Is there a USB with encryption that can only open content on a specific PC?

Asked 2 months ago, Updated 2 months ago, 3 views

Is there a USB with encryption that can only open content on a particular PC?

The goal is to include sensitive data to be distributed to USB so that only certain authorized users can view it.Also, I think it is a use case where information cannot be copied from the USB to the PC.If necessary, insert the USB and refer to the file, but the PC does not have any information left in the USB.Even if you lose a USB, you can only open it on that particular PC (user).

I don't mind if it's similar to this.If you have any ideas, I would appreciate it if you could share them with me.
Thank you for your cooperation.

usb

2022-09-30 11:44

3 Answers

Let's talk about Windows 10 Pro (or higher edition).

It seems that BitLocker can only open the key file on a PC with the key file instead of the password.However, once the key file is copied, it is over, and you cannot restrict the removal of the file from USB.

If you want to impose restrictions such as not being able to retrieve files, I think you need to use a more comprehensive encryption software.The products that I know will be able to do are Hitachi Solutions' secret series and Fujitsu B.S.C.'s FENCE series.I think it would be faster to consult Hitachi and Fujitsu sales about these products than to ask here.


2022-09-30 11:44

I've seen a product that looks like that, but I can't tell you because I was guided to avoid the name of the manufacturer on the spot.

If you're going to do it with a product, you should contact a sales representative of an IT company that is strong in HW around IBM, Toshiba, NEC, and Fujitsu.

If you are creating your own application, the PC side will provide HW information such as device ID and serial of connected device including internal device and USB drive,
Obtain all the mac addresses of N/W equipment, software license key information, etc., and create a long decision key. A part of the whole drive is divided into an encrypted USB drive and a PC side and held.
Provide a security server on the LAN to determine if it is legitimate and return the remaining keys.
Do you mean that decryption keys should also be stored separately into USB drives, PCs, and security servers?

If you go this far, you won't be able to decrypt it just by replacing parts on your PC.


2022-09-30 11:44

点数 I will write my thanks here because I cannot reply to your comments because I don't have enough points.

@PicoSushi
Thank you very much。Certainly, there is a limit to dealing with malicious users.

@sayuri
Thank you.The main operating system is Win10.We distribute Win8 and earlier using CD+Disclone.

@lucky
It's easy and attractive to put BitLocker key files in a client PC, but as you said, there's no guarantee that the key files themselves won't be copied or you can't take them out (although it's okay if you don't open them on another PC).
I knew Fujitsu's FENCE, but I didn't know Hitachi's secret series.Thank you for the information.Let me check.

@ passing by
IBM, Toshiba, NEC and Fujitsu all offer security solutions, but they are all quite large and cost too much.This time, we only distribute a set of product-related documents to users who can only use content offline, and only do it a few times a year.That's why we need to think about solutions that can be deployed as small as possible.However, I don't think about making my own work (I'm currently using a certificate system that I made myself, but I feel the risk is that we have to deal with everything ourselves and there are only a few people who can handle it).


2022-09-30 11:44

If you have any answers or tips


© 2022 OneMinuteCode. All rights reserved.