1289841 九、發明說明·· 【發明所屬之技術領域】 本發明係關於一種控制資料燒錄的方法,特別關於一 種藉由對於所欲燒錄之原始内容作額外之處理控制資料 燒錄的方法。 【先前技術】BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method of controlling data burning, and more particularly to a method for controlling data burning by performing additional processing on the original content to be burned. [Prior Art]
於現今社會中,絕大多數的企業活動與資訊斜技息息 相關,舉凡通訊、資訊蒐集、資料傳遞、技術研發、行銷 等,無一不借重資訊科技所帶來的效率與方便性。而伴隨 著上述企業活動所產生的問題之一,便是如何備份如客戶 資料、交易資訊或研發資料等企業的重要資產,以避免因 資料流失所產生的重大損失。 目前現有的資料備份方式眾多,諸如儲存於資料伺服 器、儲存於使用者個人的備份磁碟或燒錄於光碟片等各 有其優缺點。其巾祕於光碟㈣備份方f :=,而其優點在於光碟片體積小,即便;= 作其他更有效_,且備份所產生之光2==間 使用者可於其他電腦讀取或重新安裝。” 燒錄於光碟片的方式雖具有上述優 二缺點。例如光碟片的燒錄方便加之 系 =易於未經授權的情形之下將所備 作處所’導致企業的機密資料㈣,造成資‘=— 5 1289841 2題。針對上述問題’某些應 的方式使特定人== :以燒解決前述問題,但前者完全無法 牙j用以魔錄於先碟片的方式備份 後者亦因—般貞卫_储份,利= 管理人員進行雜而有種種不便…、0位主管或糸統 &=4=解決上述問題,使利用燒錄於光碟片的方式備 :貝料的優點能完全發揮,不因種種限制而減損其方便 性’而又能夠避免企業的機密資料經由燒錄於光碟片的方 式外洩,實乃一有待解決之課題。 【發明内容】 針對上述問題,本發明之目的為提供一種控制資料燒 錄的方法,其可藉由對於所欲燒錄之原始内容作額外之處 理的方式,避免企業的機密資料經由燒錄於記錄媒體的方 式外洩。 本發明之控制資料燒錄的方法係應用於一資訊安全 控制系統中,上述資訊安全控制系統係由至少一伺服端與 至少一用戶端所組成,而伺服端可驗證用戶端之使用者之 身伤。為達上述目的,本發明之控制資料燒錄的方法首先 為讀取所欲燒錄之一原始資料區塊,其次以一加密金鑰加 毯、原始資料區塊以產生一加密資料區塊,再其次為於伺服 端記錄上述之加密金鑰,最後燒錄加密資料區塊於一記錄 媒體。 此外,本發明更提供一種電腦可讀取之記錄媒體,其 6 1289841 控制貝料燒錄的方法^上述方法係應用於—資訊安 ^系先中,而、訊安全控制系統係由至少一伺服端與 :用戶端所組成,且伺服端可驗證用戶端之使用者之 伤該控制資料錄的方法係依據上述步驟控制資料的 燒錄。 、 由於本發明之控制資料燒錄的方法並未採取移除燒 錄裝置的方式,故無礙於以燒錄於記錄媒體的方式備份資 _ 料。又本方法亦非以檢查使用者之身份與權限以判斷其是 ^可進行燒錄的方式控制使用者之操作,故一般使用者皆 可執^燒錄作業,無須煩請具足夠使用權限之人或系統管 理人員進行燒錄。但由於利用本發明之控制資料燒錄的方 法所產生之記錄媒體所載者為經加密之内容,故無法利用 於資訊安全控制系統控管範圍以外之電腦加以讀取。而若 欲將經加密之内容還原為原始内容,使用者需於資訊安全 控制系統控管範圍内之電腦如用戶端等登入。於執行讀取 記錄媒體之指令後,記錄媒體之識別資料將與使用者身份 • 進行比對’以判斷使用者是否具有讀取記錄媒體之權限 (例如其為燒錄者或較燒錄者具有更高之權限等)。若使 用者具上述權限,則以對應於記錄媒體之識別資料之加密 金鑰將記錄媒體所載之經加密之内容加以解密,供使用者 讀取。藉由上述機制,本發明之控制資料燒錄的方法將可 避免企業的機密資料以未經加密之形式經由燒錄於光碟 片的方式外 >戈’同時並保有以燒錄於光碟片的方式備份資 料所帶來的便利性。 【實施方式】 以下將參照附隨的圖示,說明本發明控制資料燒錄的 方法與電腦可讀取之記錄媒體之較佳實施例。其中相同的 元件將以相同的參照符號加以說明。 請參照第1圖所示,本發明之控制資料燒錄的方法係 應用於一資訊安全控制系統100中。於本實施例中,資訊 安全控制系統1〇〇係由一伺服端11〇與二用戶端120、130 所、组成,其中用戶端120上並安裝有一燒錄裝置121用以 將資料燒錄成光碟。使用者欲使用用戶端120或13Ό之 前,需輸入使用者帳號與密碼進行登入,並由伺服端110 加以驗證。經由上述機制,伺服端110可控制伺服端120、 130之使用、得知使用者之身分、並依據其使用權限控制 使用者之操作。 請參照第2圖所示,本發明之控制資料燒錄的方法首 先為讀取所欲燒錄之一原始資料區塊(S201)。其次為以 一加密金餘加密上述原始資料區塊以產生一加密資料區 塊(S202),其中該加密資料區塊係作為其後燒錄於可錄 式光碟之燒錄内容’其目的在於避免將明文形式之原始資 料區塊燒錄於可錄式光碟。接著,加密金鑰將經由用戶端 120與伺服端11〇間之連線傳送至伺服端11(),並由伺服 端110加以記錄(S203)。再接著便利用用戶端12〇上之 光碟燒錄裝置將步驟S202所產生之加密資料區塊燒錄於 一可錄式光碟(S204)。而為於日後辨別使用者所欲讀取 之可錄式光碟為何以及該使用者是否具有適當之權限,再 接著將於步驟S204用於燒錄之可錄式光碟的識別資料與 !289841 執行燒錄作業之使用者的身份傳送至伺服端110,並由飼 服端110加以記錄(S205),其中可錄式光碟之識別資料 可為光碟來源識別碼(SID)等。最後,為滿足進一步之 需求’將執行燒錄時之系統時間與原始資料區塊傳送至飼 服端110,由飼服端11〇加以記錄並備份(S2〇6),以供 奎核使用者執行燒錄之時間以及所燒錄之資料内容之甩。In today's society, the vast majority of corporate activities are closely related to information technology. All communication, information gathering, data transmission, technology research and development, marketing, etc., all rely on the efficiency and convenience brought by information technology. One of the problems associated with these corporate activities is how to back up important assets of companies such as customer data, transaction information or research and development materials to avoid significant losses due to data loss. At present, there are many backup methods for existing data, such as storage on a data server, storage on a user's personal backup disk, or burning on a disc. The towel is secret on the disc (4) backup side f :=, and its advantage is that the disc is small in size, even if; = other more effective _, and the light generated by the backup 2 == can be read or re-created by other computers installation. Although the method of burning on the disc has the above-mentioned advantages and disadvantages, for example, the burning of the disc is convenient and the system is easy to be used in the case of unauthorized use, resulting in the confidential information of the enterprise (4), resulting in the capital '=- 5 1289841 2 questions. In response to the above questions 'some ways to make a specific person ==: to solve the above problems with burning, but the former is completely unable to use the way to record the latter in the way of the first disc. _Reservoir, profit = Managers are mixed and have various inconveniences..., 0 supervisors or 糸&=4= solve the above problems, so that the method of burning on the disc can be used: the advantages of the bait material can be fully exerted. It is a problem to be solved by preventing the confidentiality of the company's confidential information from being burned on the optical disc by the various restrictions. SUMMARY OF THE INVENTION In view of the above problems, the object of the present invention is A method for controlling data burning is provided, which can prevent the confidential information of the enterprise from being leaked through the method of burning on the recording medium by additionally processing the original content to be burned. The method for controlling data burning is applied to an information security control system. The information security control system is composed of at least one server and at least one client, and the server can verify the user's injury to the user. In order to achieve the above objective, the method for controlling the data burning of the present invention firstly reads one of the original data blocks to be burned, and then adds an encrypted key to the original data block to generate an encrypted data block. Secondly, the above-mentioned encryption key is recorded on the server, and finally the encrypted data block is burned on a recording medium. In addition, the present invention further provides a computer readable recording medium, and the method of controlling the material burning of the 6 1289841 ^ The above method is applied to the information security system, and the security control system is composed of at least one server and the client, and the server can verify that the user of the user is injured in the control data record. The method controls the burning of the data according to the above steps. Since the method for burning the control data of the present invention does not take the method of removing the burning device, it does not hinder the burning. In the way of recording media, it is not necessary to check the user's identity and authority to judge that it is a way to control the user's operation. Therefore, the general user can perform the burning. The operation does not need to be annoyed by a person with sufficient authority or system administrator to burn. However, since the recorded media generated by the method of controlling the data burning by the present invention is encrypted content, it cannot be utilized for information security. The computer outside the control system control system reads it. If you want to restore the encrypted content to the original content, the user needs to log in to the computer such as the user terminal within the control of the information security control system. After the media instructions, the identification data of the recording media will be compared with the user identity to determine whether the user has the right to read the recording medium (for example, it has higher authority for the burner or the burner). ). If the user has the above authority, the encrypted content contained in the recording medium is decrypted by the encryption key corresponding to the identification data of the recording medium for the user to read. By the above mechanism, the method for controlling the data burning of the present invention can prevent the confidential information of the enterprise from being burned on the optical disc in an unencrypted manner, and is kept at the same time and burned on the optical disc. The convenience of backing up data in a way. [Embodiment] Hereinafter, a preferred embodiment of a method of controlling data burning and a computer-readable recording medium of the present invention will be described with reference to the accompanying drawings. The same elements will be described with the same reference symbols. Referring to Fig. 1, the method of controlling data burning of the present invention is applied to an information security control system 100. In this embodiment, the information security control system 1 is composed of a server terminal 11 and two client terminals 120, 130. The user terminal 120 is mounted with a burning device 121 for burning data into CD. Before the user wants to use the client 120 or 13Ό, the user account and password are required to log in, and the server 110 verifies the password. Through the above mechanism, the server 110 can control the use of the server terminals 120, 130, know the identity of the user, and control the operation of the user according to the usage rights thereof. Referring to Fig. 2, the method for controlling the data burning of the present invention first reads a raw data block to be burned (S201). Next, the original data block is encrypted by an encryption gold residue to generate an encrypted data block (S202), wherein the encrypted data block is used as a burned content of the recordable optical disc. The purpose is to avoid Burn the original data block in clear text on a recordable disc. Next, the encryption key is transmitted to the server terminal 11() via the connection between the client terminal 120 and the server terminal 11, and is recorded by the server terminal 110 (S203). Then, the encrypted data block generated in step S202 is conveniently burned to a recordable optical disc by the optical disc burning device on the user terminal 12 (S204). In order to identify in the future why the user can read the recordable optical disc and whether the user has the appropriate authority, then the identification information of the recordable optical disc used for burning in step S204 and the execution of the !289841 The identity of the user who recorded the job is transmitted to the server 110 and recorded by the feeding end 110 (S205), wherein the identification data of the recordable disc can be a disc source identification code (SID) or the like. Finally, in order to meet the further needs, the system time and raw data block during the execution of the burning will be transmitted to the feeding end 110, and the feeding end will be recorded and backed up (S2〇6) for the user of the Kui nuclear. The time of burning and the content of the data being burned.
需注意者’上述之光碟燒錄裝置與可錄式光碟僅為該 燒錄裝置121與記錄媒體之例示,其他類似原理之燒錄骏 置121與記錄媒體如數位影像光碟燒錄裝置與數位影像 光碟等均適用於本發明之方法。 此外’本發明之電腦可讀取之記錄媒體係記錄一控 資料燒錄的方法。其係應用於一資訊安全控制系統中,診 -貝訊女全控制系統係由至少一伺服端與至少一用戶端戶 組成,而該伺服端可驗證該用戶端之一使用者之身份。所 控制資料燒錄的方法係依據上述步驟S201至82〇6控= 戶端120上資料的燒錄。 二’用It should be noted that the above-mentioned optical disc burning device and recordable optical disc are only examples of the burning device 121 and the recording medium, and other similar principles of burning the recording 121 and recording media such as digital video disc burning device and digital image. Optical discs and the like are all suitable for the method of the present invention. Further, the computer readable recording medium of the present invention records a method of controlling data burning. The system is applied to an information security control system, and the diagnosis system is composed of at least one server and at least one user terminal, and the server can verify the identity of a user of the client. The method of controlling the data burning is based on the above steps S201 to 82〇6 control = burning of the data on the terminal 120. Two
綜上所述’由於本發明之控制資料燒錄的方法並 取移除燒錄裝置的方式,故無礙於錢錄於 = 式備份資料。又本方法亦非崎查制者 判斷其是否可進行燒錄的方式控制使用者之操作 使用者=可執行燒錄作業,無須煩請具足夠使用權限^ 或糸統官理人員進行魏^但由於本發明 燒錄的方法所產生之記錄媒體所載者為經加密之^貝料 無_用於資訊安全控制系、统1〇〇控管範圍以外 加以讀取。而若欲將經加密之内容還原為原始内容,使^ 9In summary, the method for burning control data of the present invention takes the method of removing the burning device, so that it does not hinder the money from being recorded in the backup data. In addition, this method is not a method of determining whether it can be burned by the user to control the user's operation user = executable burning operation, no need to have enough permission to use ^ or the system administrator to perform Wei ^ but due to The recording medium produced by the method of burning according to the present invention is read by the encrypted information, which is used for the information security control system and the control unit. And if you want to restore the encrypted content to the original content, make ^ 9
1289841 者需於資訊安全控制系絲λ 、120、130 專登入。^^ 二0:控管範圍内之電腦如用戶 錄媒體之識別資料將*# =取讀媒體之指令後,記 者是否具有讀取記錚娣身份進行比對,《脚吏用 錄者具有更高之權= 之若權使限用=其為燒錄者或較燒 麻於勺絲诉胁^ 右使用者具上述權限,則以對 Όχ解密,供使用者讀取。藉由上述機制, 、日—之控制資料燒錄的方法將可避免企業的機密資料 以未經加密之形式經由燒錄於光碟片的方式外洩,同時並 保有以燒錄於光碟片的方式備份資料所帶來的便-利性。 以上所述僅為舉例性,而非為限制性者。任何未 本發明之精神與範疇,而對其進行之等效修改或變更,k 應包含於後附之申請專利範圍中。 岣 【圖式簡單說明】 第1圖係本發明之控制資料燒錄的方法之應用環境之加 構圖, > 第2圖係本發明之控制資料燒錄的方法之流程圖。 【主要元件符號說明】 W0資訊安全控制系統 11〇伺服端 120用戶端 130用戶端 1289841 5201 讀取所欲燒錄之一原始資料區塊 5202 以一加密金鑰加密原始資料區塊以產生一加密資 料區塊 5203 於伺服端記錄加密金鑰 5204 將加密資料區塊燒錄於一可錄式光碟 5205 記錄可錄式光碟之一識別資料與使用者之身分 5206 於伺服端記錄執行燒錄時之系統時間並備份原始 資料區塊 、1289841 is required to log in to the information security control systems λ, 120, 130. ^^ 2: The computer within the scope of the control, such as the user's recording media identification data will be *# = after reading the instructions of the media, whether the reporter has the right to read the record for comparison, "the ankle player has more The right of the right = the right to use the limit = it is the burner or more burned in the spoon of the veiling threat ^ right user with the above permissions, then decrypted for the user, for the user to read. Through the above mechanism, the method of controlling the data burning will prevent the confidential information of the enterprise from being leaked out in the form of unencrypted recording on the optical disc, and at the same time retaining the method of burning on the optical disc. The convenience of backing up data. The above is intended to be illustrative only and not limiting. Any equivalent modifications or alterations to the spirit and scope of the invention are intended to be included in the scope of the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is an application diagram of an application environment of a method for burning control data of the present invention, > Fig. 2 is a flow chart showing a method for burning control data of the present invention. [Main component symbol description] W0 information security control system 11 〇 server 120 client 130 client 1498841 5201 Read one of the original data blocks 5202 to be burned to encrypt the original data block with an encryption key to generate an encryption The data block 5203 records the encryption key on the servo end 5204. The encrypted data block is burned on a recordable optical disc 5205. The identification data of one of the recordable optical discs and the user's identity 5206 are recorded on the servo end. System time and backup of the original data block,
1111