some specific regions or position, for the protected mode compared with existing restricted area,
The flexibility of mobile device has been remained in that while security is protected.
Description of the drawings
Technical scheme in order to be illustrated more clearly that the utility model embodiment, below will be to being made in embodiment description
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present utility model,
For those of ordinary skill in the art, on the premise of not paying creative work, can be with according to these accompanying drawings acquisitions
Other accompanying drawings, wherein:
Fig. 1 is the structural frames of the USB port access control system based on multifactor authentication that the utility model is provided
Figure;
Fig. 2 is a kind of workflow diagram of the multifactor authentication module that the utility model is provided;
Fig. 3 is another kind of workflow diagram of the multifactor authentication module that the utility model is provided.
Specific embodiment
In order that the purpose of this utility model, technical scheme and advantage become more apparent, below in conjunction with accompanying drawing and enforcement
Example, is further elaborated to the utility model.It should be appreciated that specific embodiment described herein is only to explain
The utility model, is not used to limit the utility model.
The utility model provide the USB port access control system based on multifactor authentication, can flexibly and peace
It is complete to being protected by the internal data of USB interface access mobile device.
Fig. 1 is the structural frames of the USB port access control system based on multifactor authentication that the utility model is provided
Figure, for convenience of description, illustrate only the part related to the utility model embodiment.As shown in Figure 1:
The USB port access control system based on multifactor authentication be located at mobile device 100, specifically include with
Lower module:
USB AM access modules 101:Including USB type-C hardware interfaces, USB drive and detection module, for as with USB
The data transmission channel and detection USB device insert state of equipment;
USB accesses configuration module 102, for configuring the pattern of USB access, for example, only charges or debugs, data
Access etc.;
Usb data access modules 103, for the data that management accesses mobile device;
Multifactor authentication module 104, for the identity validation of user;
Storage inside module 105, for processing the data of mobile device storage;
USB interface device 200, the external connection of the internal data for indicating a desire to access the mobile device 100 sets
It is standby, such as PC etc..
With reference to above-mentioned modular system, the workflow of the USB port access control system is specifically described below:
The USB interface device 200 connects the mobile device 100 by USB connecting lines;
The USB AM access modules 101, to there is USB to connect, will be produced connection event and given by USB interface contact level detection
The mobile device 100;
The USB accesses configuration module 102 and gets USB connection events from the mobile device 100, is configured according to USB
File, will eject user interface and selects for user, give tacit consent to as charge option.
If now user does not do any selection, the mobile device 100 will be in USB charged states;If now user
Selection carries out usb data access, then the USB accesses configuration module 102 and will perform the usb data access modules 103;
The initialization of usb data access modules 103 internal data is accessed, and judges whether to access first, if first, then
The combination that interface for users selects multifactor authentication is ejected, the multifactor authentication module will be then called
104 carry out password, finger print information or living body faces information.
If not accessing first, then the multifactor authentication module 104 is called to carry out whether authentication determines user
It is legal.
If user is legal, the usb data access modules 103 will call the storage inside module 105, the inside
The employing EMMC FALSH hardware stores modules of memory module 105 and EXT4 file management systems, are connect by file management system
Mouth reads the data being stored in hardware module, transfers data to the USB by the USB AM access modules 101 then and connects
Jaws equipment 200, completes whole process.
In a kind of example based on the USB port access control system of multifactor authentication that the utility model is provided,
The multifactor authentication module 104 can be one kind of two kinds of logical combinations, including:
The first combination:Fingerprint identification module 111+ first passwords identification module 113;
Second combination:Living body faces identification module the second password identifications of 211+ module 213.
Fig. 2 is referred to, is a kind of workflow diagram of the multifactor authentication module that the utility model is provided.Specially
What the first was combined described in the present embodiment implements logic, specifically includes:
The finger print information of the prior typing user of the fingerprint identification module 111;Specifically, the fingerprint identification module 111
The finger print information of user is quickly and accurately gathered using optical finger print module, and the information for collecting is stored in into given zone
Domain, using as comparison finger print information a reference value.
The first password identification module 113 preserves in advance the password set by user;
User carries out the fingerprint recognition certification, the collection active user's finger print information of the fingerprint identification module 111 and thing
The finger print information a reference value of first typing is compared, if the match is successful, then it is assumed that active user is legal, completes the multifactor body
Part certification;If matching error, into the first password identification module 113.The first password identification module 113 is received works as
The password of front user input is compared with the prior password for preserving, if the match is successful, then it is assumed that active user is legal;If matching
Mistake, then it is assumed that active user is illegal, and the multifactor authentication terminates, authentication result is failure.
Fingerprint identification technology extensively using fields such as mobile payments, has fully been demonstrated its security reliability,
Therefore the demand of identification is disclosure satisfy that by the way of fingerprint recognition, while aid in first password identification module 113, can be with
Cipher authentication is carried out when user fingerprints are inconvenient to gather, it is ensured that the flexibility of identification is increased while security.
3 are referred to, is another kind of workflow diagram of the multifactor authentication module that the utility model is provided.Specially
Described in the present embodiment second combination implement logic, specifically include:
The living body faces information of the prior typing user of the living body faces identification module 211;
Specifically, the living body faces identification module 211 includes 720P high-definition cameras, respective drive module and people
Face recognizer module, it is original that the living body faces identification module 211 drives camera to catch face information by driver
Information, then living body faces characteristic information in advance is analyzed to raw information by face recognition algorithms module, so as to complete to live
Body face information gathers and is stored in specific region, using as comparison living body faces a reference value.
The second password identification module 213 preserves in advance the password set by user;
User carries out the living body faces identification certification, and the living body faces identification module 211 gathers active user's live body
Face information is compared with the living body faces a reference value of prior typing, if the match is successful, then it is assumed that active user is legal, is completed
The multifactor authentication;If matching error, into the second password identification module 213.Second password identification
Module 213 receives the password of active user's input and the prior password for preserving is compared, if the match is successful, then it is assumed that current to use
Family is legal;If matching error, then it is assumed that active user is illegal, and the multifactor authentication terminates, authentication result is failure.
Living body faces technology of identification has been widely used for the fields such as customs, public security system, has fully been demonstrated it
With more high safety reliability, therefore living body faces identification can be as a kind of effective identification mode, while auxiliary the
Two password identification modules, can carry out cipher authentication when living body faces collection is inconvenient, not only ensure that security but also increased
Flexibility.
To sum up, the utility model proposes the USB port access control system based on multifactor authentication by high safety
Property authentication with USB access in combination with, that is, the flexibility for maintaining data access increased Information Security again.
Preferred embodiment of the present utility model is the foregoing is only, it is all at this not to limit the utility model
Any modification, equivalent and improvement made within the spirit and principle of utility model etc., should be included in the utility model
Protection domain within.
Claims (7)
1. a kind of USB port access control system based on multifactor authentication, it is characterised in that include:
The USB AM access modules of USB connections are received and detected for the USB port access control system;
Configuration is accessed according to the USB that user configuring list is managed USB access modules for the USB port access control system
Module;
For the usb data access modules that the USB port access control system administration usb data accesses logic;
Authentication is carried out for the USB port access control system determine whether the legal multifactor authentication mould of user
Block;
And for the storage inside module of the USB port access control system concrete data access of process;
The USB AM access modules are detected after USB device insertion, will be triggered the USB and be accessed configuration module according to user configuring
Selection interface is ejected in list, if user-selected number is according to access, is triggered the usb data access modules initialization internal data and is visited
Ask, then triggering the multifactor authentication module carries out user validation confirmation, if user is legal, triggers the inside
Memory module carries out data access, and final data is transferred to circumscribed USB equipment by the USB AM access modules.
2. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute
State USB AM access modules to drive and detection module including USB type-C hardware interfaces, USB.
3. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute
Storage inside module is stated using EXT4 file management systems and EMMC Flash hardware store modules.
4. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute
Stating multifactor authentication module includes:For carrying out the first password identification module of cipher authentication and for living body faces certification
Living body faces identification module;
The certification mode selected according to user triggers living body faces identification module collection user's living body faces information and enters pedestrian
Face certification, if certification passes through, confirms that user is legal, triggers the storage inside module and completes data access;If authentification failure,
Then trigger the first password identification module receiving user's input password, the first password identification module by the password for prestoring with
The password of user input is compared certification;If certification passes through, confirm that user is legal, trigger the storage inside module and complete
Data access;If authentification failure, terminate accessing.
5. the USB port access control system of multifactor authentication is based on according to claim 4, it is characterised in that institute
Living body faces identification module is stated including 720P high definitions front-facing camera and corresponding driving and face algorithm unit.
6. the USB port access control system of multifactor authentication is based on according to claim 1, it is characterised in that institute
Stating multifactor authentication module also includes:For carrying out the second password identification module of cipher authentication and for finger print identifying
Fingerprint identification module;
The certification mode selected according to user triggers the fingerprint identification module collection user fingerprints information and the prior finger for preserving
Line is compared certification, if certification passes through, confirms that user is legal, is triggered the storage inside module and is completed data access;If
Authentification failure, then trigger the second password identification module receiving user's input password, and the second password identification module will be pre-
The password deposited and the password of user input are compared certification;If certification passes through, confirm that user is legal, trigger the inside and deposit
Storage module completes data access;If authentification failure, terminate accessing.
7. the USB port access control system of multifactor authentication is based on according to claim 6, it is characterised in that institute
Fingerprint identification module is stated using optical finger print module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201620749122.5U CN206133568U (en) | 2016-07-15 | 2016-07-15 | USB port access control system based on multifactor authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201620749122.5U CN206133568U (en) | 2016-07-15 | 2016-07-15 | USB port access control system based on multifactor authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
CN206133568U true CN206133568U (en) | 2017-04-26 |
Family
ID=58561385
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201620749122.5U Active CN206133568U (en) | 2016-07-15 | 2016-07-15 | USB port access control system based on multifactor authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN206133568U (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109474631A (en) * | 2018-12-28 | 2019-03-15 | 深圳竹云科技有限公司 | A kind of multinode authentication method of dynamic tracing |
CN112740205A (en) * | 2018-09-18 | 2021-04-30 | 三星电子株式会社 | Electronic device and method for controlling connection of external device using the same |
-
2016
- 2016-07-15 CN CN201620749122.5U patent/CN206133568U/en active Active
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112740205A (en) * | 2018-09-18 | 2021-04-30 | 三星电子株式会社 | Electronic device and method for controlling connection of external device using the same |
CN109474631A (en) * | 2018-12-28 | 2019-03-15 | 深圳竹云科技有限公司 | A kind of multinode authentication method of dynamic tracing |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109886697B (en) | Operation determination method and device based on expression group and electronic equipment | |
WO2017113380A1 (en) | Fingerprint recognition method and apparatus, and touch-screen terminal | |
US9245131B2 (en) | Multi-user universal serial bus (USB) key with customizable file sharing permissions | |
CN104574599A (en) | Authentication method and device, and intelligent door lock | |
CN103366107A (en) | Method, device and mobile phone for protecting access permission of application program | |
CN101986597A (en) | Identity authentication system with biological characteristic recognition function and authentication method thereof | |
CN105447927B (en) | Control method, access controller and the access control system that gate inhibition's electric lock is opened | |
US11861946B2 (en) | Locking system with a lock operable in different modes for allowing access using a sharable digital key | |
CN102201917B (en) | Method and device for identity authentication of ATM (automatic teller machine) | |
CN105701386A (en) | Security certification method and device | |
CN103824391B (en) | Self-aided terminal is anti-to exchange chucking method and device | |
CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
CN206133568U (en) | USB port access control system based on multifactor authentication | |
CN104778587A (en) | Safety payment method and device | |
CN107657454A (en) | Biological method of payment, device, equipment and storage medium | |
CN106098069A (en) | A kind of identity identifying method and terminal unit | |
CN107295016A (en) | Auth method and device | |
US11354394B2 (en) | Identity verification using autonomous vehicles | |
CN105791139A (en) | Routing device, network access method and device of communication terminal | |
US20150143512A1 (en) | Iris key, system and method of unlocking electronic device using the iris key | |
CN106845197A (en) | A kind of fingerprint identification method and device | |
CN105303092B (en) | A kind of identity identifying method and device | |
CN101419577A (en) | Mobile memory apparatus with handwriting identification identity confirming function and implementing method thereof | |
CN103593596A (en) | USB KEY for collecting external biological characteristics | |
CN106295291A (en) | The unlocking method of terminal and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |