[go: up one dir, main page]

TWI476675B - Flash drive with security device - Google Patents

Flash drive with security device Download PDF

Info

Publication number
TWI476675B
TWI476675B TW098112269A TW98112269A TWI476675B TW I476675 B TWI476675 B TW I476675B TW 098112269 A TW098112269 A TW 098112269A TW 98112269 A TW98112269 A TW 98112269A TW I476675 B TWI476675 B TW I476675B
Authority
TW
Taiwan
Prior art keywords
password
computer
security
flash drive
lock
Prior art date
Application number
TW098112269A
Other languages
Chinese (zh)
Other versions
TW201037596A (en
Inventor
Jian Ting Chen
Yu Han Chen
Lun De Liao
Paul C P Chao
Original Assignee
Univ Nat Chiao Tung
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Nat Chiao Tung filed Critical Univ Nat Chiao Tung
Priority to TW098112269A priority Critical patent/TWI476675B/en
Publication of TW201037596A publication Critical patent/TW201037596A/en
Application granted granted Critical
Publication of TWI476675B publication Critical patent/TWI476675B/en

Links

Landscapes

  • Storage Device Security (AREA)

Description

具安全防護裝置的隨身碟Drive with safety guard

本發明是有關於一種隨身碟,尤其是一種具安全防護裝置的隨身碟。The invention relates to a flash drive, in particular to a flash drive with a safety guard.

目前攜帶電子資料最常用的方式之一是將電子資料儲存於透過通用匯流排介面(universal serial bus,USB)連接電腦的隨身碟,亦稱為行動碟。然而,一般的隨身碟並不具備安全防護的功能,因此資料常常因軟體或硬體的不當操作而遺失、被竊取或損毀,列舉如下:One of the most common ways to carry electronic data today is to store electronic data in a portable flash drive connected to a computer via a universal serial bus (USB), also known as a mobile disc. However, general flash drives do not have security features, so data is often lost, stolen or damaged due to improper operation of software or hardware, as listed below:

(1)軟體上惡意的存取:存取隨身碟的資料已成為不當程式竊取重要資料或散布病毒的重要媒介;以及(1) Malicious access on software: Accessing the information on the drive has become an important medium for improper programs to steal important information or distribute viruses;

(2)硬體上不當的拔除:未執行卸除隨身碟的指令即拔除已連接電腦的隨身碟,進而造成隨身碟的損毀。(2) Improper removal on the hardware: Unplugging the connected USB flash drive without executing the command to remove the flash drive, causing damage to the flash drive.

本發明所提出的安全防護方案可有效降低或避免軟體上或硬體上的不當操作,因此可避免隨身碟的資料遺失、被竊取或損毀,並可進一步提升隨身碟的便利性。The safety protection scheme proposed by the invention can effectively reduce or avoid improper operation on the software or the hardware, thereby avoiding the loss, theft or damage of the data on the flash drive, and further improving the convenience of the flash drive.

為提升電子資料的安全保護、避免不當的資料存取以及提升隨身碟的便利性,本發明的主要特徵摘要如下:In order to improve the security protection of electronic materials, avoid improper data access, and improve the convenience of the flash drive, the main features of the present invention are summarized as follows:

(1)密碼鎖(或稱為電子開關)與安全防護韌體:(1) Password lock (or electronic switch) and security firmware:

密碼鎖用以設定及儲存安全密碼;安全防護韌體用以驗證密碼鎖之密碼與電腦使用者之密碼,僅在驗證通過後,始得寫入資料至記憶體,因此可有效防止電腦自動寫入資料至隨身碟。The password lock is used to set and store the security password; the security protection firmware is used to verify the password of the password lock and the password of the computer user, and only after the verification is passed, the data is written to the memory, thereby effectively preventing the computer from automatically writing. Enter the information to the flash drive.

(2)連結控制鍵:(2) Link control button:

觸壓連結控制鍵後,控制器會安全地斷開記憶體與電腦之間的連結,因此可避免使用者不當地拔出隨身碟而毀損儲存於隨身碟的資料。After the touch control button is pressed, the controller will safely disconnect the connection between the memory and the computer, thus preventing the user from unplugging the flash drive and damaging the data stored on the flash drive.

(3)提升便利性:(3) Improve convenience:

密碼鎖可以是一種電子鎖(或電子開關),所設定的安全密碼可顯示在硬體上,以避免使用者忘記安全密碼,並可同時避免電腦自動寫入資料至隨身碟;連結控制鍵可透過控制器送出卸除指令,以安全地斷開該隨身碟與該電腦之間的連結,因此使用者無須在電腦上執行卸除隨身碟的指令,進而提升了隨身碟操作的便利性;或者連接於電腦的隨身碟為退出狀態,亦可利用連結控制鍵執行連接指令而與電腦重新建立連接。The password lock can be an electronic lock (or electronic switch). The set security password can be displayed on the hardware to prevent the user from forgetting the security password, and at the same time avoid the computer automatically writing data to the flash drive; the link control button can be Sending a removal command through the controller to safely disconnect the USB flash drive from the computer, so that the user does not need to execute the command to remove the flash drive on the computer, thereby improving the convenience of the operation of the flash drive; The flash drive connected to the computer is in the exit state, and the connection control button can be used to perform the connection command to re-establish the connection with the computer.

本發明所建議方案利用密碼鎖、安全防護韌體以及連結控制鍵等裝置提昇隨身碟的安全防護措施以避免硬體上或軟體上不當地操作,同時提升隨身碟的便利性,以下利用實施例並配合圖式說明本發明之技術特徵。The proposed solution of the invention utilizes a device such as a combination lock, a security protection firmware and a connection control button to enhance the security protection measures of the flash drive to avoid undesired operation on the hardware or the software, and at the same time improve the convenience of the flash drive, and the following embodiments are utilized. The technical features of the present invention will be described with reference to the drawings.

本發明一實施例之結構方塊圖,如圖1。隨身碟101以一通用匯流排(universal serial bus,USB)連接埠做為通訊介面,稱為USB介面102。記憶體104用以儲存資料,控制器103連接於USB介面102與記憶體104以控制電腦與隨身碟101間的通訊。密碼鎖106與連結控制鍵105連接於控制器103,分別控制寫入的准否以及隨身碟101與電腦間通訊的斷連(connection and disconnection)。另外,隨身碟101具有一外殼以保護內部電子元件,外殼未示於圖1。A block diagram of an embodiment of the present invention is shown in FIG. The flash drive 101 uses a universal serial bus (USB) port as a communication interface, and is called a USB interface 102. The memory 104 is used to store data, and the controller 103 is connected to the USB interface 102 and the memory 104 to control communication between the computer and the flash drive 101. The combination lock 106 and the connection control key 105 are connected to the controller 103 to control the registration and the connection and disconnection of the communication between the USB flash drive 101 and the computer, respectively. In addition, the drive 101 has a housing to protect internal electronic components, which is not shown in FIG.

控制器103儲存安全防護韌體以及執行安全防護韌體。密碼鎖106為一電子鎖,可採用數位電子鎖或二元電子鎖,是一種利用IC電路實作的電子鎖,可避免軟體式的防護鎖易於被入侵的缺點;另外,密碼鎖106具有一顯示介面,用以呈現密碼鎖106所設定的密碼,以避免使用者忘記安全密碼。當電腦傳輸資料至隨身碟101時,控制器103讀取密碼鎖106的密碼以及電腦使用者的密碼,並透過安全防護韌體驗證密碼鎖106的密碼與電腦使用者的密碼。若驗證成功,則控制器103准許資料寫入記憶體104;反之,若驗證失敗,則控制器103不准資料寫入記憶體104。The controller 103 stores the security guard firmware and executes the security guard firmware. The code lock 106 is an electronic lock, which can be a digital electronic lock or a binary electronic lock. It is an electronic lock implemented by an IC circuit, which can avoid the disadvantage that the soft type lock is easy to be invaded; in addition, the code lock 106 has a The display interface is used to present the password set by the password lock 106 to prevent the user from forgetting the security password. When the computer transmits the data to the flash drive 101, the controller 103 reads the password of the password lock 106 and the password of the computer user, and verifies the password of the password lock 106 and the password of the computer user through the security firmware. If the verification is successful, the controller 103 permits the data to be written to the memory 104; otherwise, if the verification fails, the controller 103 does not permit the data to be written to the memory 104.

控制器103可接收連結控制鍵105的指令,而安全地斷開或建立記憶體104與電腦之間的連結。當連接於電腦的隨身碟未執行卸除指令時,使用按下連接控制鍵以發出卸除指令,因此隨身碟可自由的卸除;或者連結於電腦的隨身碟實際上已卸除,使用者可藉由連結控制鍵105建立隨身碟與電腦之通訊。The controller 103 can receive an instruction to connect the control keys 105 to safely disconnect or establish a connection between the memory 104 and the computer. When the flash drive connected to the computer does not execute the unloading command, press the connection control button to issue the removal command, so the flash drive can be freely removed; or the pen drive connected to the computer is actually removed, the user The communication between the flash drive and the computer can be established by the link control button 105.

本發明之一實施例是利用密碼驗證的方法來防止電腦自動寫入資料至隨身碟101。密碼驗證的方法是在電腦傳輸資料至隨身碟101時,驗證密碼鎖106所設定密碼與電腦使用者密碼,若驗證成功,始准許資料寫入至隨身碟101的記憶體104,反之則拒絕資料寫入隨身碟。驗證密碼的方法以安全防護韌體方式紀錄於控制器103。以下圖2a與圖2b所示實施例,說明本發明資料寫入的安全防護方法之精神。One embodiment of the present invention utilizes a method of password verification to prevent a computer from automatically writing data to the flash drive 101. The method of password verification is to verify the password set by the password lock 106 and the password of the computer user when the computer transmits the data to the flash drive 101. If the verification is successful, the data is allowed to be written to the memory 104 of the flash drive 101, and vice versa. Write to the pen drive. The method of verifying the password is recorded in the controller 103 in a secure manner. The following embodiments of Figures 2a and 2b illustrate the spirit of the security protection method for writing data of the present invention.

如圖2a所示實施例之資料寫入的安全防護方法,包括下列步驟。當電腦傳輸資料至隨身碟時,讀取使用者輸入至電腦的驗證密碼(S100),並讀取密碼鎖所設定之安全密碼(S200)。然後,驗證電腦使用者的密碼以及密碼鎖的密碼(S300)。若驗證成功,則准許資料寫入至隨身碟(S400);若驗證失敗,則不准資料寫入至隨身碟(S500)。The security protection method of the data writing of the embodiment shown in FIG. 2a includes the following steps. When the computer transmits the data to the flash drive, the verification password (S100) input by the user to the computer is read, and the security password set by the password lock is read (S200). Then, verify the password of the computer user and the password of the password lock (S300). If the verification is successful, the data is permitted to be written to the flash drive (S400); if the verification fails, the data is not allowed to be written to the flash drive (S500).

如圖2b所示實施例之資料寫入的安全防護方法,與上述的驗證方法的差異在於計算驗證失敗次數,詳細說明如下:The difference between the security protection method written in the data of the embodiment shown in FIG. 2b and the above verification method is that the number of verification failures is calculated, and the details are as follows:

當電腦傳輸資料至隨身碟時,讀取電腦使用者的密碼(S100),讀取密碼鎖所設定的密碼(S200)。然後,驗證電腦使用者的密碼以及密碼鎖之密碼(S300)。若驗證成功,則准許資料寫入至隨身碟(S400);若驗證失敗,則計數驗證失敗的次數(S600),並比較驗證失敗次數與一臨界值(S610)。若驗證失敗的次數高於臨界值,則判斷資料為惡意寫入操作,不准資料寫入至隨身碟(S500);若驗證失敗的次數未達臨界值,則要求使用者重新輸入驗證密碼,並持續驗證二密碼(S300)。When the computer transmits data to the flash drive, it reads the password of the computer user (S100) and reads the password set by the password lock (S200). Then, verify the password of the computer user and the password of the password lock (S300). If the verification is successful, the data is permitted to be written to the flash drive (S400); if the verification fails, the number of verification failures is counted (S600), and the number of verification failures is compared with a threshold (S610). If the number of verification failures is higher than the critical value, the data is judged to be a malicious write operation, and the data is not allowed to be written to the flash drive (S500); if the number of verification failures does not reach the critical value, the user is required to re-enter the verification password. And continue to verify the second password (S300).

驗証電腦用者的密碼與密碼鎖的密碼(S300)可以直接比對二者是否一致,一致時表示成功,不一致表示失敗;或是驗證一演算法,即電腦使用者的密碼及/或密碼鎖的密碼經由演算法後所得到真假值,分別表示驗證成功及失敗。Verify that the password of the computer user and the password of the password lock (S300) can directly compare whether the two are consistent. If they are consistent, they indicate success, the inconsistency indicates failure, or verify an algorithm, that is, the password and/or password lock of the computer user. The password is obtained by the algorithm and the true and false values are obtained, which respectively indicate the success and failure of the verification.

另外,判斷驗證密碼與安全密碼不一致或判斷為惡意寫入後,控制器103可發出警告信息,其可以於電腦的一顯示器顯示對話框的方式通知使用者,或者是使設置於隨身碟上的一顯示燈顯示一信息燈號的方式通知使用者。In addition, after determining that the verification password is inconsistent with the security password or is determined to be maliciously written, the controller 103 may issue a warning message, which may notify the user by displaying a dialog box on a display of the computer, or may be set on the flash drive. The user is notified by a manner in which the indicator light displays an information light.

圖3a與圖3b所示分別為數位式電子鎖與二元式電子鎖的實施例。圖3a所示隨身碟之外殼具有控制鍵105與數位式電子鎖106。電子鎖106的位元數目可依需求調整,此實施例是三個位元的電子鎖。電子鎖106的每一個位元的值可以是數字、字元或是其組合,每一個位元的值可藉由設定鈕107設定位元的值,此三個位元所設定的位元值構成密碼。Figures 3a and 3b show an embodiment of a digital electronic lock and a binary electronic lock, respectively. The housing of the flash drive shown in Figure 3a has a control button 105 and a digital electronic lock 106. The number of bits of the electronic lock 106 can be adjusted as needed. This embodiment is a three-bit electronic lock. The value of each bit of the electronic lock 106 can be a number, a character, or a combination thereof. The value of each bit can be set by the setting button 107, and the bit value set by the three bits Form a password.

圖3b所示隨身碟之外殼具有控制鍵105與二元式電子鎖106。電子鎖106的位元數目可依需求調整,此實施例是四個位元的電子鎖,電子鎖106每一個位元的值可為真或假,利用此四個位元值構成密碼。The housing of the flash drive shown in Figure 3b has a control button 105 and a binary electronic lock 106. The number of bits of the electronic lock 106 can be adjusted as needed. This embodiment is a four-bit electronic lock. The value of each bit of the electronic lock 106 can be true or false, and the four bit values are used to form a password.

圖4所示隨身碟之實施例,除具有控制鍵105與數位式電子鎖106外,更包含一顯示燈108,用以顯示驗證密碼與安全密碼不一致的信息燈號。In addition to the control button 105 and the digital electronic lock 106, the embodiment of the flash drive shown in FIG. 4 further includes a display light 108 for displaying the information light number in which the verification password and the security password are inconsistent.

以上所述之實施例僅係為說明本發明之技術思想及特點,其目的在使熟習此項技藝之人士能夠瞭解本發明之內容並據以實施,當無法以之限定本發明之專利範圍,即大凡依本發明所揭示之精神所作之均等變化或修飾,仍應涵蓋在本發明之專利範圍內。The embodiments described above are merely illustrative of the technical spirit and the features of the present invention, and the objects of the present invention can be understood by those skilled in the art, and the scope of the present invention cannot be limited thereto. That is, the equivalent variations or modifications made by the spirit of the present invention should still be included in the scope of the present invention.

101...隨身碟101. . . Flash drive

102...USB介面102. . . USB interface

103...控制器103. . . Controller

104...記憶體104. . . Memory

105...連結控制鍵105. . . Link control button

106...密碼鎖106. . . password

107...設定鈕107. . . Setting button

108...顯示燈108. . . Indicator

S100、S200、S300、S400、S500、S600、S610...步驟S100, S200, S300, S400, S500, S600, S610. . . step

圖1所示為本發明具安全防護的隨身碟實施例之架構圖。FIG. 1 is a structural diagram of an embodiment of a flash drive with security protection according to the present invention.

圖2a與圖2b所示為本發明密碼驗證方法實施例之流程圖。2a and 2b are flowcharts showing an embodiment of a password verification method according to the present invention.

圖3a與圖3b所示為本發明具安全防護的隨身碟實施例之外觀示意圖,用以說明數位式電子鎖與二元式電子鎖。FIG. 3a and FIG. 3b are schematic diagrams showing the appearance of a portable flash drive according to an embodiment of the present invention for explaining a digital electronic lock and a binary electronic lock.

圖4所示為本發明具安全防護的隨身碟實施例之外觀示意圖,用以說明顯示驗證燈號之信息燈。FIG. 4 is a schematic diagram showing the appearance of a flash drive embodiment with security protection according to the present invention for explaining an information light for displaying a verification light.

101...隨身碟101. . . Flash drive

102...USB介面102. . . USB interface

103...控制器103. . . Controller

104...記憶體104. . . Memory

105...連結控制鍵105. . . Link control button

106...密碼鎖106. . . password

Claims (5)

一種具安全防護功能的隨身碟,包含:一連接埠,用以連接一電腦;一記憶體;一控制器,設置於該連接埠與該記憶體間,用以儲存及執行一安全防護韌體;一密碼鎖,連接該控制器,其中該安全防護韌體驗證該密碼鎖之密碼與該電腦密碼,以判斷該電腦是否可寫入一資料至該記憶體;以及一連結控制鍵,連接該控制器,用以接收一觸壓動作而使該控制器安全地卸除/建立該記憶體與該電腦間的連結。 A portable disk with security protection function includes: a connection port for connecting to a computer; a memory; a controller disposed between the connection port and the memory for storing and executing a security protection firmware a password lock, connected to the controller, wherein the security firmware verifies the password of the password lock and the computer password to determine whether the computer can write a data to the memory; and a link control button to connect the The controller is configured to receive a touch action to enable the controller to safely remove/establish a connection between the memory and the computer. 如請求項1所述之具安全防護功能的隨身碟,其中該密碼鎖為一電子鎖。 A pen drive with security protection function as claimed in claim 1, wherein the password lock is an electronic lock. 如請求項1所述之具安全防護功能的隨身碟,其中該密碼鎖具有一顯示介面,用以呈現該密碼鎖所設定之一安全密碼。 The security disk with the security protection function as claimed in claim 1, wherein the password lock has a display interface for presenting a security password set by the password lock. 如請求項1所述之具安全防護功能的隨身碟,其中該電腦傳輸該資料至該記憶體時,該控制器執行該安全防護韌體之方法,其驗證該密碼鎖之密碼與該電腦之使用者密碼,以准許或拒絕寫入該資料至該記憶體。 The security disk with the security protection function as claimed in claim 1, wherein when the computer transmits the data to the memory, the controller executes the security firmware method, and the password of the password lock is verified with the computer User password to permit or deny writing the data to the memory. 如請求項4所述之具安全防護功能的隨身碟,更包含一顯示燈,連接該控制器,其中當驗證失敗時,該顯示燈顯示一信息燈號。The pen drive with the security protection function as claimed in claim 4 further includes a display light connected to the controller, wherein when the verification fails, the display light displays an information light.
TW098112269A 2009-04-14 2009-04-14 Flash drive with security device TWI476675B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW098112269A TWI476675B (en) 2009-04-14 2009-04-14 Flash drive with security device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW098112269A TWI476675B (en) 2009-04-14 2009-04-14 Flash drive with security device

Publications (2)

Publication Number Publication Date
TW201037596A TW201037596A (en) 2010-10-16
TWI476675B true TWI476675B (en) 2015-03-11

Family

ID=44856749

Family Applications (1)

Application Number Title Priority Date Filing Date
TW098112269A TWI476675B (en) 2009-04-14 2009-04-14 Flash drive with security device

Country Status (1)

Country Link
TW (1) TWI476675B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102542189B (en) * 2010-12-31 2015-07-29 联想(北京)有限公司 A kind of method of certification, device and electronic equipment
CN108268387B (en) * 2016-12-30 2023-08-29 鸿富锦精密电子(郑州)有限公司 storage device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2736827Y (en) * 2004-08-11 2005-10-26 颜闿华 A mobile disc gain device with key-type electronic combination lock for security and anti-theft
US20070162962A1 (en) * 2006-01-05 2007-07-12 M-Systems Flash Disk Pioneers Ltd. Powerless electronic storage lock
TW200905569A (en) * 2007-07-20 2009-02-01 Ene Technology Inc USB card reader control device and manufacturing method for the same

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2736827Y (en) * 2004-08-11 2005-10-26 颜闿华 A mobile disc gain device with key-type electronic combination lock for security and anti-theft
US20070162962A1 (en) * 2006-01-05 2007-07-12 M-Systems Flash Disk Pioneers Ltd. Powerless electronic storage lock
TW200905569A (en) * 2007-07-20 2009-02-01 Ene Technology Inc USB card reader control device and manufacturing method for the same

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Travis Hudson, "Duck Image Bike-Lock Flash Drive", 2006/12/05, http://gizmodo.com/219463/duck-image-bike+lock-flash-drive *

Also Published As

Publication number Publication date
TW201037596A (en) 2010-10-16

Similar Documents

Publication Publication Date Title
CN102257504B (en) Method for using a CAPTCHA challenge to protect a removable mobile flash memory storage device
US9735960B2 (en) Method for protecting data stored within a disk drive of a portable computer
CN100514344C (en) Safety identification method based on safe computer
CN103559435B (en) The debugging port controlling method and apparatus of terminal device
US20100241875A1 (en) External storage device and method of controlling the same
US8844060B2 (en) Method and system for USB with an integrated crypto ignition key
US8601282B2 (en) Program and device for using second uncorrupted MBR data stored in an external storage
US20230237154A1 (en) Fuse based replay protection with conservative fuse usage
CN112199740B (en) Encryption lock implementation method and encryption lock
CN103176917B (en) Storage device protection system and storage device locking and unlocking method
US20240193264A1 (en) Fuse based replay protection with aggressive fuse usage and countermeasures for fuse voltage cut attacks
TWI476675B (en) Flash drive with security device
US12125547B2 (en) Fuse based replay protection with dynamic fuse usage and countermeasures for fuse voltage cut attacks
US8381304B2 (en) Apparatus and method for assuring secure disposal of a hard disk drive unit
JP3976638B2 (en) Electronic device, method for preventing unauthorized use thereof, and program for preventing unauthorized use thereof
CN105975872A (en) A method of testing TPM module under Windows
EP2204753B1 (en) Terminal apparatuses
US20080080084A1 (en) Information leak-preventing apparatus and information leak-preventing method
CN104794071A (en) Method and system for unfreezing and adding coded lock on computer SATA hard disk based on USB flash disk
CN118747384A (en) A data security storage device and storage method based on security chip
CN105809069A (en) Device and method for prevention of removal of solid state drive being accessible, and solid state drive
CN105320580A (en) Data storage system with information security protection
CN106295416B (en) Wake-up control method and electronic equipment
CN101739360B (en) How to protect memory data
JP2009294975A (en) Recording information management device, recording information management method and program

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees