Study And Realization Of USB Access Control System Based On WDM Filter Driver

With the development of the computer technology, the USB interface has became astandard configuration interface for the personal computers. Because of the transmissionspeed of USB technology and the plug and play advantage, USB removable storagedevices has became the main medium of data transferred. However, it also broughtsome security risks. On the one hand, the eavesdropper can remove personal privacy,the state secrets or commercially sensitive information quickly without the presence oflegitimate users; On the other hand, the violation of the legitimate users and over theright action may also be a USB storage device as a transit media.In this paper, the author used the WDM filter driver to design and implement acontrol system of USB removable storage access. The system can control the user toread or write the USB removable storage devices on the PC, and then ensure the safetyof the machine data. When the device plugs into the computer, the system willautomatically record the information of the device, and control to read or write. For theusers who can read or write the device, the system will record his operating history,such as to read and delete a file or a folder.The major works that the author done in this paper is:1. A detailed analysis of the Windows kernel mechanisms, drive technology, andhow to use the WDM filter driver for USB access control implementations;2. The use of role-based access control technology to achieve the privilegesubsystem, the use of WDM filter driver technology to achieve the USB access controlsubsystem, use FileSystemWatcher USB file monitoring subsystem, and discuss the keytechnologies;3. The test and summary for the system.In the organization of the article, the author introduces the theoretical knowledgewhich the developer must understand and master in the first half of this paper, includingthe mechanism of the Windows kernel, executable components and driver development.The author also analyzes the relationships among them and how to use them to developthe drivers. And then, the paper introduces the concepts and basic knowledge of WDMto make a theoretical foundation for the future research and development.After introducing the relevant basic theory, in the latter part of the paper, the authoranalyzes the technical problems to be solved in the research and development projects, including the system requirements analysis, architecture design, as well as the specificmethods to realize these requirements and capabilities.In the end of the article, the author made a test on the control system, and proposedthe problems and deficiencies of the system.