TWI715011B - Data protection device and method - Google Patents

Data protection device and method Download PDF

Info

Publication number
TWI715011B
TWI715011B TW108113465A TW108113465A TWI715011B TW I715011 B TWI715011 B TW I715011B TW 108113465 A TW108113465 A TW 108113465A TW 108113465 A TW108113465 A TW 108113465A TW I715011 B TWI715011 B TW I715011B
Authority
TW
Taiwan
Prior art keywords
data protection
electronic device
data
module
protection system
Prior art date
Application number
TW108113465A
Other languages
Chinese (zh)
Other versions
TW202040395A (en
Inventor
陳燕炫
潘聖中
楊承達
葉建昇
Original Assignee
鴻齡科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 鴻齡科技股份有限公司 filed Critical 鴻齡科技股份有限公司
Priority to TW108113465A priority Critical patent/TWI715011B/en
Publication of TW202040395A publication Critical patent/TW202040395A/en
Application granted granted Critical
Publication of TWI715011B publication Critical patent/TWI715011B/en

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

A data protection method applied in a data protection device is provided. The data protection is communicated with a number of electronic devices. The electronic device at least includes an external storage device. The method includes: loading a data protection system in the data protection device; installing a program programming interface of the data protection system in the electronic devices; controlling the program programming interface to run in a background of each electronic device through the data protection system; controlling the program programming interface in each electronic device to monitor activity status of the storage device, and determining whether there are data being transferred to the storage device; and when determining that there are data being transferred from the electronic device to the storage device, outputting a prompt information. A data protection device is also provided.

Description

資料保護裝置及方法 Data protection device and method

本發明涉及資料安全領域,尤其涉及一種資料保護裝置及方法。 The invention relates to the field of data security, in particular to a data protection device and method.

隨著科學技術的發展,資料的流通越來越便利,為防止商業機密資料的洩露,資料安全是每個企業所必須保障的。在習知技術中,許多企業藉由設置防火牆以防止外部訪問企業的機密資料,然而缺乏內部向外部轉移資料的監控,例如內部員工有意或無意地向外部複製資料,從而導致機密資料的洩漏,給企業造成損失。 With the development of science and technology, the circulation of information has become more and more convenient. In order to prevent the leakage of commercial confidential information, data security must be guaranteed by every enterprise. In the conventional technology, many companies set up firewalls to prevent external access to the company’s confidential information, but they lack the monitoring of internal to external data transfer. For example, internal employees intentionally or unintentionally copy data to the outside, resulting in the leakage of confidential information. Cause losses to the enterprise.

有鑒於此,有必要提供一種資料保護裝置及方法,以解決上述技術問題。 In view of this, it is necessary to provide a data protection device and method to solve the above technical problems.

一種資料保護裝置,包括處理器,所述資料保護裝置與複數個電子裝置通訊連接,所述電子裝置至少包括外接的存放裝置,所述處理器包括:載入模組,用於在所述資料保護裝置中載入一資料保護系統;安裝模組,用於在所述複數個電子裝置中安裝所述資料保護系統的程式編程介面;運行模組,用於藉由所述資料保護系統控制所述程式編程介面在每一電子裝置的後臺運行; 監測模組,用於藉由所述資料保護系統控制每一電子裝置中的程式編程介面監測存放裝置的活動狀態,以判斷是否有資料轉移至所述存放裝置中;及提示模組,用於當所述監測模組判定所述電子裝置有資料轉移到所述存放裝置中時,輸出一提示資訊以通知管理人員。 A data protection device includes a processor, the data protection device is communicatively connected with a plurality of electronic devices, the electronic device includes at least an external storage device, and the processor includes: a loading module for loading the data A data protection system is loaded into the protection device; an installation module is used to install the program programming interface of the data protection system in the plurality of electronic devices; an operation module is used to control the data protection system by the data protection system The program programming interface runs in the background of each electronic device; The monitoring module is used for monitoring the activity state of the storage device through the program programming interface in each electronic device controlled by the data protection system to determine whether there is data transferred to the storage device; and the prompt module is used for When the monitoring module determines that the electronic device has data transferred to the storage device, it outputs a prompt message to notify the management personnel.

一種資料保護方法,應用於一資料保護裝置中,所述資料保護裝置與複數個電子裝置通訊連接,所述電子裝置至少包括外接的存放裝置,所述方法包括以下步驟:在所述資料保護裝置中載入一資料保護系統;在所述複數個電子裝置中安裝所述資料保護系統的程式編程介面;藉由所述資料保護系統控制所述程式編程介面在每一電子裝置的後臺運行;藉由所述資料保護系統控制每一電子裝置中的程式編程介面監測存放裝置的活動狀態,以判斷是否有資料轉移至所述存放裝置中;及當判定所述電子裝置有資料轉移到所述存放裝置中時,輸出一提示資訊以通知管理人員。 A data protection method is applied to a data protection device. The data protection device is in communication connection with a plurality of electronic devices. The electronic device includes at least an external storage device. The method includes the following steps: Load a data protection system; install the program programming interface of the data protection system in the plurality of electronic devices; use the data protection system to control the program programming interface to run in the background of each electronic device; The program programming interface in each electronic device is controlled by the data protection system to monitor the activity state of the storage device to determine whether data is transferred to the storage device; and when it is determined that the electronic device has data transferred to the storage device When the device is in, a prompt message is output to notify the manager.

上述資料保護裝置及方法可以在監測到伺服器的存在資料轉移時發送提示資訊,從而及時中斷資料轉移,避免洩漏資料,給企業提供了資料安全保障。 The above-mentioned data protection device and method can send prompt information when detecting the existence of data transfer on the server, thereby interrupting the data transfer in time, avoiding data leakage, and providing data security for the enterprise.

1:資料保護裝置 1: Data protection device

10:處理器 10: processor

100:資料保護系統 100: Data Protection System

101:載入模組 101: Load module

102:安裝模組 102: Install the module

103:判斷模組 103: Judgment Module

104:運行模組 104: Run module

105:監測模組 105: Monitoring module

106:記錄模組 106: record module

107:提示模組 107: Prompt Module

108:攝像控制模組 108: Camera control module

20:記憶體 20: memory

30:通訊單元 30: Communication unit

2:電子裝置 2: electronic device

200:存放裝置 200: storage device

201:程式編程介面 201: Programming interface

圖1是本發明較佳實施方式中資料保護裝置的應用結構示意圖。 FIG. 1 is a schematic diagram of the application structure of a data protection device in a preferred embodiment of the present invention.

圖2是本發明較佳實施方式中資料保護方法的流程示意圖。 Fig. 2 is a schematic flowchart of a data protection method in a preferred embodiment of the present invention.

請參考圖1,為本發明較佳實施方式所提供的資料保護裝置1的應用結構圖。所述資料保護裝置1與複數個電子裝置2通訊連接,用於偵測所述電子裝置2中存儲的資料的活動狀態,並且在一個或複數個電子裝置2中存在資料轉移時提示管理人員,以避免重要資料被洩漏。在本實施方式中,所述資料保護裝置1具有監控功能的伺服器,所述電子裝置2為檔案伺服器、工作站或精簡型用戶端(Thin Client)。 Please refer to FIG. 1, which is an application structure diagram of a data protection device 1 provided by a preferred embodiment of the present invention. The data protection device 1 is in communication connection with a plurality of electronic devices 2, and is used to detect the activity state of the data stored in the electronic device 2, and prompt management personnel when there is a data transfer in one or more electronic devices 2, To avoid leakage of important information. In this embodiment, the data protection device 1 has a server with a monitoring function, and the electronic device 2 is a file server, a workstation, or a thin client.

所述資料保護裝置1包括,但不僅限於,處理器10、記憶體20及通訊單元30。在本實施方式中,所述處理器10優選為單片機或系統級晶片(System On Chip,SOC)。所述記憶體20為唯讀記憶體或隨機存取記憶體。所述通訊單元30為路由設備,用於藉由有線或無線的方式與複數個電子裝置2通訊連接。所述電子裝置2至少包括存放裝置200。在本實施方式中,所述存放裝置200為一外部存放裝置,外接於所述電子裝置2,如U盤、移動硬碟、移動軟碟等。 The data protection device 1 includes, but is not limited to, a processor 10, a memory 20, and a communication unit 30. In this embodiment, the processor 10 is preferably a single-chip microcomputer or a System On Chip (SOC). The memory 20 is a read-only memory or a random access memory. The communication unit 30 is a routing device for communicating with a plurality of electronic devices 2 in a wired or wireless manner. The electronic device 2 at least includes a storage device 200. In this embodiment, the storage device 200 is an external storage device externally connected to the electronic device 2, such as a USB flash drive, a portable hard disk, and a portable floppy disk.

如圖1所示,所述資料保護裝置1至少包括載入模組101、安裝模組102、判斷模組103、運行模組104、監測模組105、記錄模組106、提示模組107及攝像控制模組108。在本實施方式中,上述模組為存儲於所述記憶體20中且可被所述處理器10調用執行的可程式化軟體指令。可以理解的是,在其他實施方式中,上述模組也可為固化於所述處理器10中的程式指令或固件(firmware)。 As shown in Figure 1, the data protection device 1 at least includes a loading module 101, an installation module 102, a judgment module 103, an operation module 104, a monitoring module 105, a recording module 106, a prompt module 107, and Camera control module 108. In this embodiment, the aforementioned modules are programmable software instructions that are stored in the memory 20 and can be invoked and executed by the processor 10. It can be understood that, in other implementation manners, the above-mentioned modules may also be program instructions or firmware solidified in the processor 10.

所述載入模組101用於在所述資料保護裝置1中載入一資料保護系統100。 The loading module 101 is used to load a data protection system 100 into the data protection device 1.

在本實施方式中,所述資料保護系統100運行於一監控程序中,所述載入模組101回應用戶將所述監控程序安裝至所述資料保護裝置1的操作, 控制所述監控程序運行而將所述資料保護系統100載入至所述資料保護裝置1中。 In this embodiment, the data protection system 100 runs in a monitoring program, and the loading module 101 responds to the user's operation of installing the monitoring program to the data protection device 1. The operation of the monitoring program is controlled to load the data protection system 100 into the data protection device 1.

所述安裝模組102用於在所述複數個電子裝置2中安裝所述資料保護系統100的程式編程介面(Application Programming Interface,API)201。 The installation module 102 is used to install the application programming interface (API) 201 of the data protection system 100 in the plurality of electronic devices 2.

在本實施方式中,所述安裝模組102藉由所述通訊單元30將所述監控程序的程式設計介面檔傳送至所述複數個電子裝置2中,每一電子裝置2在接收到所述監控程序的程式設計介面檔時,可以自動安裝所述資料保護系統100的程式編程介面201。其中,所述程式編程介面201用於供所述資料保護系統100調用以監控所述電子裝置2。 In this embodiment, the installation module 102 transmits the programming interface file of the monitoring program to the plurality of electronic devices 2 through the communication unit 30, and each electronic device 2 receives the When monitoring the programming interface file of the program, the programming interface 201 of the data protection system 100 can be automatically installed. Wherein, the programming interface 201 is used for the data protection system 100 to call to monitor the electronic device 2.

在其他實施方式中,當所述電子裝置2在接收到所述監控程序的程式設計介面檔時,用戶可以手動安裝所述資料保護系統100的程式編程介面201。 In other embodiments, when the electronic device 2 receives the programming interface file of the monitoring program, the user can manually install the programming interface 201 of the data protection system 100.

在另一實施方式中,一應用場景中包括複數個資料保護裝置1的分組,所述載入模組101將所述資料保護系統100分別載入至每個分組中的每一資料保護裝置1。所述判斷模組103判斷每個分組中的資料保護裝置1是否都偵測到所述資料保護系統100。所述安裝模組102當所述判斷模組103判定每個分組中的資料保護裝置1都偵測到所述資料保護系統100時,在與每一資料保護裝置1通訊連接的複數個電子裝置2中安裝所述資料保護系統100的程式編程介面201。當所述判斷模組103判定一個或複數個資料保護裝置1未偵測到所述資料保護系統100,即未安裝所述監控程序時,輸出一提示資訊以通知管理人員。其中,所述提示資訊用於給管理人員指示未載入有所述資料保護系統100的資料保護裝置1。 In another embodiment, an application scenario includes a plurality of groups of data protection devices 1, and the loading module 101 loads the data protection system 100 into each data protection device 1 in each group. . The judgment module 103 judges whether the data protection system 100 is detected by the data protection device 1 in each group. When the installation module 102 determines that the data protection device 1 in each group has detected the data protection system 100, when the judgment module 103 determines that the data protection system 100 is detected, the plurality of electronic devices that are in communication with each data protection device 1 The program programming interface 201 of the data protection system 100 is installed in 2. When the determining module 103 determines that one or more data protection devices 1 have not detected the data protection system 100, that is, the monitoring program is not installed, it outputs a prompt message to notify the management personnel. Wherein, the prompt information is used to indicate to the administrator that the data protection device 1 of the data protection system 100 is not loaded.

所述運行模組104用於藉由所述資料保護系統100控制所述程式編程介面201在每一電子裝置2的後臺運行。 The operating module 104 is used for controlling the program programming interface 201 to run in the background of each electronic device 2 through the data protection system 100.

在本實施方式中,當所述資料保護裝置1需要對所述複數個電子裝置2進行監控時,所述運行模組104發送一控制指令至所述資料保護系統100,所述資料保護系統100回應所述控制指令控制所述程式編程介面201在每一電子裝置2的後臺運行。 In this embodiment, when the data protection device 1 needs to monitor the plurality of electronic devices 2, the operation module 104 sends a control command to the data protection system 100, and the data protection system 100 In response to the control command, the programming interface 201 is controlled to run in the background of each electronic device 2.

所述監測模組105用於藉由所述資料保護系統100控制每一電子裝置2中的程式編程介面201監測所述存放裝置200的活動狀態,以判斷是否有資料轉移至所述存放裝置200中。 The monitoring module 105 is used for monitoring the activity state of the storage device 200 through the data protection system 100 to control the programming interface 201 in each electronic device 2 to determine whether there is data transferred to the storage device 200 in.

在本實施方式中,當所述程式編程介面在每一電子裝置2的後臺運行時,所述監測模組105發送一監測指令至所述資料保護系統100,所述資料保護系統100回應所述監測指令控制每一電子裝置2即時監測所述存放裝置200內存儲資料的活動狀態,並進一步判斷是否有資料轉移至所述存放裝置200中。在本實施方式中,資料轉移包括,但不僅限於資料複製及資料剪切,即所述監測模組105用於判斷是否有資料複製或剪切至所述存放裝置200中。 In this embodiment, when the programming interface is running in the background of each electronic device 2, the monitoring module 105 sends a monitoring command to the data protection system 100, and the data protection system 100 responds to the The monitoring instruction controls each electronic device 2 to monitor the activity state of the data stored in the storage device 200 in real time, and further determine whether there is data to be transferred to the storage device 200. In this embodiment, data transfer includes, but is not limited to, data copying and data cutting, that is, the monitoring module 105 is used to determine whether data is copied or cut to the storage device 200.

所述記錄模組106用於當所述監測模組105判定所述電子裝置2有資料轉移至所述存放裝置200中時,記錄所述資料轉移的相關資訊。 The recording module 106 is used for recording the information related to the data transfer when the monitoring module 105 determines that the electronic device 2 has data transferred to the storage device 200.

在本實施方式中,所述相關資訊包括所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌。具體的,所述記錄模組106可以藉由所述電子裝置2的IP位址識別出所述電子裝置2的定位資訊。當所述電子裝置2中有資料轉移至所述存放裝置200中時,所述資料保護系統100的程式編程介面自動控制所述電子裝置2截屏以獲得資料轉移時的螢幕截圖。所述電子裝置2的系統日誌由所述程式編程介面自動獲取。 In this embodiment, the relevant information includes the positioning information of the electronic device 2, screenshots during data transfer, and the system log of the electronic device 2. Specifically, the recording module 106 can identify the location information of the electronic device 2 through the IP address of the electronic device 2. When data in the electronic device 2 is transferred to the storage device 200, the programming interface of the data protection system 100 automatically controls the electronic device 2 to take a screenshot to obtain a screenshot of the data transfer. The system log of the electronic device 2 is automatically obtained by the programming interface.

所述提示模組107用於當所述監測模組105判定所述電子裝置2有資料轉移到所述存放裝置200中時,輸出一提示資訊以通知管理人員。 The prompt module 107 is used for outputting a prompt message to notify the administrator when the monitoring module 105 determines that the electronic device 2 has data transferred to the storage device 200.

在本實施方式中,當所述監測模組105判定所述電子裝置2有資料轉移到所述存放裝置200中時,所述提示模組107發送一提示郵件至所述管理人員的電子郵箱,以通知所述管理人員當前有電子裝置2在竊取資料。其中,所述提示郵件的內容包括所述資料轉移的相關資訊,即所述提示模組107將所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌作為提示資訊發送給所述管理人員的電子郵箱。 In this embodiment, when the monitoring module 105 determines that the electronic device 2 has data transferred to the storage device 200, the prompt module 107 sends a prompt email to the administrator’s email address, In order to notify the management personnel that the electronic device 2 is currently stealing data. Wherein, the content of the reminder email includes information related to the data transfer, that is, the reminder module 107 uses the location information of the electronic device 2, the screenshot of the data transfer, and the system log of the electronic device 2 as The prompt information is sent to the e-mail address of the manager.

在其他實施方式中,所述判斷模組103還當所述監測模組105判定所述電子裝置2有資料轉移到所述存放裝置200中時,進一步判斷所述電子裝置2是否處於連網狀態。所述記錄模組106還當所述電子裝置2處於連網狀態時,記錄所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌。所述記錄模組106還當所述電子裝置2未處於連網狀態,即離線狀態時,只記錄資料轉移時的螢幕截圖及所述電子裝置1的系統日誌。 In other embodiments, when the monitoring module 105 determines that the electronic device 2 has data transferred to the storage device 200, the determining module 103 further determines whether the electronic device 2 is in a connected state . The recording module 106 also records the positioning information of the electronic device 2, the screenshots of the data transfer and the system log of the electronic device 2 when the electronic device 2 is connected to the network. The recording module 106 also only records the screenshot of the data transfer and the system log of the electronic device 1 when the electronic device 2 is not in a networked state, that is, an offline state.

進一步地,所述判斷模組103還當所述監測模組105判定所述電子裝置2有資料轉移到所述存放裝置200中時,判斷所述電子裝置2是否安裝有攝像頭。當所述判斷模組103判定所述電子裝置2安裝有攝像頭時,所述攝像控制模組108用於控制所述攝像頭拍攝所述電子裝置2當前用戶的圖像。所述記錄模組106還將所述攝像頭拍攝的所述電子裝置2當前用戶的圖像存儲至所述記憶體20。在本實施方式中,當所述攝像頭拍攝到所述電子裝置2當前用戶的圖像時,所述電子裝置2將拍攝到的圖像回傳至所述資料保護裝置1,所述記錄模組106將所述圖像存儲至所述記憶體20,所述管理人員可以藉由存儲的所述圖像辨認出竊取資料的用戶。 Further, the determination module 103 also determines whether the electronic device 2 is equipped with a camera when the monitoring module 105 determines that the electronic device 2 has data transferred to the storage device 200. When the determining module 103 determines that the electronic device 2 is equipped with a camera, the camera control module 108 is used to control the camera to capture an image of the current user of the electronic device 2. The recording module 106 also stores the image of the current user of the electronic device 2 captured by the camera in the memory 20. In this embodiment, when the camera captures an image of the current user of the electronic device 2, the electronic device 2 returns the captured image to the data protection device 1, and the recording module 106 stores the image in the memory 20, and the manager can identify the user who stole the data by the stored image.

請參考圖2,為本發明較佳實施方式所提供的資料保護方法的流程示意圖。根據不同需求,所述流程圖中步驟的順序可以改變,某些步驟可以省略或合併。 Please refer to FIG. 2, which is a schematic flowchart of a data protection method according to a preferred embodiment of the present invention. According to different needs, the order of the steps in the flowchart can be changed, and some steps can be omitted or combined.

步驟S101,在所述資料保護裝置1中載入一資料保護系統100。 Step S101, loading a data protection system 100 into the data protection device 1.

步驟S102,在所述複數個電子裝置2中安裝所述資料保護系統100的程式編程介面。 In step S102, the program programming interface of the data protection system 100 is installed in the plurality of electronic devices 2.

在另一實施方式中,一應用場景中包括複數個資料保護裝置1的分組,所述步驟S101包括將所述資料保護系統100分別載入至每個分組中的每一資料保護裝置1,並判斷每個分組中的資料保護裝置1是否都偵測到所述資料保護系統100,所述步驟S102包括當判定每個分組中的資料保護裝置1都偵測到所述資料保護系統100時,在與每一資料保護裝置1通訊連接的複數個電子裝置2中安裝所述資料保護系統100的程式編程介面。 In another embodiment, an application scenario includes a plurality of groups of data protection devices 1, and the step S101 includes loading the data protection system 100 into each data protection device 1 in each group, and It is determined whether the data protection system 100 is detected by the data protection device 1 in each group. The step S102 includes when it is determined that the data protection system 100 is detected by the data protection device 1 in each group, The programming interface of the data protection system 100 is installed in a plurality of electronic devices 2 that are in communication with each data protection device 1.

步驟S103,藉由所述資料保護系統100控制所述程式編程介面在每一電子裝置2的後臺運行。 In step S103, the data protection system 100 controls the programming interface to run in the background of each electronic device 2.

步驟S104,藉由所述資料保護系統100控制每一電子裝置2中的程式編程介面201監測存放裝置200的活動狀態,以判斷是否有資料轉移至所述存放裝置200中。當判斷結果為是時,所述流程進入步驟S105;當判斷結果為否時,所述流程繼續所述步驟S104。 In step S104, the data protection system 100 controls the programming interface 201 in each electronic device 2 to monitor the activity status of the storage device 200 to determine whether there is data transferred to the storage device 200. When the judgment result is yes, the process proceeds to step S105; when the judgment result is no, the process continues to step S104.

步驟S105,記錄所述資料轉移的相關資訊。 Step S105: Record the relevant information of the data transfer.

在本實施方式中,所述相關資訊至少包括所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌。 In this embodiment, the relevant information includes at least the location information of the electronic device 2, screenshots during data transfer, and the system log of the electronic device 2.

步驟S106,輸出一提示資訊以通知管理人員。 Step S106, output a prompt message to notify the manager.

在本實施方式中,所述步驟S106包括發送一提示郵件至所述管理人員的電子郵箱,以通知所述管理人員當前有電子裝置2在竊取資料。其中,所述提示郵件的內容包括所述資料轉移的相關資訊,即步驟S106將所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌作為提示資訊發送給所述管理人員的電子郵箱。 In this embodiment, the step S106 includes sending a reminder mail to the e-mail address of the manager to notify the manager that the electronic device 2 is currently stealing data. Wherein, the content of the reminder email includes information related to the data transfer, that is, in step S106, the location information of the electronic device 2, the screenshot during the data transfer, and the system log of the electronic device 2 are sent as reminder information to The e-mail address of the manager.

進一步地,所述方法還包括以下步驟:當判定所述電子裝置2有資料轉移到所述存放裝置200中時,判斷所述電子裝置2是否處於連網狀態;當所述電子裝置2處於連網狀態時,記錄所述電子裝置2的定位資訊、資料轉移時的螢幕截圖及所述電子裝置2的系統日誌;及當所述電子裝置2未處於連網狀態時,記錄資料轉移時的螢幕截圖及所述電子裝置2的系統日誌。 Further, the method further includes the following steps: when it is determined that the electronic device 2 has data transferred to the storage device 200, determining whether the electronic device 2 is in a connected state; when the electronic device 2 is connected When the electronic device 2 is connected to the Internet, it records the location information of the electronic device 2, screenshots during data transfer, and the system log of the electronic device 2; and when the electronic device 2 is not connected to the Internet, records the screen during data transfer Screenshot and the system log of the electronic device 2.

進一步地,所述方法還包括以下步驟:當判定所述電子裝置2有資料轉移到所述存放裝置200中時,判斷所述電子裝置2是否安裝有攝像頭;當判定所述電子裝置2安裝有攝像頭時,控制所述攝像頭拍攝所述電子裝置2當前用戶的圖像;及將所述攝像頭拍攝的所述電子裝置2當前用戶的圖像存儲至所述記憶體20。 Further, the method further includes the following steps: when it is determined that the electronic device 2 has data transferred to the storage device 200, determining whether the electronic device 2 is equipped with a camera; when it is determined that the electronic device 2 is installed When using a camera, control the camera to capture an image of the current user of the electronic device 2; and store the image of the current user of the electronic device 2 captured by the camera in the memory 20.

綜上所述,本發明符合發明專利要件,爰依法提出專利申請。惟,以上所述者僅為本發明之較佳實施方式,舉凡熟悉本案技藝之人士,於爰依本發明精神所作之等效修飾或變化,皆應涵蓋於以下之申請專利範圍內。 In summary, the present invention meets the requirements of a patent for invention, and Yan filed a patent application in accordance with the law. However, the above are only the preferred embodiments of the present invention. For those who are familiar with the technique of the present invention, equivalent modifications or changes made in accordance with the spirit of the present invention should be covered by the following patent applications.

1:資料保護裝置 1: Data protection device

10:處理器 10: processor

100:資料保護系統 100: Data Protection System

101:載入模組 101: Load module

102:安裝模組 102: Install the module

103:判斷模組 103: Judgment Module

104:運行模組 104: Run module

105:監測模組 105: Monitoring module

106:記錄模組 106: record module

107:提示模組 107: Prompt Module

108:攝像控制模組 108: Camera control module

20:記憶體 20: memory

30:通訊單元 30: Communication unit

2:電子裝置 2: electronic device

200:存放裝置 200: storage device

201:程式編程介面 201: Programming interface

Claims (8)

一種資料保護裝置,包括處理器,其改良在於,所述資料保護裝置與複數個電子裝置通訊連接,所述電子裝置至少包括外接的存放裝置,所述處理器包括:載入模組,用於在所述資料保護裝置中載入一資料保護系統;安裝模組,用於在所述複數個電子裝置中安裝所述資料保護系統的程式編程介面;運行模組,用於藉由所述資料保護系統控制所述程式編程介面在每一電子裝置的後臺運行;監測模組,用於藉由所述資料保護系統控制每一電子裝置中的程式編程介面監測存放裝置的活動狀態,以判斷是否有資料轉移至所述存放裝置中;提示模組,用於當所述監測模組判定所述電子裝置有資料轉移到所述存放裝置中時,輸出一提示資訊;判斷模組,用於判斷所述電子裝置是否安裝有攝像頭;攝像控制模組,用於當所述判斷模組判定所述電子裝置安裝有攝像頭時,控制所述攝像頭拍攝所述電子裝置當前用戶的圖像;及記錄模組,將所述攝像頭拍攝的所述電子裝置當前用戶的圖像存儲至所述資料保護裝置的記憶體。 A data protection device includes a processor. The improvement is that the data protection device is communicatively connected with a plurality of electronic devices, the electronic device includes at least an external storage device, and the processor includes: a loading module for A data protection system is loaded into the data protection device; an installation module is used to install the program programming interface of the data protection system in the plurality of electronic devices; an operation module is used to use the data The protection system controls the programming interface to run in the background of each electronic device; the monitoring module is used to monitor the activity status of the storage device through the data protection system controlling the programming interface in each electronic device to determine whether There is data transferred to the storage device; the prompt module is used to output a prompt message when the monitoring module determines that the electronic device has data transferred to the storage device; the judgment module is used to determine Whether the electronic device is equipped with a camera; a camera control module for controlling the camera to take an image of the current user of the electronic device when the judgment module determines that the electronic device is equipped with a camera; and a recording module Group, storing the image of the current user of the electronic device captured by the camera in the memory of the data protection device. 如請求項1所述之資料保護裝置,其中,所述載入模組將所述資料保護系統分別載入至複數個分組中的每一資料保護裝置,所述處理器還包括:所述判斷模組還用於判斷是否每個分組中的資料保護裝置都偵測到所述資料保護系統;及 所述安裝模組還當所述判斷模組判定每個分組中的資料保護裝置都偵測到所述資料保護系統時,在與每一資料保護裝置通訊連接的複數個電子裝置中安裝所述資料保護系統的程式編程介面。 The data protection device according to claim 1, wherein the loading module loads the data protection system into each data protection device in a plurality of groups, and the processor further includes: the judgment The module is also used to determine whether the data protection device in each group has detected the data protection system; and The installation module also installs the data protection system in a plurality of electronic devices that are in communication with each data protection device when the judgment module determines that the data protection device in each group has detected the data protection system. Program programming interface of data protection system. 如請求項1所述之資料保護裝置,其中,所述處理器還包括:所述記錄模組還用於當所述監測模組判定所述電子裝置有資料轉移至所述存放裝置中時記錄所述資料轉移的相關資訊,所述提示模組輸出的提示資訊包括所述資料轉移的相關資訊,其中,所述相關資訊包括所述電子裝置的定位資訊、資料轉移時的螢幕截圖及所述電子裝置的系統日誌。 The data protection device according to claim 1, wherein the processor further includes: the recording module is further configured to record when the monitoring module determines that the electronic device has data transferred to the storage device The information related to the data transfer, the prompt information output by the prompt module includes the information related to the data transfer, wherein the related information includes the positioning information of the electronic device, the screenshot during the data transfer, and the System log of the electronic device. 如請求項3所述之資料保護裝置,其中,所述處理器還包括:所述判斷模組還用於當所述監測模組判定所述電子裝置有資料轉移到所述存放裝置中時,判斷所述電子裝置是否處於連網狀態;所述記錄模組還當所述電子裝置處於連網狀態時,記錄所述電子裝置的定位資訊、資料轉移時的螢幕截圖及所述電子裝置的系統日誌;及所述記錄模組還當所述電子裝置未處於連網狀態時,記錄資料轉移時的螢幕截圖及所述電子裝置的系統日誌。 The data protection device according to claim 3, wherein the processor further includes: the judgment module is further configured to: when the monitoring module judges that the electronic device has data transferred to the storage device, Determine whether the electronic device is in a networked state; the recording module also records the positioning information of the electronic device, a screenshot during data transfer, and the system of the electronic device when the electronic device is in a networked state Log; and the recording module also records a screenshot of the data transfer and the system log of the electronic device when the electronic device is not in a networked state. 一種資料保護方法,應用於一資料保護裝置中,所述資料保護裝置與複數個電子裝置通訊連接,所述電子裝置至少包括外接的存放裝置,其改良在於,所述方法包括以下步驟:在所述資料保護裝置中載入一資料保護系統;在所述複數個電子裝置中安裝所述資料保護系統的程式編程介面;藉由所述資料保護系統控制所述程式編程介面在每一電子裝置的後臺運行;藉由所述資料保護系統控制每一電子裝置中的程式編程介面監測存放裝置的活動狀態,以判斷是否有資料轉移至所述存放裝置中; 當判定所述電子裝置有資料轉移到所述存放裝置中時,輸出一提示資訊;判斷所述電子裝置是否安裝有攝像頭;當判定所述電子裝置安裝有攝像頭時,控制所述攝像頭拍攝所述電子裝置當前用戶的圖像;及將所述攝像頭拍攝的所述電子裝置當前用戶的圖像存儲至所述資料保護裝置的記憶體。 A data protection method is applied to a data protection device. The data protection device is in communication connection with a plurality of electronic devices. The electronic device includes at least an external storage device. The improvement is that the method includes the following steps: The data protection device is loaded with a data protection system; the program programming interface of the data protection system is installed in the plurality of electronic devices; the program programming interface is controlled by the data protection system in each electronic device Run in the background; monitor the activity status of the storage device by controlling the program programming interface in each electronic device by the data protection system to determine whether there is data transferred to the storage device; When it is determined that the electronic device has data transferred to the storage device, output a prompt message; determine whether the electronic device is equipped with a camera; when it is determined that the electronic device is equipped with a camera, control the camera to shoot the An image of the current user of the electronic device; and storing the image of the current user of the electronic device captured by the camera in the memory of the data protection device. 如請求項5所述之資料保護方法,其中,所述方法還包括以下步驟:將所述資料保護系統分別載入至複數個分組中的每一資料保護裝置;判斷是否每個分組中的資料保護裝置都偵測到所述資料保護系統;及當判定每個分組中的資料保護裝置都偵測到所述資料保護系統時,在與每一資料保護裝置通訊連接的複數個電子裝置中安裝所述資料保護系統的程式編程介面。 The data protection method according to claim 5, wherein the method further includes the steps of: loading the data protection system into each data protection device in a plurality of groups; determining whether the data in each group is All protection devices detect the data protection system; and when it is determined that the data protection devices in each group have detected the data protection system, install in a plurality of electronic devices that are in communication with each data protection device The programming interface of the data protection system. 如請求項5所述之資料保護方法,其中,所述方法還包括以下步驟:記錄所述資料轉移的相關資訊,其中,所述相關資訊包括所述電子裝置的定位資訊、資料轉移時的螢幕截圖及所述電子裝置的系統日誌。 The data protection method according to claim 5, wherein the method further comprises the following steps: recording the relevant information of the data transfer, wherein the relevant information includes the positioning information of the electronic device and the screen during the data transfer Screenshots and system logs of the electronic device. 如請求項7所述之資料保護方法,其中,所述方法還包括以下步驟:當判定所述電子裝置有資料轉移到所述存放裝置中時,判斷所述電子裝置是否處於連網狀態;當判定所述電子裝置處於連網狀態時,記錄所述電子裝置的定位資訊、資料轉移時的螢幕截圖及所述電子裝置的系統日誌;及 當判定所述電子裝置未處於連網狀態時,記錄資料轉移時的螢幕截圖及所述電子裝置的系統日誌。 The data protection method according to claim 7, wherein the method further includes the following steps: when it is determined that the electronic device has data transferred to the storage device, determining whether the electronic device is in a connected state; When it is determined that the electronic device is in a networked state, record the location information of the electronic device, the screenshot of the data transfer and the system log of the electronic device; and When it is determined that the electronic device is not connected to the network, a screenshot of the data transfer and the system log of the electronic device are recorded.
TW108113465A 2019-04-17 2019-04-17 Data protection device and method TWI715011B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108113465A TWI715011B (en) 2019-04-17 2019-04-17 Data protection device and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108113465A TWI715011B (en) 2019-04-17 2019-04-17 Data protection device and method

Publications (2)

Publication Number Publication Date
TW202040395A TW202040395A (en) 2020-11-01
TWI715011B true TWI715011B (en) 2021-01-01

Family

ID=74201448

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108113465A TWI715011B (en) 2019-04-17 2019-04-17 Data protection device and method

Country Status (1)

Country Link
TW (1) TWI715011B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201804354A (en) * 2016-07-19 2018-02-01 資富電子股份有限公司 Storage device, data protection method therefor, and data protection system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201804354A (en) * 2016-07-19 2018-02-01 資富電子股份有限公司 Storage device, data protection method therefor, and data protection system

Also Published As

Publication number Publication date
TW202040395A (en) 2020-11-01

Similar Documents

Publication Publication Date Title
TWI451245B (en) Virtual machine monitoring method, system and computer readable storage medium for storing thereof
WO2019071926A1 (en) Method for automatically monitoring database services, storage medium, electronic device and system
JP2015529913A (en) Information backup method and apparatus
TW201709081A (en) Automatic image recovery method and server system
US9231825B2 (en) Network management apparatus, management server, client terminal, and control method thereof
WO2019153532A1 (en) Deployment method and apparatus for monitoring system, and computer device and storage medium
US8305625B2 (en) Image forming apparatus, log control method, and program product
US20150020167A1 (en) System and method for managing files
CN102314382A (en) Method and module for emergently probing system information
WO2019037521A1 (en) Security detection method, device, system, and server
CN102291239B (en) Remote authentication method, system, agent component and authentication servers
TWI715011B (en) Data protection device and method
JPWO2005103909A1 (en) Security maintenance method, data storage device, security maintenance server, and recording medium recording the program
JP6636605B1 (en) History monitoring method, monitoring processing device, and monitoring processing program
US9537715B2 (en) Management system and monitoring apparatus
JP5310075B2 (en) Log collection system, information processing apparatus, log collection method, and program
CN111832085A (en) Data protection device and method
JPWO2011051999A1 (en) Information processing apparatus and information processing apparatus control method
TWI470458B (en) A method and device for controlling control
JP2008234125A (en) Information processor, information processing method, program, and recording medium
CN117348951B (en) Container sensing device and container sensing method applied to linux kernel
US10824748B2 (en) Method and system for low overhead control/status handshake for remote shared file server
JP2008003862A (en) Audit log creating device, audit event recording program and image processing device
TWI640875B (en) Desktop cloud cabinet construction system
JP2008198090A (en) Security management system