Sensitive data switching control module and method for computer and movable memory device

A mobile storage device and sensitive data technology, applied in computer security devices, computing, digital data protection, etc., can solve the problems of poor security, lack of flexibility and practicability, and achieve the effect of strong practicability

Inactive Publication Date: 2009-05-13
HARBIN INST OF TECH
View PDF1 Cites 36 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problems of poor security, lack of flexibility and practicability existing in the existing mobile storage sec

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sensitive data switching control module and method for computer and movable memory device
  • Sensitive data switching control module and method for computer and movable memory device
  • Sensitive data switching control module and method for computer and movable memory device

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0017] Specific implementation mode one: see figure 1 and figure 2 , the control module of this embodiment is made up of the following units:

[0018] The operation monitoring module 1 is used to monitor the data transmission operation between the computer and the mobile storage device, and sends the transmission object (the transmission object may be a file or a part of the file) to the content filtering module 2, and judges according to the feedback of the content filtering module 2 The result is the control of the write operation on the transfer object;

[0019] The content filtering module 2 is used to analyze various attributes of the transmission object from the operation monitoring module 1: file type, file format, content, etc., judge whether the content of the transmission object contains sensitive information according to the sensitive data information database, and send the judgment result to the operation Monitoring module 1.

[0020] This embodiment is a data ...

Example Embodiment

[0022] Specific implementation mode two: see figure 1 , this embodiment further defines that the content filtering module 2 includes the following units on the basis of the first specific embodiment:

[0023] The transmission object analysis module 2-1 is used to analyze the transmission object provided by the operation monitoring module 1, obtain its file type, file format, and transmission content, and send the extracted content to the transmission content discrimination module 2-2;

[0024] The transmission content judging module 2-2 is used to judge whether the transmission content is sensitive content, and send the judging result to the operation monitoring module 1. There are two main types of content that can be processed, namely text file content and multimedia content such as images.

[0025] The transmission content discrimination module 2-2 judges the transmission content according to the sensitive information database, and the data in the sensitive information dat...

Example Embodiment

[0028] Specific implementation mode three: see figure 1 , this embodiment adds the following units on the basis of the specific embodiment one:

[0029] The encryption filter driver module 3 is used for performing real-time encryption or decryption on the transmission object based on the filter driver according to the judgment result of the content filter module 2 .

[0030] Encrypted filter driver is a data encryption technology in the operating system kernel and above the file system. It is a technology that uses the development of filter drivers to realize the function extension of the file system. It belongs to the kernel program of the operating system and is closely integrated with the file system to provide users with encryption / decryption services. Using the filter driver to implement file encryption and decryption is safe, because the filter driver belongs to the kernel program of the operating system, and the kernel mechanism provides a strong security guarantee and...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a control module for sensitive data interchange between a computer and a mobile storage device and a method thereof, and relates to the control module for data interchange between the computer and the mobile storage device and the method thereof, thereby solving the problems of poorer security, and flexibility and practicality lack existing in the existing mobile storage security system. An operation monitoring module transmits a transmission object to a content filtering module, and carries out control of write operation; the content filtering module analyzes an attribute from the transmission object, determines whether the content of the transmission object contains sensitive information or not according to a sensitive data information base, and transmits a determination result to the operation monitoring module. By analyzing each attribute of the transmission object, the method extracts transmission content, determines whether the transmission content contains sensitive information or not, and controls the transmission object according to the determination result. The determination of invention to the sensitive information not only depends on a traditional key word way, but also can use a method based on text semanteme or multimedia aware content abstract.

Description

technical field [0001] The invention relates to a data exchange control module and method between a computer and a storage device, belonging to the security field of mobile storage devices, and the method can also be applied to the control and management of data exchange between a computer and a network. Background technique [0002] Currently, there is a lack of systematic and practical security management solutions for the exchange of sensitive or classified data between computers and mobile storage devices. Existing technologies generally use software to control the scope of use of mobile storage devices (such as the invention patent with the publication number CN1845136), or directly restrict computer access to mobile devices (such as the USEC restrictive mobile storage media management system) to reduce sensitive information. possibility of leakage. Although these methods can achieve the purpose of confidentiality, they also limit the exchange of ordinary information a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/24G06F21/60
Inventor 李琼刘兆庆牛夏牧张慧喻欣
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap