201037596 六、發明說明: 【發明所屬之技術領域】 種具安全防護裝置的隨身 本發明是有關於一種隨身碟,尤其是— 碟。 【先前技術】 目前攜帶電子資料最相財仅―是 通用匯流排介面㈣―serial bus,USB)連接電腦的隨2存=透過201037596 VI. Description of the invention: [Technical field to which the invention pertains] The present invention relates to a portable disk, in particular, a disk. [Prior Art] At present, the most valuable information about carrying electronic data is only the universal bus interface (4) - serial bus, USB)
^碟。然而,-般的隨身碟並不具備安全防護的功能因此 爷因軟體或硬體的不當操作而遺失、_取或概,列舉如下: ⑴軟體上‘€、意的存取:存取隨身碟的_已成為 重要資料或散布病毒的重要媒介;以及 飞稱取 (2)硬體上不切拔除:未執行卸除隨身碟的指令即拔除已連接 電腦的隨身碟,進而造成隨身碟的損毀。 本發明所提出的安全防護方案可有效降低或避免軟體上或硬體 上的不當操作’ JD此可避免隨身碟的倾遺失、被竊取或損毁,並可 進一步提升隨身碟的便利性。 【發明内容】 為提升電子資料的安全保護、避免不當的資料存取以及提升隨身 碟的便利性,本發明的主要特徵摘要如下: (1) #碼鎖(或稱為電子開關)與安全防護勃體: 密碼鎖用以設定及儲存安全密碼;安全防護韌體用以驗證密碼 鎖之密碼與電腦使用者之密碼,僅在驗證通過後,始得寫入資 料至記憶體,因此可有效防止電腦自動寫入資料至隨身碟。 (2)連結控制鍵: 3 201037596 觸壓連結控制鍵後,控制器會安全地斷開記憶體與電腦 連結:因料聽制料當地拔鱗輕峨_存於/的 碟的資料。 (3)提升便利性:^Disc. However, the general-purpose flash drive does not have the function of security protection. Therefore, it is lost due to improper operation of software or hardware. The following are listed as follows: (1) On the software, the access: the access: _ has become an important medium for distributing important information or spreading viruses; and flying weighing (2) hardware is not removed: the instructions for unloading the flash drive are not removed, the removable disk of the connected computer is removed, and the flash drive is damaged. . The safety protection scheme proposed by the invention can effectively reduce or avoid improper operation on the software or the hardware. JD can avoid the loss, theft or damage of the flash drive, and further improve the convenience of the flash drive. SUMMARY OF THE INVENTION In order to improve the security protection of electronic materials, avoid improper data access, and improve the convenience of the flash drive, the main features of the present invention are summarized as follows: (1) #码锁(or electronic switch) and security protection Boss: The password lock is used to set and store the security password; the security firmware is used to verify the password of the password lock and the password of the computer user. After the verification is passed, the data is written to the memory, so it can effectively prevent The computer automatically writes the data to the flash drive. (2) Link control button: 3 201037596 After the touch control button is pressed, the controller will safely disconnect the memory from the computer: the material of the disc stored in the disc is stored. (3) Improve convenience:
密碼鎖可以是一種電子鎖(或電子開關),所設定的安全 顯示在硬體上,以避免使用者忘記安全密碼,並可同時避= 腦自動寫入資料至隨身碟;連結控制鍵可透過控制器送^ 指令’以安全地斷開該隨身碟與該之間的連結,因此用 者無須在電腦上執行卸除隨身碟的指令,進而提升了隨= 作的便利性;或者連接於電腦的隨身碟為退出狀態,亦可利= 連結控制鍵執行連接指令而與電腦重新建立連接。 【實施方式】 本發明所建議方案糊密碼鎖、安全防_體以及連結控制鍵 裝置提昇隨身韻安錄護措施⑽免硬體上或倾上不纽操作, 同時提升隨身碟毅雛,以下棚實補並配合赋本發明之 枯術將撒。 〇 本發明-實施例之結構方塊圖,如圖丨。隨身碟1()1以一通用匯 流排(universal serial bus,USB)連接埠做為通訊介面,稱為娜介面 1〇2。記憶體104用以儲存資料,控制器1〇3連接於聰介面1〇2盥 記憶體104以控制電腦與隨身碟1〇1間的通訊。密碼鎖1〇6與連結控 制鍵1〇5連接於控制器1〇3,分別控制寫入的准否以及隨身碟1〇1與 電腦間通訊的斷連(connection and disconnection)。另外,隨身碟101 具有一外殼以保護内部電子元件,外殼未示於圖^。 控制器103儲存安全防護動體以及執行安全防護_。密碼鎖1〇6 為-電子鎖’可採贿位電子鎖或二元電子鎖,是—種糊IC電路實 作的電子鎖,可魏錄式的防_易於被人伽缺點;另外,密碼 鎖106具有-顯示介面,用以魏密碼鎖1〇6所設定的密碼,以避免 201037596 使用者忘記安全密碼。當電腦傳輸資料至隨身碟101日夺, 讀取密碼鎖106的密碼以及電腦使用者的密碼,並透過安ς 4 j 驗證密碼鎖丨〇6的密碼與電腦使用者的密碼。若驗證成功,則控t 103准許資料寫入記憶體104 ;反之,若驗證失敗,則控 嘴 資料寫入記憶體104。 技103不准 Ο Ο 控制器可接收連結控繼1〇5的指令,而安全地 記憶體辦與電腦之間的連結。當連接於電腦的隨身碟未執行卸^ 7時,使用按下連接控制鍵以發出卸除指令,因此隨身碟可自由的: 除;或者連結於Μ的隨㈣實際上已卸除,制者 鍵105建立隨身碟與電腦之通訊。 運、、°控制 〜本發明之-實關是·密碼驗的方法來防止電腦自 貧料至隨:« 10卜密碼驗證的方法是在電_輸資料至隨身碟⑼ 時’驗證密碼鎖1〇6所設定密碼與電腦使用者密碼,若驗證成功,於 准許資料寫人至隨身碟101的記麵1G4,反之難絕資料寫入隨σ 碟。驗證密碼的方法以安全防護幢方式紀錄於控㈣1G3。以 2a與圖2b所示實關,制本發明#料寫人的安全防護方法之精神。 如圖2a所示實施例之資料寫入的安全防護方法,包括下列 當電腦傳輸資料至隨身碟時,讀取使用者輸人至電腦的驗證密碼 (sioo),並讀取密碼鎖所設定之安全密碼(S2〇〇)。然後,驗證電腦使用 者的密碼以及密碼鎖的密碼(S300)。若驗證成功,則准許資料寫入至 隨身碟(S4〇0);若驗證失敗,則不准資料寫入至隨身碟(8夠。 如圖2b所示實施例之_寫人的安全防護方法,與上述的驗證 方法的差異在於計算驗證失敗次數,詳細說明如下: 當電腦傳輸資料至隨身碟時’讀取電腦使用者的密碼(s㈣,讀 取密碼鎖所設定的密碼(S200)。然後,驗證電腦使用者的密碼以及密 碼鎖之密碼(S3GG)。若驗證成功,則准料料寫人至隨輕(s4〇〇);若 驗證失敗,斷紐證失敗的次數(s_),並比較賴纽次數與一 201037596 臨界值(S610)。若驗證失敗的次數高於臨界值,則判斷資料為惡意寫 入操作’不准資料寫入至隨身碟(S500);若驗證失敗的次數未達臨界 值’則要求使用者重新輸入驗證密碼,並持續驗證二密碼(S300)。 驗3正電腦用者的密碼與密碼鎖的密碼(S3〇〇)可以直接比對二者是 否—致,一致時表示成功,不一致表示失敗;或是驗證一演算法,即 電腦使用者的密碼及/或密碼鎖的密碼經由演算法後所得到真假值,分 別表示驗證成功及失敗。The password lock can be an electronic lock (or electronic switch). The set security is displayed on the hardware to prevent the user from forgetting the security password. At the same time, the brain can automatically write data to the flash drive; the link control button can be used to The controller sends a command 'to safely disconnect the connection between the flash drive and the user, so that the user does not need to execute the command to remove the flash drive on the computer, thereby improving the convenience of the user; or connecting to the computer The flash drive is in the exit state, and the connection control button can be used to perform a connection command to re-establish a connection with the computer. [Embodiment] The solution proposed by the invention is a paste lock, a security anti-body and a connection control key device, which enhances the portable rhyme security screening measures (10) to avoid hard or tilting operation, and at the same time enhance the portable disc, the following shed The actual and combined with the invention of the invention will be sprinkled.结构 The block diagram of the structure of the present invention-embodiment, as shown in FIG. The USB flash drive 1()1 uses a universal serial bus (USB) port as the communication interface, called Nana Interface 1〇2. The memory 104 is used for storing data, and the controller 1〇3 is connected to the memory device 104 to control the communication between the computer and the flash drive 101. The combination lock 1〇6 and the connection control key 1〇5 are connected to the controller 1〇3 to control the registration and the disconnection (connection and disconnection) of the communication between the USB flash drive and the computer. In addition, the drive 101 has a housing to protect internal electronic components, and the housing is not shown in FIG. The controller 103 stores the safety protection body and performs safety protection_. Password lock 1〇6 is - electronic lock 'can be used to accept bribe electronic lock or binary electronic lock, is an electronic lock for the implementation of a paste IC circuit, can be Wei-style anti- _ easy to be riddled by people; in addition, password The lock 106 has a - display interface for the password set by the Wei lock 11-6 to prevent the 201037596 user from forgetting the secure password. When the computer transmits the data to the flash drive for 101 days, the password of the password lock 106 and the password of the computer user are read, and the password of the password lock 6 and the password of the computer user are verified by the installation. If the verification is successful, the control t 103 permits the data to be written to the memory 104; conversely, if the verification fails, the control data is written to the memory 104. The technology 103 is not allowed. The controller can receive the command of the connection control 1〇5, and safely remember the connection between the body and the computer. When the flash drive connected to the computer is not unloaded, use the press control button to issue a dismount command, so the flash drive is free: except; or the link to the Μ is actually removed, the maker The key 105 establishes communication between the flash drive and the computer. Transportation, ° ° control ~ the actual - is a password check method to prevent the computer from the poor material to the following: « 10 password verification method is in the electricity _ loss data to the flash drive (9) 'validate password lock 1 〇6 set password and computer user password, if the verification is successful, the data is written to the face 1G4 of the portable disk 101, and the data is written to the σ disc. The method of verifying the password is recorded in the security guard building mode (4) 1G3. The spirit of the safety protection method of the invention is written by 2a and FIG. 2b. The security protection method for writing data in the embodiment shown in FIG. 2a includes the following: when the computer transmits data to the flash drive, the verification password (sioo) input by the user to the computer is read, and the password lock is set. Security password (S2〇〇). Then, verify the password of the computer user and the password of the password lock (S300). If the verification is successful, the data is allowed to be written to the flash drive (S4〇0); if the verification fails, the data is not allowed to be written to the flash drive (8 is enough. As shown in Figure 2b, the security protection method of the writer is written. The difference from the above verification method is to calculate the number of verification failures. The details are as follows: When the computer transmits data to the flash drive, 'read the computer user's password (s (four), read the password set by the password lock (S200). Then , verify the password of the computer user and the password of the password lock (S3GG). If the verification is successful, the quasi-materials are written to the light (s4〇〇); if the verification fails, the number of failures of the broken certificate (s_), and Compare the number of times and the threshold of 201037596 (S610). If the number of verification failures is higher than the threshold, then the data is judged to be a malicious write operation 'No data is written to the flash drive (S500); if the number of verification failures is not The threshold value requires the user to re-enter the verification password and continue to verify the second password (S300). The password of the computer user and the password of the password lock (S3〇〇) can directly compare whether the two are correct. Consistent, indicating success, inconsistency table The failure is displayed; or the verification algorithm, that is, the password of the computer user and/or the password of the password lock is obtained by the algorithm, and the verification succeeds and fails.
另外,判斷驗證密碼與安全密碼不一致或判斷為惡意寫入後,控 制益103可發出警告信息’其可以於電腦的__顯示驗示對話框的方 式通知使用者,或者是使設置於隨身碟上的—顯示燈顯示—信息燈號 的方式通知使用者。 圖3a與圖3b所示分別為數位式電子鎖與二元式電子鎖的實施 例二圖3a所示隨身碟之外殼具有控繼1〇5與數位式電子鎖ι〇6。電 :鎖106的位元數目可依需求罐,此實細是三個位元的電子鎖。 電子鎖106的每-個位元的值可以是數字、字元或是其組合,每一個 位元的值可藉由設定紐1()7設定位元的值,此三個位元所設定的位元 值構成密碼。 圖3b所示隨身碟之外殼具有控繼1〇5與二元式電子鎖胁 電子鎖1〇6的位元數目可依需求調整,此實施例是四個位元的電子 鎖,電子鎖106每-個位元的值可為真或假,利用此四個位元值構 成密碼。 圖4所示隨身碟之實施例,除具有控制鍵1〇5與數位式電子鎖 106外自更包含-顯示燈⑽,用以顯示驗證密蝴 致的信息燈號。 个 僅係為說明本發明之技術思想及特 點,其目的在錢習此項技藝之人士能夠瞭解本發明之内容 並據以實施,當無法以之限定本發明之專利範圍,即大凡依 201037596 本發明所揭示之精神所作之均等變化或修飾,仍應涵蓋在本 發明之專利範圍内。In addition, after judging that the verification password is inconsistent with the security password or is determined to be maliciously written, the control benefit 103 may issue a warning message 'it may notify the user in the manner of displaying the verification dialog box of the computer, or make the setting on the flash drive. On the - display light display - information light way to inform the user. Figure 3a and Figure 3b show the implementation of the digital electronic lock and the binary electronic lock respectively. The second embodiment of the portable disk has the control 1〇5 and the digital electronic lock ι〇6. Electricity: The number of bits of the lock 106 can be as required, which is a three-bit electronic lock. The value of each bit of the electronic lock 106 can be a number, a character, or a combination thereof, and the value of each bit can be set by setting a button 1 (7), and the three bits are set. The bit value constitutes a password. The number of bits of the cover of the flash drive having the control panel 1 and the binary electronic lock-up electronic lock 1〇6 shown in FIG. 3b can be adjusted according to requirements. This embodiment is a four-bit electronic lock, and the electronic lock 106 The value of each bit can be true or false, and the four bit values are used to form a password. In the embodiment of the flash drive shown in Fig. 4, in addition to the control button 1〇5 and the digital electronic lock 106, a display-light (10) is further included for displaying the information light of the verification key. The purpose of the present invention is to explain the technical idea and the features of the present invention. The purpose of the present invention is to enable the person skilled in the art to understand the contents of the present invention and to implement the invention, and the scope of the patent of the present invention cannot be limited thereto, that is, Dafanyi 201037596 Equivalent variations or modifications made by the spirit of the invention should still be included within the scope of the invention.
7 201037596 【圖式簡單說明】 圖1所示為本㈣具安全防_隨身碟實 施例之架構圖。 圖2a與圖 2b所示為本發明密碼驗證方法實 實施例之流程圖。7 201037596 [Simple description of the diagram] Figure 1 shows the architecture of the (4) security-defense solution. 2a and 2b are flowcharts showing an embodiment of the password verification method of the present invention.
實施例之外觀示意 示意圖,用以說 【主要元件符號說明】 101 隨身碟 102 USB介面 103 控制器 辦 記憶體 105 連結控制鍵 1〇6 密碼鎖 107 設定紐 108 顯示燈 S100、S200、S300、S400、S500、S600、S610 步驟Schematic diagram of the appearance of the embodiment, used to say [main component symbol description] 101 flash drive 102 USB interface 103 controller memory 105 connection control key 1 〇 6 password lock 107 setting button 108 display lights S100, S200, S300, S400 , S500, S600, S610 steps