KR20100002712A - Terminal and method for ristricting access to data - Google Patents

Terminal and method for ristricting access to data Download PDF

Info

Publication number
KR20100002712A
KR20100002712A KR1020080062709A KR20080062709A KR20100002712A KR 20100002712 A KR20100002712 A KR 20100002712A KR 1020080062709 A KR1020080062709 A KR 1020080062709A KR 20080062709 A KR20080062709 A KR 20080062709A KR 20100002712 A KR20100002712 A KR 20100002712A
Authority
KR
South Korea
Prior art keywords
data
identification information
user identification
stored
page
Prior art date
Application number
KR1020080062709A
Other languages
Korean (ko)
Inventor
지명경
Original Assignee
주식회사 케이티테크
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 케이티테크 filed Critical 주식회사 케이티테크
Priority to KR1020080062709A priority Critical patent/KR20100002712A/en
Publication of KR20100002712A publication Critical patent/KR20100002712A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

A redundancy of each page, a flash memory storing user identification information of a Universal Subscriber Identification Module (USIM) card, and a file allocation (FAT) storing the physical and logical addresses of the pages. Table), and when a request for data stored in the pages occurs, reads user identification information stored in an extra area corresponding to the page in which the requested data is stored, and the user identification information of the currently loaded USIM card. And a page manager for controlling access to the data according to the comparison result, and configuring a method for restricting data access. Therefore, when multiple users with different USIM cards are used in one mobile communication terminal, only their own data can be accessed for each user.

Description

Terminal and method for restricting data access {TERMINAL AND METHOD FOR RISTRICTING ACCESS TO DATA}

The present invention relates to a terminal employing a flash memory, and more particularly, to a terminal and a method for restricting access to data in a flash memory.

At present, WCDMA mobile communication services are being provided to users. WCDMA (Wideband Code Division Multiple Access) mobile communication service refers to a third generation mobile communication service that provides a high-quality video call, a high-speed data service, etc. based on a WCDMA system.

The Universal Subscriber Identification Module (USIM) card, which is basically installed in the mobile communication terminal to which the WCDMA system is applied, is an essential component for subscriber authentication in the WCDMA mobile communication service. This USIM card includes ESN (Eletronic Serial Number) which is a unique number of mobile communication terminal, carrier, user password, roaming information, user related information (personal phone number, phone book, shortcut key, restriction key), carrier and content provider. The service information of the (Content Provider) is stored.

1 is a diagram schematically illustrating a case where several USIM cards are used in one mobile communication terminal.

Referring to FIG. 1, one mobile communication terminal 10 includes a USIM card mounting unit 20 to which a USIM card is mounted. Several users can use the communication service through the mobile communication terminal 10 by mounting their USIM card (31 ~ 34) to the USIM card mounting portion 20. In this case, data stored in the mobile communication terminal can be accessed by various users using the mobile communication terminal.

For example, when the user 1 mounts his or her USIM card A 31 on the mobile communication terminal 10 and transmits an SMS message, the transmitted SMS message may be stored in the mobile communication terminal 10. Thereafter, when the user 2 attaches his or her USIM card B 32 to the mobile communication terminal 10, the user stored in the mobile communication terminal 20 as well as using the communication service through the mobile communication terminal 10. 1 can view the SMS message sent.

That is, data generated in relation to one user among several users in the mobile communication terminal can be viewed by other users. Therefore, if the user does not delete the data generated by the user using the mobile communication terminal, there is a problem that is disclosed to other users.

An object of the present invention for solving the above problems is a device and method for preventing the rest of the users can view the data generated for each user when a plurality of USIM cards are alternately mounted to one mobile communication terminal To provide.

An embodiment of the present invention for achieving the above object is composed of pages, the flash memory in which an extra area of each of the pages stores user identification information of a Universal Subscriber Identification Module (USIM) card, and the page FAT (File Allocation Table) that stores their physical and logical addresses,

When a request for data stored in the pages occurs, the user identification information stored in the spare area corresponding to the page in which the requested data is stored is read, compared with the user identification information of the currently loaded USIM card, and compared. According to a result, there is provided a terminal for limiting data access, comprising a page manager for controlling access to the data.

Here, when the user identification information stored in the redundant area and the user identification information of the currently mounted USIM card match, the page manager reads data from the page where the requested data is stored and transmits the data to the requesting place. Can be.

Here, if the user identification information stored in the redundant area and the user identification information of the currently mounted USIM card do not match, the page manager may not read data from the page in which the requested data is stored.

Here, the page manager may transmit garbage data to the place where the data is requested.

Here, the user identification information may be a USIM ID.

Another embodiment of the present invention for achieving the above object is a flash memory consisting of pages, the spare area of each of the pages stores the user identification information of the Universal Subscriber Identification Module (USIM) card, and the page In a terminal having a file allocation table (FAT) that stores physical addresses and logical addresses thereof, when a request for data stored in the pages is generated, the terminal is stored in an extra area corresponding to the page in which the requested data is stored. Reading the stored user identification information, comparing the user identification information of the currently loaded USIM card, and controlling access to the data according to the comparison result. Provide a way to.

Here, in the controlling of the access, if the user identification information stored in the redundant area and the user identification information of the currently mounted USIM card match, the data is read from a page in which the requested data is stored to request data. It may be a step of transmitting to.

Here, the controlling of the access may include not reading data from a page in which the requested data is stored if the user identification information stored in the redundant area and the user identification information of the currently mounted USIM card do not match. Can be.

Here, the controlling of the access may further include transmitting garbage data to the place where the data is requested.

Here, the user identification information may be a USIM ID.

According to the present invention as described above, when a plurality of users having different USIM cards using one mobile communication terminal can access only their own data for each user.

As the invention allows for various changes and numerous embodiments, particular embodiments will be illustrated in the drawings and described in detail in the written description. However, this is not intended to limit the present invention to specific embodiments, it should be understood to include all modifications, equivalents, and substitutes included in the spirit and scope of the present invention. In describing the drawings, similar reference numerals are used for similar elements.

Terms such as first, second, A, and B may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, the first component may be referred to as the second component, and similarly, the second component may also be referred to as the first component. The term and / or includes a combination of a plurality of related items or any item of a plurality of related items.

When a component is referred to as being "connected" or "connected" to another component, it may be directly connected to or connected to that other component, but it may be understood that other components may be present in between. Should be. On the other hand, when a component is said to be "directly connected" or "directly connected" to another component, it should be understood that there is no other component in between.

The terminology used herein is for the purpose of describing particular example embodiments only and is not intended to be limiting of the present invention. Singular expressions include plural expressions unless the context clearly indicates otherwise. In this application, the terms "comprise" or "have" are intended to indicate that there is a feature, number, step, operation, component, part, or combination thereof described in the specification, and one or more other features. It is to be understood that the present invention does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or a combination thereof.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in the commonly used dictionaries should be construed as having meanings consistent with the meanings in the context of the related art and shall not be construed in ideal or excessively formal meanings unless expressly defined in this application. Do not.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

First, the present invention can be applied to a mobile communication terminal having a flash memory. The flash memory is divided into pages and configured to read and write in units of pages.

In addition, a mobile communication terminal having a flash memory typically employs a FAT (File Allocation Table) file system. Here, the FAT (File Allocation Table) is a kind of file arrangement table maintained by the terminal employing the flash memory in the flash memory, and provides a location of pages in which files are stored. Specifically, when a new file is stored in a page of flash memory, the file is stored in at least one or more pages, where the pages do not always have to be nearby when stored in multiple pages, rather than in flash memory. Often scattered here and there. In other words, the physical and logical addresses of the file are different, and the FAT has mapping information for these addresses, so that the memory area can be managed efficiently.

The terminal creates a FAT entry that records the position and order of each page for the new file, and when reading the file, the contents of the file read from several pages are reordered in order to show the entire contents together.

Such a FAT file system will be described with reference to FIG.

2 shows a configuration of a FAT file system of a terminal employing a flash memory.

Referring to FIG. 2, the FAT file system includes an application 40, a FAT application programming interface (API) 50, and a FAT application programming interface (API).

The FAT API 50 provides the upper application with an application programming interface for the FAT core. FAT 60 manages FAT and manages directories and files. The page manager 70 provides a mapping of the physical and logical addresses of the file according to the FAT core 60. The flash driver 80 performs a read / write / erase operation of a file with respect to the flash memory 90.

The structure of the flash memory 90 will be described in detail with reference to FIG. 3. As shown in FIG. 3, the flash memory 90 includes pages 111-11N, and each page 111-11N includes a data area 102 and a corresponding spare area ( 104). The redundant area 104 stores information such as CRC values or bad blocks of data. In FIG. 3, for example, page 1 111 shows that data area 102 includes spare area 104, but the spare area may be located away from data area 102 in flash memory 90. have.

According to the present invention, the mobile communication terminal uses the page spare area of the flash memory to prevent other users from viewing the data generated for each user.

4 is a block diagram of a mobile communication terminal according to an embodiment of the present invention.

Referring to FIG. 4, the mobile communication terminal 200 includes a USIM card 210, a USIM card reader 220, a USB interface 230, a page manager 240, a flash memory 250, a FAT 260, and the like. Application 270. The mobile communication terminal 200 may be connected to an external device 300, for example, a PC. In this case, the external device 300 may access the flash memory 250 through the USB interface 230.

The flash memory 250 is divided into pages, as shown in FIG. 3. Further, according to the present invention, user identification information, for example, a USIM ID, is stored in the redundant area corresponding to each page. The user identification information stored in the spare area is user identification information read from the currently mounted USIM card when data is stored in the data area corresponding to the spare area. Alternatively, the user identification information stored in the redundant area is user identification information recognized in relation to the USIM card currently mounted by the mobile communication terminal when data is stored in the page area corresponding to the redundant area.

The USIM card 210 stores user identification information, for example, a USIM ID, which is information for identifying a USIM card. The USIM ID reader 220 may read the USIM ID from the USIM card 210 and provide the page manager 240 in response to a request from the page manager 240.

Although the USIM ID is used as the user identification information in the present embodiment, the present invention is not limited thereto, and any information capable of identifying the subscriber of the communication service can be used. For example, UICCID or the like can be used. Therefore, in this case, the mobile communication terminal may have a UICCID reading unit.

The page manager 240 performs mapping of the physical address and the logical address of the file according to the FAT 260. FAT 260 stores the physical and logical addresses of the pages of flash memory 250. Since the FAT 260 is implemented under a common protocol, when the items of the FAT in the terminal are modified, the terminal cannot recognize the flash memory 250 as well as the FAT 260. Therefore, the present invention enables the user to control access to the flash memory 250 without modification of the FAT.

In detail, when predetermined data is requested, the page manager 240 reads a physical address corresponding to the logical address of the data from the FAT 260 and controls reading / writing of data according to the read physical address. Accordingly, the external device 300 or the application 270 needs to go through the page manager 240 to access data stored in the flash memory 250. When a request for data of the flash memory 250 occurs, the page manager 240 is provided with user identification information, for example, a USIM ID, from a currently installed USIM card.

Alternatively, page manager 240 may be aware of user identification information in relation to the currently loaded USIM card. That is, when the USIM card 210 is mounted in the mobile communication terminal 200, since the mobile communication terminal 200 performs authentication using the user identification information of the USIM card 210, the data of the flash memory 250 may be used. It may be aware of the user identification information before a request for.

Subsequently, the page manager 240 reads user identification information stored in an extra area corresponding to the page of the flash memory 250 in which the corresponding data is stored, for example, the USIM ID. The page manager 240 then compares the user identification information of the currently loaded USIM card with the user identification information stored in the spare area corresponding to the page. If the user identification information of the currently mounted USIM card and the user identification information stored in the redundant area match, the page manager 240 reads data from the corresponding page and transmits the data to the requesting place.

If the user identification information of the currently loaded USIM card and the user identification information stored in the redundant area do not match, the page manager 240 does not read the data from the corresponding page to access the requested data. Block it. In addition, the page manager 240 may transmit garbage data to the place where the data is requested.

As described above, the present invention can protect personal information even when multiple users share the same terminal by accessing data in the flash memory through a USIM card having access authority without modification of the FAT 260.

In addition, since the present invention uses the spare area of the page of the flash memory without modifying the FAT 260, an external device, for example, a personal computer (PC), is connected to the terminal to connect the flash memory of the terminal as a removable disk. Even if you do, you can protect your personal information. That is, since the FAT 260 has not been modified, the external device can access the flash memory through the internal FAT of the terminal. In this case, since the FAT has not been modified, only data corresponding to the currently mounted USIM card can be transmitted to the outer device without any problem in the existing communication.

The operation of the page manager 240 will be described with reference to FIG. 5.

5 is a flowchart illustrating a data access restriction method in a page manager according to the present invention.

4 and 5, the page manager 240 determines whether a request for data in the flash memory 250 occurs in step 410. When a request for data in the flash memory 250 occurs, the page manager 240 reads user identification information, for example, USIM ID, from the USIM card mounted in step 420 through the USIM ID reading unit 220. This USIM ID reading step 420 may be omitted, which is drawn in dashed lines in FIG. 4 to illustrate this. This is because, as described above, when the USIM card 210 is mounted in the mobile communication terminal 200, the USIM ID of the USIM card 210 may be recognized by the mobile communication terminal 200.

The page manager 240 then reads the user identification information stored in the spare area corresponding to the page of the flash memory 250 in which the requested data is stored in step 430, for example, the USIM ID.

The page manager 240 compares the user identification information of the currently loaded USIM card with the user identification information stored in the spare area corresponding to the page in step 340.

If the user identification information of the currently mounted USIM card and the user identification information stored in the redundant area match, the page manager 240 reads the data from the corresponding page in step 450 and transmits the data to the requested place.

If the user identification information of the currently loaded USIM card and the user identification information stored in the redundant area do not match, the page manager 240 does not read the data from the page in step 460 so that the requested data cannot be read. Block access to In addition, the page manager 240 may transmit the garbage data to the place where the request was made in step 470. In this case, the garbage data preferably has the same data amount as the requested data amount.

This garbage data transmission step may be omitted, and is illustrated by a dotted line in FIG. 5 to indicate this.

6 shows a structure of a flash memory according to the present invention.

Referring to FIG. 6, a flash memory includes a plurality of pages 121-12N, and each page 121-12N includes a data area 102 and a spare area 104. The redundant area 104 stores user identification information related to data stored in the corresponding pages. For example, the spare area of page 1 121 stores the first user identification information, and the spare area of page 2 122 stores the second user identification information.

As described above, the user identification information stored in the redundant area may be read and stored from the currently mounted USIM card when data is stored in the data area corresponding to the redundant area. Alternatively, the user identification information stored in the redundant area may be recognized and stored in relation to the USIM card currently mounted by the mobile communication terminal when data is stored in the page area corresponding to the redundant area.

Meanwhile, pages of the flash memory may be managed as block segments. That is, pages can be grouped and managed to fit logical addresses. In this case, user identification information of the USIM card may be stored in an extra area of a predetermined page among pages constituting one block segment. In this case, when the corresponding block segment is requested, the page manager 240 reads the user identification information of the USIM card from the spare area of a predetermined page among the pages constituting the requested block segment, and thereby accesses data in block segment units. Can manage

Although described above with reference to a preferred embodiment of the present invention, those skilled in the art will be variously modified and changed within the scope of the invention without departing from the spirit and scope of the invention described in the claims below I can understand that you can.

1 is a diagram schematically illustrating a case where several USIM cards are used in one mobile communication terminal.

2 shows a configuration of a FAT file system of a terminal employing a flash memory.

3 is a diagram illustrating the structure of a flash memory.

4 is a block diagram of a mobile communication terminal according to an embodiment of the present invention.

5 is a flowchart illustrating a file access restriction method in a page manager according to the present invention.

6 shows a structure of a flash memory according to the present invention.

<Explanation of symbols for the main parts of the drawings>

210: USIM card

240: page manager

250: flash memory

260: FAT

270: application

Claims (10)

A flash memory comprising pages, wherein each spare area of the pages stores user identification information of a Universal Subscriber Identification Module (USIM) card; FAT (File Allocation Table) for storing the physical address and logical address of the pages, When a request for data stored in the pages occurs, the user identification information stored in the spare area corresponding to the page in which the requested data is stored is read, compared with the user identification information of the currently loaded USIM card, and compared. And a page manager for controlling access to the data according to a result. The apparatus of claim 1, wherein the page manager requests data by reading data from a page in which the requested data is stored when the user identification information stored in the redundant area and the user identification information of the currently loaded USIM card are identical. Terminal for restricting data access, characterized in that the transmission to a place. The apparatus of claim 1, wherein the page manager does not read data from a page in which the requested data is stored if the user identification information stored in the redundant area and the user identification information of the currently loaded USIM card do not match. Terminal for restricting data access, characterized in that. 4. The terminal of claim 3, wherein the page manager transmits garbage data to a place where the data is requested. The terminal of claim 1, wherein the user identification information is a USIM ID. A redundancy of each page, a flash memory storing user identification information of a Universal Subscriber Identification Module (USIM) card, and a file allocation (FAT) storing the physical and logical addresses of the pages. In a terminal having a table) When a request for data stored in the pages occurs, reading user identification information stored in an extra area corresponding to a page in which the requested data is stored; Comparing the user identification information of the currently installed USIM card; Controlling access to the data according to the comparison result. The method of claim 6, wherein the controlling of the access comprises reading data from a page in which the requested data is stored, if the user identification information stored in the redundant area and the user identification information of the currently mounted USIM card match. And transmitting the data to the requested place. The method of claim 6, wherein the controlling of the access comprises reading data from a page in which the requested data is stored if the user identification information stored in the redundant area and the user identification information of the currently loaded USIM card do not match. How to restrict data access, characterized in that the step of not. 10. The method of claim 8, wherein the controlling of the access further comprises transmitting garbage data to the place where the data is requested. Terminal. 7. The method of claim 6, wherein the user identification information is a USIM ID.
KR1020080062709A 2008-06-30 2008-06-30 Terminal and method for ristricting access to data KR20100002712A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020080062709A KR20100002712A (en) 2008-06-30 2008-06-30 Terminal and method for ristricting access to data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020080062709A KR20100002712A (en) 2008-06-30 2008-06-30 Terminal and method for ristricting access to data

Publications (1)

Publication Number Publication Date
KR20100002712A true KR20100002712A (en) 2010-01-07

Family

ID=41812712

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020080062709A KR20100002712A (en) 2008-06-30 2008-06-30 Terminal and method for ristricting access to data

Country Status (1)

Country Link
KR (1) KR20100002712A (en)

Similar Documents

Publication Publication Date Title
US9198025B2 (en) High-capacity SIM storage control
US8868929B2 (en) Method of mass storage memory management for large capacity universal integrated circuit cards
US8452934B2 (en) Controlled data access to non-volatile memory
KR100735341B1 (en) Apparatus and method for improving speed of data reading from subscriber identity module
JP4807683B2 (en) Data storage
US20060236026A1 (en) Method and system for allocating, accessing and de-allocating storage space of a memory card
CN101430700A (en) File management device and storage device
EP2727384B1 (en) Method for accessing at least one service and corresponding system
US20140310824A1 (en) Method for managing external portable storage device and related machine readable medium
CN104462893A (en) Method and device for managing multiple SE modules
JP3663058B2 (en) Terminal equipment for mobile communication
EP1650690B1 (en) Improvements in personal data security of mobile communication device
JP2015043231A (en) Data protection method, circuit card, and mobile radio communications device
JP2010160646A (en) Storage device
KR100943779B1 (en) Accessing contact cards of a mobile terminal from another mobile terminal
KR20100002712A (en) Terminal and method for ristricting access to data
CN112084524B (en) USB flash disk access method and USB flash disk
US20170094502A1 (en) Management method, management device and terminal for contacts in terminal
US9015491B2 (en) Method and apparatus for managing private data in multifunction peripheral
US9235544B2 (en) Portable data carrier having additional functionality
KR101307054B1 (en) A image data sharing system using app
KR20190078198A (en) Secure memory device based on cloud storage and Method for controlling verifying the same
EP2575036A1 (en) Method for processing application data and corresponding first device
KR101471250B1 (en) Method for Utilizing USIM Application by Connecting Common Application with Separate ADF and SE using the same
JP5489947B2 (en) Terminal device

Legal Events

Date Code Title Description
WITN Withdrawal due to no request for examination