TWI220946B - Embedded information storage device with security function and method thereof - Google Patents

Embedded information storage device with security function and method thereof Download PDF

Info

Publication number
TWI220946B
TWI220946B TW90133456A TW90133456A TWI220946B TW I220946 B TWI220946 B TW I220946B TW 90133456 A TW90133456 A TW 90133456A TW 90133456 A TW90133456 A TW 90133456A TW I220946 B TWI220946 B TW I220946B
Authority
TW
Taiwan
Prior art keywords
area
storage device
user
information storage
confidential
Prior art date
Application number
TW90133456A
Other languages
Chinese (zh)
Inventor
Hung-Ching Tzeng
Original Assignee
Fineart Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fineart Technology Co Ltd filed Critical Fineart Technology Co Ltd
Priority to TW90133456A priority Critical patent/TWI220946B/en
Application granted granted Critical
Publication of TWI220946B publication Critical patent/TWI220946B/en

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to an embedded information storage device with security function and method thereof, which comprises the procedures and the flow processes of the connection unit, the storage unit and the security program thereof. The connection unit of the embedded information storage device can be connected with the information processing device and utilizes a plurality of storage units to store data. The security program can divide the storage unit into a plurality of areas and manage each area by level to achieve the data security function.

Description

12209461220946

【發明領域】 本發明係為一種嵌入式資訊儲存裝置,特別是一種具 有保社、功食$ > *Α» \ V: βρ· rta b之嵌入式資訊儲存裝置及其方法。 【發明背景】 f科技一日千里的今日,資訊處理裝置已經廣泛應用 一個領域’隨著科技不斷進步發展,資訊處理裝置的 功能亦越來越多元化’但在這資訊爆炸的時代,相對的資 訊處理裝置除了需要各種不同樣的功能來供使用者管理資 訊’同時亦需要足夠的空間來置放龐大的資訊。 一般資訊處理裝置儲存資訊之方式,大致可分為固定 i及可攜式’固定式的資訊儲存裝置通常具有較大的儲存 二間’可供資訊處理裝置存放大量的資訊及程式,如硬式 磁媒(Hard Disk)…等等,但固定式的資訊儲存裝置其缺 點則在於必須隨機使用,而造成攜帶上之不便,而可攜式 的貧訊儲存裝置則具有較便利的攜帶性,如軟式磁片 (Floppy Disk)…等等,但可攜式的資訊儲存裝置其缺點 則在於容量太小,常常面臨不敷使用的窘境。 又有利用可錄寫一次光碟(C〇mpact Disc -Recordable ;CD-R)來儲存資訊,雖然儲存容量大為增 加,但其缺點在於無法重覆寫入及刪除資訊,所以並不能 算是一個具有管理功能的可攜式資訊儲存裝置,針對上述 缺點’又有習知技術發展出微型硬碟(Micro j)river)、快 閃記憶卡(Memory Stick ; MS)或 Compact Flash Card (CF card)…等等,來達到儲存並管理資訊的功能,但當[Field of the Invention] The present invention is an embedded information storage device, in particular, an embedded information storage device with a security agency, a meal $ > * A »\ V: βρ · rta b and its method. [Background of the Invention] Today, with the rapid development of science and technology, information processing devices have been widely used in one field. "With the continuous development of science and technology, the functions of information processing devices have become more and more diverse." But in this era of information explosion, relative information processing In addition to the device's need for a variety of different functions for users to manage information ', it also needs sufficient space to place huge information. The general information processing device's way of storing information can be roughly divided into fixed i and portable. 'Fixed information storage devices usually have two large storage spaces' for information processing devices to store a large amount of information and programs, such as hard magnetic Media (Hard Disk) ... etc., but the disadvantage of fixed information storage devices is that they must be used randomly and cause inconvenience in carrying, while portable lean storage devices have more convenient portability, such as soft Floppy Disk ... etc., But the disadvantage of portable information storage devices is that the capacity is too small, often facing the dilemma of insufficient use. There is also the use of a compact disc-recordable (CD-R) to store information. Although the storage capacity has increased greatly, its disadvantage is that it cannot be written and deleted repeatedly, so it cannot be regarded as a Management-oriented portable information storage device, in response to the above-mentioned shortcomings, there are known technologies to develop micro hard drives (Micro j) river, flash memory cards (Memory Stick; MS) or Compact Flash Card (CF card) ... Etc. to achieve the function of storing and managing information, but when

1220946 五、發明說明(2) i述之資訊儲存裝置遺失時’則無法保全内部資料之安 且^資訊健存裝置具有便於攜帶的優 術課題。 旳功此,實為一尚待解決之技 【發明之概述及目的】 有鑑於此,本發明接^ 訊儲存裝置及其方法,心要的:::功能之嵌入式資 置之資料依其屬性加以分級管將嵌入式資訊健存裝 及其本ί::揭露的保密功能之嵌入式資訊储存褒置 之步驟及土轻有連接單元、儲存單元及其保密程式 ,並㈣存單元儲存資料,而保密程式ΐ = 1ί::”為複數個區域,並將各區域分級管理 以達到資訊保密的功能。 &王 下··有關本發明之詳細内容及技術,兹就配合圖式說明如 及月! ί 一種具有保密功能之嵌入式資訊儲存裝置 與:斗一明參照「第1圖」’為本發明具有保密功能之 嵌式貝訊儲存裝置系統方塊圖。 吼户ί :保密功能之嵌入式資訊儲存裝置20係與資 J ^ 連接,其包含有連接單元21、儲存單元2 2及 保密程式,連接單元21可為萬用串龍流排介面⑽ interface),也可為一高密度傳輸連接介面, 1220946 發明說明(3) 五 並與資訊處理裝置20相接以傳送資訊,而儲存單元22則可 為快閃記憶體(Flash Memory)並與連接單元21相接,此儲 存單元更可依使用者的要求分割為一個普通區域及至少一 個保社、區域’其中普通區域用於儲存普通資訊,可供所有 使用者瀏覽’保密區域則用於儲存具有機密性之保密資 訊’只提供特定使用者使用。 而保密程式則用於管理保密區域,並於使用者欲使用 ,密區域工作時,提供密碼機制驗證使用者的身份,且於 = ?作時,將保密區域加以鎖碼,以維持保密 接下來就本發明中之資訊保密的方法做一詳細 =明中之資訊保密的方法大致可分為使用者的保二 J驟二作:驟及鎖碼步驟三部份,㈣設定步驟大 ::使用者設定,並將嵌入式資訊儲存裝父以密機 將者之要求分割為普通區域及至少-個保密巴:疋, 將保密區域設定權限。 忭在&域,且 密播作步驟為此嵌入式資訊儲存裝置工作時,i =驗證使用者之身份及權限,並之由此保 ;呆=域供使用者工作,鎖瑪步驟則為當歲限開致 、置…束工作,由保密機制將保密區域鎖碼。式貝訊儲存 明,下來就上述之保密設定步驟做更進一牛+ 保宏Ϊ參肖「第2圖」’為本發明嵌入式資訊Ί詳細說 '、方法的保密設定步驟流程圖。 β儲存裝置之 第6頁 i2209461220946 V. Description of the invention (2) When the information storage device described in item i is lost ’, the security of internal data cannot be maintained and the information storage device has an excellent subject of portability. This is really an unsolved technology. [Summary and Purpose of the Invention] In view of this, the present invention provides a communication storage device and its method. What is important: The information of the embedded property of the function depends on it. Attributes are classified and stored. Embedded information storage and its version :: The steps of the embedded information storage setting of the disclosed confidential function and the connection unit, storage unit and its security program, and the storage unit stores data. , And the security program ΐ = 1ί :: "is a plurality of areas, and each area is managed hierarchically to achieve the function of confidentiality of information. &Amp; 2 Kings ... The detailed content and technology of the present invention will be described in conjunction with the drawings such as Good month! Ί An embedded information storage device with a security function and: Dou Yiming's reference to "Figure 1" is a block diagram of the embedded Bessun storage device system with a security function of the present invention. Howl: The embedded information storage device 20 of the security function is connected to the data source ^, which includes a connection unit 21, a storage unit 22, and a security program. The connection unit 21 can be a universal long stream interface (interface). It can also be a high-density transmission connection interface. 1220946 Invention description (3) Five and connected to the information processing device 20 to transmit information, and the storage unit 22 can be flash memory and connected to the connection unit 21 Connected, this storage unit can be divided into an ordinary area and at least one insurance agency and area according to the user's requirements. Among them, the ordinary area is used to store general information, which can be browsed by all users. The “secure area” is used to store confidential information. Sexually Confidential Information 'is only available to specific users. The security program is used to manage the confidential area, and when the user wants to use it, provide a password mechanism to verify the user's identity when working in the confidential area, and lock the confidential area to protect the confidentiality when it works. Make a detailed description of the method of information confidentiality in the present invention = The method of information confidentiality in the Ming Dynasty can be roughly divided into the user's two guarantees: step two: step and lock code step three, the setting step is large :: use The user sets the embedded information storage device and uses a secret machine to divide the user ’s request into a common area and at least one security bar: 疋, set the permissions for the security area.忭 In the & domain, and the secret broadcast step is working for this embedded information storage device, i = verify the identity and permissions of the user, and thereby protect it; stay = domain for the user to work, the lock step is When the age limit is opened, the work is set up, and the confidential area is locked by the security mechanism. It is clear that the security setting steps mentioned above will be improved in the next step + Bao Hong ΪShen "Figure 2" is the embedded information of the present invention, and the method of security setting steps is detailed. β storage device page 6 i220946

判儲:ί ^ Γ半入:資訊儲存裝置開始使用時,判斷是否分· =Λ 〇),若使用者不欲分割餘存單元則將 普通區域,*用者欲分割儲存單元,將儲 :皁7L分割為複數個區域(步驟12〇),其分割的數目可由 用者自行《X疋,分割完成後由使用者將各區域設定工作 ^限(步驟130),設定完成後則依各區域之權限設定工作 密碼(步驟140),此密碼亦由使用者自行設定,當完成上 述動作後’則完成保密設定之步驟。 ▲ 接下來就本發明之工作步驟做更進一步之詳細說明, 叫參照「第3圖」,為本發明嵌入式資訊儲存裝置之保密 方法的工作步驟流程圖。 §嵌入式 >訊儲存裝置開始工作時,首先判斷是否進 入保密區域(步驟210)工作,若使用者不需進入保密區域 工作’則開啟普通區域供使用者工作(步驟2 5 〇 ),如使用 者需進入保密區域,則要求使用者輸入工作密碼(步驟 220) ’並判斷工作密碼是否正確(步驟23〇),若使用者輸 入之工作密碼錯誤,則回到步驟22 〇要求使用者再次輸入 工作密碼,如輸入之工作密碼正確,則依據此工作密碼的 權限開啟權限内之保密區域供使用者工作(步驟24〇)。 接下來就本發明之鎖碼步驟做更進一步之詳細說明, 請參照「第4圖」,為本發明嵌入式資訊儲存裝置之保密 方法的鎖碼步驟流程圖。 本發明之保密方法的鎖瑪步驟包含有:判斷保密區域 是否閒置(步驟310),因為如果保密區域在工作中閒置太Judgment storage: ί ^ Γ Semi-entry: When the information storage device starts to use, determine whether it is divided or not = Λ 〇), if the user does not want to divide the remaining unit, the general area, * the user wants to divide the storage unit, the storage: The soap 7L is divided into a plurality of regions (step 12), and the number of divisions can be set by the user (X 疋). After the division is completed, the user sets the work limit for each region (step 130). Set the work password of the authority (step 140). This password is also set by the user. When the above action is completed, the security setting step is completed. ▲ Next, the working steps of the present invention will be described in further detail. Refer to "Figure 3", which is a flowchart of the working steps of the security method of the embedded information storage device of the present invention. §Embedded> When the storage device starts to work, first determine whether to work in the confidential area (step 210). If the user does not need to enter the confidential area to work, then open the ordinary area for the user to work (step 25). If the user needs to enter the confidential area, the user is required to enter a work password (step 220) 'and judge whether the work password is correct (step 23). If the work password entered by the user is incorrect, go back to step 22 and ask the user again Enter the work password. If the work password is correct, open the confidential area within the authority for the user to work based on the work password (step 24). Next, the lock code steps of the present invention will be described in further detail. Please refer to "Fig. 4" for a flowchart of the lock code steps of the security method of the embedded information storage device of the present invention. The step of locking the security method of the present invention includes: determining whether the security area is idle (step 310), because if the security area is idle during work,

1220946 五、發明說明(5) 久,很可能為使用者暫時離開工作,此時保密區域的資訊 則有被他人取得的可能,所以保密區域一但閒置,本發明 則啟動計時功能,並判斷是否超過預設鎖碼時間(步驟 32 0 ),如計時功能之時間未超過預設鎖碼時間,則回到步 驟3 1 0繼續執行,如計時功能之時間超過預設鎖碼時間, 則將保密區域加以鎖碼(步驟33〇),若保密區域仍處於工 作中’則判斷保密區域是否結束工作(步驟34〇),如工作 已結束則將保密區域加以鎖碼(步驟33〇),若工作仍繼續 則維持保密區域工作(步驟35〇),並回到步驟31〇持續對保 密區域的狀態作偵測。 'μ 承上所述,本發明提供一種具有保密功能之嵌入式資 訊儲存裝置及其方法,其優點在於可將嵌入式資訊儲存裝 置之儲存空間加以分割,並設置為保密區域,如此可避免 具機密性的保密貧訊外洩,具有資訊保密功能,不似習知 資訊儲存裝置於遺失時,對内部的資訊並無保密之作用, 且本發明可將儲存空間分割為複數個保密區域,並進一 對各區域設定工作權限,如此可更有效的管理資料, 作更有效率。 雖然本發明以前述之較佳實施例揭露如上,然其 用以限定本發明,任何熟習此技藝者,在不脫離本^明之 精神和範圍内,當可作些許之更動與潤飾,因此本發明之 保護範圍當視後附之申請專利範圍所界定者為準。1220946 V. Description of the invention (5) For a long time, it is likely that the user will temporarily leave the work. At this time, the information in the confidential area may be obtained by others. Therefore, once the confidential area is idle, the invention starts the timer function and judges whether Exceed the preset lock time (step 32 0). If the time of the timer function does not exceed the preset lock time, then go back to step 3 1 0 to continue execution. If the time of the timer function exceeds the preset lock time, it will be kept secret The area is locked (step 33). If the confidential area is still working, then it is judged whether the confidential area is closed (step 34). If the work is completed, the confidential area is locked (step 33). If it continues, it will keep the work of the secret area (step 35), and return to step 31 to continue to detect the status of the secret area. 'μ As mentioned above, the present invention provides an embedded information storage device with a security function and a method thereof. The advantage of the invention is that the storage space of the embedded information storage device can be divided and set as a confidential area. Confidential confidential information is leaked and has the function of information confidentiality. Unlike the conventional information storage device, when the information is lost, it does not have the function of confidentiality of the internal information, and the invention can divide the storage space into a plurality of confidential areas and make progress. Set working permissions for each area, so that you can more effectively manage your data and work more efficiently. Although the present invention is disclosed in the foregoing preferred embodiment as above, it is used to limit the present invention. Any person skilled in the art can make some modifications and retouching without departing from the spirit and scope of the present invention. Therefore, the present invention The scope of protection shall be determined by the scope of the attached patent application.

1220946 圖式簡單說明 ' --- 【圖式簡單說明】 第1圖為本發明具有保密功能之嵌入式資訊儲存裝置系統 方塊圖; Γ步圖驟為圖明喪入式資訊儲存裝置之保密方法的保密設 :。程為圖本發及明嵌入式資訊儲存裝置之保密方法的工作步 第4圖為本發明嵌入式資訊儲存裝置 驟流程囷。 ’卡茶方法的鎖碼步1220946 Schematic description '--- [Schematic description] Figure 1 is a block diagram of the embedded information storage device system with security function of the present invention; Secret settings :. Figure 4 shows the working steps of the security method of the embedded information storage device. Figure 4 shows the procedure of the embedded information storage device of the present invention. ‘The lock step of the card tea method

【符號說明】 10資訊處理裝置 20具有保密功能之嵌入式資訊儲存裝 2 1連接單元 22儲存單元[Symbol description] 10 Information processing device 20 Embedded information storage device with security function 2 1 Connection unit 22 Storage unit

步驟11 0判斷是否分割儲存單元 步驟120將儲存單元分割為複數個區域 步驟130將各區域設定工作權限 步驟140依各區域之權限設定工作密碼 步驟210判斷是否進入保密區域 步驟220要求使用者輸入工作密碼 步驟230判斷工作密碼是否正碟 之保密區域供 步驟240依據此工作密碼的權限開啟權限 使用者工作 ~Step 11 0 Determine whether to divide the storage unit. Step 120 Divide the storage unit into multiple areas. Step 130 Set the work permissions for each area. Step 140 Set the work password according to the permissions of each area. Step 210 Determine whether to enter the confidential area. Step 220 ask the user to enter a job. The password step 230 determines whether the work password is a confidential area of the original disk for step 240 to enable the authorized user to work according to the permissions of the work password ~

第9頁 1220946 圊式簡單說明 步驟2 5 0開啟普通區域供使用者工作 步驟3 1 0判斷保密區域是否間置 步驟3 2 0判斷是否超過預設鎖碼時間 步驟33 0將保密區域加以鎖碼 步驟340判斷保密區域是否結束工作 步驟3 50維持保密區域工作Page 9 1220946 Simple description of the steps Step 2 5 0 Turn on the normal area for users to work Step 3 1 0 Determine whether the confidential area is interlaced Step 3 2 0 Determine whether the preset lock code time is exceeded Step 33 0 Lock the confidential area Step 340 determines whether the confidential area is finished. Step 3 50 Maintain the confidential area.

第10頁Page 10

Claims (1)

12209461220946 入式資訊儲存裝置與一 下列步驟: 資訊處理裝置相接 該方法包含有 於該嵌入式資訊儲存裝 一使用者設定,並將詨與 時,提供一保密機制由 分割為一普4區域及至/少一=資,存裝置之一儲存單元 設定權限; 個保密區域,且將該保密區域 於該嵌入式資 該使用者之身份及 區域供該使兩者工 於該嵌入式資 該保密區域鎖碼。 7·如申請專利範圍 保密的方法,其中 含有下列步驟: 依該使用者指 及該保密區域; 依該使用者指 將該使用者所設定 8 ·如申請專利範圍 保密的方法,其中 割,若該使用者指 部空間皆為該普通 9 ·如申請專利範圍 保密的方法,於該 子置工作時,由該保密機制驗證 :限:並依該使用者之權限開啟該保密 1下,及 訊儲存裝置結束工作’由該保密機制將 第6項所述嵌入式資訊儲存裝置之 於該嵌入式資訊儲存裝置使用時,更包 不將該儲存單元加以分割為該普通區域 示將該各保密區域設定一工作權限. :該各保密區域-工作密碼存 第7項所述嵌入式資訊倚存 存 依該使用者指示將該健存單元加以貝訊 示:分割該储存單*,則該儲存單:入 區域。 #早疋全 第6項所述嵌入式資訊儲存裝置之 嵌入式資訊儲#裝置工作時,》包資含有The information storage device is connected to the following steps: The information processing device is connected. The method includes installing a user setting in the embedded information storage, and providing a security mechanism by dividing it into a general 4 area and / Less than one = asset, set permissions for one storage unit of the storage device; a secret area, and use the secret area in the identity and area of the user of the embedded asset for the two to lock in the secure area of the embedded asset code. 7. If the method of applying for the protection of the patent scope includes the following steps: According to the user's instructions and the confidential area; set by the user's instructions to the user. The finger space of the user is the ordinary 9 · If the method of applying for the protection of the patent scope is confidential, the confidentiality mechanism is used to verify the work of the sub-set: Restricted: The confidentiality is opened 1 time according to the user's authority, and the information When the storage device ends its work, the confidential information will be used when the embedded information storage device described in item 6 is used in the embedded information storage device, and the storage unit will not be divided into the ordinary area, indicating that each confidential area will be divided. Set a working authority .: The confidential area-the work password storage embedded information described in item 7 depends on the instructions of the user to store the health storage unit: divide the storage order *, then the storage order : Enter the area. # 早 疋 全 The embedded information storage device of the embedded information storage device described in item 6 # When the device is working, the package contains
TW90133456A 2001-12-31 2001-12-31 Embedded information storage device with security function and method thereof TWI220946B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW90133456A TWI220946B (en) 2001-12-31 2001-12-31 Embedded information storage device with security function and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW90133456A TWI220946B (en) 2001-12-31 2001-12-31 Embedded information storage device with security function and method thereof

Publications (1)

Publication Number Publication Date
TWI220946B true TWI220946B (en) 2004-09-11

Family

ID=34132581

Family Applications (1)

Application Number Title Priority Date Filing Date
TW90133456A TWI220946B (en) 2001-12-31 2001-12-31 Embedded information storage device with security function and method thereof

Country Status (1)

Country Link
TW (1) TWI220946B (en)

Similar Documents

Publication Publication Date Title
US7249382B2 (en) Distributing access to a data item
US7257717B2 (en) Method with the functions of virtual space and data encryption and invisibility
US7793108B2 (en) Method of creating password schemes for devices
US8490204B2 (en) Selective protection of files on portable memory devices
US20080229428A1 (en) System and Method For a Dynamic Policies Enforced File System For a Data Storage Device
Peters et al. DEFY: A Deniable, Encrypted File System for Log-Structured Storage.
JPWO2004066156A1 (en) Copy prevention apparatus, copy prevention method, and program for causing computer to execute the method
US7818567B2 (en) Method for protecting security accounts manager (SAM) files within windows operating systems
CN101578608B (en) Methods and apparatuses for accessing content based on a session ticket
US20040221168A1 (en) System and method for protected messaging
US20120066349A1 (en) Method and system using two or more storage devices for authenticating multiple users for a single transaction
JP2005284679A (en) Resource use log acquisition program
JP4793949B2 (en) Computer information processing apparatus and information management program
JP2006343887A (en) Storage medium, server device, and information security system
TWI220946B (en) Embedded information storage device with security function and method thereof
JP2009245079A (en) Information terminal device and information processing method
TWI276971B (en) Trusted input for mobile platform transactions
TW201025005A (en) Recognizing method of memory storage device
CN101617318A (en) Be used for method and apparatus that content and licence are linked
TWI263432B (en) Data security method for storage apparatus and storage media and electronic device
TW576973B (en) Method for managing space and information on inserted information storage device
TW200832178A (en) Memory card and security method therefor
JP2002041363A (en) Medium copy protection method and storage medium
TWI249906B (en) Method of file encryption/decryption by a connecting information processing drive
Pal et al. Enhancing file data security in linux operating system by integrating secure file system

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees