CN1564101A - Dual-layer control method for computer peripheral device - Google Patents
Dual-layer control method for computer peripheral device Download PDFInfo
- Publication number
- CN1564101A CN1564101A CN 200410029943 CN200410029943A CN1564101A CN 1564101 A CN1564101 A CN 1564101A CN 200410029943 CN200410029943 CN 200410029943 CN 200410029943 A CN200410029943 A CN 200410029943A CN 1564101 A CN1564101 A CN 1564101A
- Authority
- CN
- China
- Prior art keywords
- control
- strategy
- peripheral
- disk
- port
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002093 peripheral effect Effects 0.000 title claims abstract description 80
- 238000000034 method Methods 0.000 title claims description 26
- 239000002355 dual-layer Substances 0.000 title 1
- 238000011217 control strategy Methods 0.000 claims description 23
- 238000005516 engineering process Methods 0.000 claims description 23
- 238000007726 management method Methods 0.000 claims description 9
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 9
- 238000013500 data storage Methods 0.000 claims description 4
- 235000016936 Dendrocalamus strictus Nutrition 0.000 claims description 2
- 230000003287 optical effect Effects 0.000 abstract 1
- 238000004891 communication Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 241000700605 Viruses Species 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 239000012467 final product Substances 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Peripheral devices are controlled by two different layers: intrace control for peripheral devices and authentication for logic magnetic disk. One or two layers are adopted in strategy. The objects to be controlled include USB, infrared port, serial port and parallel port, PCMIC port, 1394 port, optical drive and floppy drive etc, which are controlled through switching state. Authentication of logic magnetic disk is carried out between storage media layer and peripheral devices. Only the peripheral devices passed authentication of logic magnetic disk can be used to store and replicate data in computer. The invention controls and manages peripheral devices, but provides expedience and meets need of safety.
Description
Affiliated technical field
The present invention relates to the double-deck control method of a kind of computer peripheral.
Background technology
Along with the expansion of computer utility scope and increasing of computer-related devices, the use of computer peripheral is more and more frequent, and the kind of external unit is also more and more various.These external units provide rich functions usually, comprise the storage of data and data transmission etc.And for an enterprise or public institution, needs for various purposes as anti-virus or prevent leakage of information etc., require to control to the external unit of some computing machine.Such as in order to prevent importing into of virus, require usually to forbid that the user uses CD-ROM drive and floppy drive.The most general method is the method by physics control at present, such as removing CD-ROM drive and floppy drive etc.But this method can be brought very big inconvenience because some the time also need to use these peripheral hardwares to carry out work, when duplicating and backing up such as data.
Another solution is normally controlled on device drives, just in system, adopt and detect certain device drives, and to pass through certain peripheral port (as serial ports or USB mouth) access time in case find new equipment, if the port that discovering device uses is to forbid in the strategy, then forbid the loading of this device program, thereby play the purpose that control the type port uses.But this method of forbidding that simply certain equipment uses lacks dirigibility, many times can not satisfy the needs of actual conditions, can not realize effective fine granularity monitoring.
The external unit of computing machine comprises various printers, movable storage device, communication facilities and other various application apparatuss.These device categories are very various, and it almost is impossible carrying out concrete control at every kind of equipment.But, all computer peripherals generally all communicate with main frame by the particular communication port, such as serial ports, parallel port, infrared, USB and 1394 etc., so, can come the control computer external unit by control to the particular type communication port.
In fact, in the external unit of computing machine, most important one type is memory device, and these memory devices have constituted the main flow of computer peripheral, and becomes the main flow approach of sharing mutually between the computing machine with swap data.With respect to the external device communication port of computing machine, memory device belongs to logical layer, is higher than the device port layer.Memory device may be to be linked in the computing machine by the different communication port, and the control of memory device is also just needed flexible strategies more.
Generally speaking, present existing computer peripheral control technology all is to adopt simple on-off mode to control basically, perhaps controls from physical equipment, and its dirigibility and adaptability are all bad, brings very big inconvenience for management and application.
Summary of the invention
In order to overcome the deficiency of existing computer peripheral control technology, the invention provides the double-deck control method of a kind of computer peripheral, adopt double-decker that computer peripheral is controlled, thereby effectively realize flexibly and effectively control, to adapt to the needs that computer peripheral uses the security that more and more widely brings to computer peripheral.Purpose is to accomplish both can effectively control and manage computer peripheral, can take into account the abundant convenience that computer peripheral brought again.
The technical solution adopted for the present invention to solve the technical problems is: from two different levels the external unit of computing machine is controlled: computer external interface control and logic magnetic disc authentication, realize according to strategy, adopt wherein one deck to control or two-layerly all control.
Computer external interface control is to adopt at various kinds of interfaces to carry out switch control, the object of control comprises USB, infrared port, serial ports, parallel port, PCMIC interface, 1394 mouthfuls, CD-ROM drive and floppy drive etc., these interfaces adopt simple on off state to control, if close wherein certain type interface, then any equipment from the type interface not can and computer system enable and drive, if open the type port, then the equipment that inserts from the type will be enabled and drive by computer system.
Logic magnetic disc authentication techniques (number of patent application: then be computer peripheral to be authenticated 200410029734.9), have only computing machine External memory equipment by logic magnetic disc authentication in computing machine, to be used for the storage of data and duplicate in storage medium layer.But this technology is because be based on the technology of logic magnetic disc, thus when the equipment of access interface be not storage medium such as logic magnetic disc but as virtual unit transmission data the time, this method just may be out of hand.
Determine the intensity that peripheral hardware is controlled according to application demand, control strategy selects the basic step of determining as follows:
1), need to determine whether its all peripheral port of control at a computing machine;
2) control all peripheral port if desired, determine whether the memory device of only being concerned about that these ports insert;
3) if under the prerequisite that guarantees the data sharing convenience, the safety to the data storage has requirement again, can enable logic magnetic disc authentication control technology so;
4) under the prerequisite of all peripheral port of control,, enable individual layer logic magnetic disc authentication control technology and get final product if only be concerned about the memory device that all peripheral port insert;
5) under the prerequisite of all peripheral port of control, forbid the equipment that all peripheral port insert if desired, then only need start the interface control strategy to whole ports;
6) if only need the use of the Peripheral Interface of control section, can enable the interface control strategy to the part interface;
7) if under the prerequisite of having controlled the part Peripheral Interface, also need the read-write of logic magnetic disc is controlled, then use double-deck interface control strategy.
Step to computer external interface control is as follows:
1) keeper sends instruction for peripheral hardware control and management agency by user interface, forbids or enable the computer peripheral equipment of one or more types;
2) peripheral port is forbidden or enabled to peripheral hardware control and management agency according to instruction.
The invention has the beneficial effects as follows,
From above-mentioned scheme as can be seen, the control of the computer external interface of low layer can effectively be controlled at dissimilar interfaces, but lacks dirigibility; High-rise logic magnetic disc authentication control technology then can adopt measure flexibly that the outside memory device that inserts of computing machine is effectively controlled.The computer peripheral equipment control technology of this bilayer both can be controlled at different computer external interface types, also can the memory device that insert by dissimilar interfaces be control effectively and manage.
The present invention can realize the control to the computer peripheral equipment efficient, flexible, mainly realizes following function:
1. can effectively control various types of peripheral hardwares, and adapt to various application form such as memory device and communication facilities etc.;
2. can control the equipment of dissimilar interfaces neatly targetedly, such as, the equipment of USB type is forbidden control etc. especially;
3. by double-deck logic magnetic disc control technology, can be effectively under the prerequisite of peripheral hardware convenience that guarantees to use a computer, reinforcement prevents that to the management of computing machine and the secure storage management of computer data the leakage of computing machine confidential information from letting out from computer peripheral;
4. by the logic magnetic disc authentication techniques, the effective management that can segment memory device realizes effective control of data storage.
Description of drawings
The present invention is further described below in conjunction with drawings and Examples.
Fig. 1 is that control strategy of the present invention is selected process flow diagram.
Fig. 2 is a double-deck peripheral hardware control technology implementation step process flow diagram of the present invention.
Embodiment
Embodiment 1: control strategy is selected: as shown in Figure 1,
At first determine the intensity of peripheral hardware control according to application demand, its step is as follows:
1) at a computing machine, determine port controlling type (1), whether need to control its all peripheral port;
2) control all peripheral port if desired, determine whether the memory device of only being concerned about that these ports insert; Control store equipment (2) whether only;
3) if under the prerequisite that guarantees the data sharing convenience, the safety to the data storage has requirement again, can enable logic magnetic disc authentication control technology (3) so;
4) under the prerequisite of all peripheral port of control, if only be concerned about the memory device that all peripheral port insert, control disk read-write (4), enable individual layer logic magnetic disc authentication control technology (3) and get final product;
5) under the prerequisite of all peripheral port of control, forbid the equipment (6) that all peripheral port insert if desired, then only need start interface control strategy (7) to whole ports;
6), can enable interface control strategy (5) to the part interface if only need the use of the Peripheral Interface of control section;
7) if under the prerequisite of having controlled the part Peripheral Interface, also need (4) are controlled in the read-write of logic magnetic disc, then use double-deck interface control strategy.
Embodiment 2: in Fig. 2, double-deck peripheral hardware control technology implementation step: external unit inserts (8) time the computing machine, and under the situation of double-deck peripheral hardware control technology enforcement, its step is as follows:
1) computing machine checks according to strategy whether the type port status (9) is the port of forbidding, if then forbid the driving of this equipment of system loads (10); If not the driving that then allows this equipment of system loads (11);
2) after device drives loaded (11), memory device (12) whether was if not then can normally using (13) in computing machine;
3) if the equipment that loads is memory device (14), then in reading and writing of files, can enable logic magnetic disc authentication techniques (24);
4) in the time of execute file read-write (15), at first check whether be the disk (16) of process authentication;
5) if, allow unregistered disk strategy (18) but enabled through the disk of authentication, then can be from this disk sense data, carry out read-only strategy (22); Allow unregistered disk strategy if enable, then the data read-write operation of this disk all will be under an embargo (23);
6) if disk through authentication, is enabled Different Strategies (17), then allow to carry out the operation of different rights according to certification policy;
7) if disk is registered as direct read strategy (21), then disk can normally use in system;
8) if disk is registered as read-only strategy (19), then can only be from disk reading of data, and data can not be write disk;
9) if disk is registered as safe read-write strategy (20), the data that then write disk will be encrypted, and will be automatically performed decryption oprerations from disk read data.
Embodiment 3: in the peripheral hardware control subsystem, mainly realized following function:
1. realized function that USB interface, serial ports, parallel port, infrared port, 1394 ports, CD-ROM drive, floppy drive and notebook PCMIC card are enabled respectively or forbidden according to strategy;
2. realized the function that the read-write operation of logical memory device control effectively according to strategy.
Control strategy is selected as follows:
1) all Peripheral Interface control strategies all can not forbidden under the default situation according to user's needs flexible customization;
2) type of Peripheral Interface control comprises USB interface, serial ports, parallel port, infrared port, 1394 ports, CD-ROM drive, floppy drive and notebook PCMIC card;
3) the logic magnetic disc control strategy also is customizable, enables this strategy under the default situation;
4) the logic magnetic disc control strategy comprises and bans use of strategy, read-only strategy, safe read-write strategy and direct read strategy.
Double-deck control technology implementation step: with the double-deck control technology implementation step of embodiment 2.
Embodiment 4: in this Computer Storage peripheral equipment management service system, require to realize that CD-R/W, floppy drive and USB Peripheral Interface to computing machine carry out policy control, and do not having to enable the logical memory device authentication techniques under certain type of situation of enabling in above-mentioned three types.Mainly be achieved as follows function:
1. realize common memory device CD-R/W, floppy drive and USB memory device are carried out the technology of switch control, promptly make things convenient for computer peripheral equipment use in case of necessity, also can accomplish virus and leakage of information problem that the random use of computing machine External memory equipment brings;
2. use the logical memory device authentication techniques, strengthen control effect and dirigibility storage device data safety.
Control strategy is selected:
1) present embodiment is only implemented the interface control strategy to the peripheral hardware of three types of CD-R/W, floppy drive and USB interface,
2) enable the strategy of logical storage authentication techniques.
Double-deck control technology implementation step:
1) computing machine checks according to strategy whether the type port is one of CD-R/W, floppy drive or three kinds of interfaces of USB, if not, then directly allow the use of equipment; If then check whether be the port of forbidding, if then forbid the driving of this equipment of system loads according to strategy; If not the driving that then allows this equipment of system loads;
2) all the other steps are with the double-deck control technology implementation step of embodiment 2.
Claims (6)
1. the double-deck control method of a computer peripheral, it is characterized in that: the external unit of computing machine is controlled: computer external interface control and logic magnetic disc authentication from two different levels, realize according to strategy, adopt wherein one deck to control or two-layerly all control.
2. the double-deck control method of a kind of computer peripheral according to claim 1 is characterized in that: the step of computer external interface control is as follows:
1) keeper sends instruction for peripheral hardware control and management agency by user interface, forbids or enable the computer peripheral equipment of one or more types;
2) peripheral port is forbidden or enabled to peripheral hardware control and management agency according to instruction.
3. the double-deck control method of a kind of computer peripheral according to claim 1 and 2 is characterized in that the step of control strategy selection is as follows:
1), need to determine whether its all peripheral port of control at a computing machine;
2) control all peripheral port if desired, determine whether the memory device of only being concerned about that these ports insert;
3) if under the prerequisite that guarantees the data sharing convenience, the safety to the data storage has requirement again, enables logic magnetic disc authentication control technology;
4) under the prerequisite of all peripheral port of control,, enable individual layer logic magnetic disc authentication control technology if only be concerned about the memory device that all peripheral port insert;
5) under the prerequisite of all peripheral port of control, forbid the equipment that all peripheral port insert if desired, then whole ports are started the interface control strategy;
6) if only need the use of the Peripheral Interface of control section, the part interface is enabled the interface control strategy;
7) if under the prerequisite of having controlled the part Peripheral Interface, also need the read-write of logic magnetic disc is controlled, then use double-deck interface control strategy.
4. the double-deck control method of a kind of computer peripheral according to claim 1 and 2 is characterized in that the control strategy selection is as follows:
1) all Peripheral Interface control strategies all can not forbidden under the default situation according to user's needs flexible customization;
2) type of Peripheral Interface control comprises USB interface, serial ports, parallel port, infrared port, 1394 ports, CD-ROM drive, floppy drive and notebook PCMIC card;
3) the logic magnetic disc control strategy also is customizable, enables this strategy under the default situation;
4) the logic magnetic disc control strategy comprises and bans use of strategy, read-only strategy, safe read-write strategy and direct read strategy.
5. the double-deck control method of a kind of computer peripheral according to claim 1 and 2 is characterized in that double-deck control technology implementation step:
1) computing machine checks according to strategy whether the type port is the port of forbidding, if then forbid the driving of this equipment of system loads; If not the driving that then allows this equipment of system loads;
2) after device drives loads,, then can in computing machine, normally use if not memory device;
3) if the equipment that loads is memory device, then in reading and writing of files, can enable the logic magnetic disc authentication techniques;
4) when execute file is read and write, at first check whether be the disk of process authentication;
5) if, allow unregistered disk strategy but enabled through the disk of authentication, then can be from this disk sense data, carry out read-only strategy; Do not allow unregistered disk strategy if enable, then the data read-write operation of this disk all will be under an embargo;
6) if disk through authentication, then allows to carry out the operation of different rights according to certification policy;
7) if disk is registered as the direct read strategy, then disk can normally use in system;
8) if disk is registered as read-only strategy, then can only be from disk reading of data, and data can not be write disk;
9) if disk is registered as the safe read-write strategy, the data that then write disk will be encrypted, and will be automatically performed decryption oprerations from disk read data.
6. the double-deck control method of a kind of computer peripheral according to claim 1, it is characterized in that CD-R/W, floppy drive and USB Peripheral Interface to computing machine carry out policy control, and do not having to enable the logical memory device authentication techniques under certain type of situation of enabling in above-mentioned three types.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410029943 CN1564101A (en) | 2004-04-06 | 2004-04-06 | Dual-layer control method for computer peripheral device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410029943 CN1564101A (en) | 2004-04-06 | 2004-04-06 | Dual-layer control method for computer peripheral device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1564101A true CN1564101A (en) | 2005-01-12 |
Family
ID=34481039
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410029943 Pending CN1564101A (en) | 2004-04-06 | 2004-04-06 | Dual-layer control method for computer peripheral device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1564101A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101593261A (en) * | 2008-05-27 | 2009-12-02 | 慧国(上海)软件科技有限公司 | Computer system, data protection method and machine-readable medium |
-
2004
- 2004-04-06 CN CN 200410029943 patent/CN1564101A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101593261A (en) * | 2008-05-27 | 2009-12-02 | 慧国(上海)软件科技有限公司 | Computer system, data protection method and machine-readable medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102429792B1 (en) | Memory devices and electronic systems and related methods having hybrid caches with static and dynamic cells | |
| US6925529B2 (en) | Data storage on a multi-tiered disk system | |
| JP6910131B2 (en) | Storage device including multiple partitions for multiple mode operation, and its operation method | |
| TWI412994B (en) | Method of configuring non-volatile memory for a hybrid disk drive | |
| Park et al. | A high performance controller for NAND flash-based solid state disk (NSSD) | |
| CN103995578B (en) | A kind of device driver with data continuous-mode | |
| KR100470413B1 (en) | Method for Partitioning Memory Mass Storage Device | |
| US8756376B2 (en) | Mitigate flash write latency and bandwidth limitation with a sector-based write activity log | |
| CN103699334B (en) | For managing the method and system of magnetic disk of virtual machine | |
| US8719489B2 (en) | Hardware based wear leveling mechanism for flash memory using a free list | |
| US9417820B2 (en) | Low-overhead storage of a hibernation file in a hybrid disk drive | |
| US8904400B2 (en) | Processing system having a partitioning component for resource partitioning | |
| US9268712B2 (en) | Method, system and apparatus for region access control | |
| US20080172518A1 (en) | Systems For Supporting Readydrive And Readyboost Accelerators In A Single Flash-Memory Storage Device | |
| CN105431858A (en) | Secure privilege level execution and access protection | |
| EP2109035A3 (en) | Storage control apparatus, data management system and data management method | |
| EP2577470A2 (en) | Cache management and acceleration of storage media | |
| CN101063929A (en) | Storage device using nonvolatile flash memory and control method thereof | |
| CN101101575A (en) | Data safe memory method and device | |
| US20090070576A1 (en) | System and method for providing a secure computing environment | |
| CN103020550A (en) | Solid state disk and secure access method thereof as well as solid state disk system | |
| US20240419345A1 (en) | Gradually Reclaim Storage Space Occupied by a Proof of Space Plot in a Solid State Drive | |
| US9021186B2 (en) | Partial allocate paging mechanism using a controller and a buffer | |
| CN1845136A (en) | Method and device for supervising secret-related files between computer and mobile storage device | |
| JP2009032305A (en) | Information recording apparatus and control method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |