CN1154050C - Virtual magnetic disk method under windows - Google Patents
Virtual magnetic disk method under windows Download PDFInfo
- Publication number
- CN1154050C CN1154050C CNB011323450A CN01132345A CN1154050C CN 1154050 C CN1154050 C CN 1154050C CN B011323450 A CNB011323450 A CN B011323450A CN 01132345 A CN01132345 A CN 01132345A CN 1154050 C CN1154050 C CN 1154050C
- Authority
- CN
- China
- Prior art keywords
- virtual disk
- disk
- data
- file
- virtual
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
Abstract
The present invention discloses a method of making a virtual magnetic disk in a Windows environment. At present, Windows series software does not provide a data security protection function, and all users can access data in a magnetic disk because the Windows series software lacks powerful security protection measures for users' data. The present invention well solves the problem, provides the method of making the virtual magnetic disk in the Windows environment so that data stored in the virtual magnetic disk can be strictly protected, and users without passwords or unauthorized users can not access the data stored in the virtual magnetic disk. The virtual magnetic disk maps a file in an actual hard disk, and the writing and the reading to the virtual magnetic disk all map the writing and the reading to the actual file. The data stored in the virtual magnetic disk is protected by various encryption algorithms, and thus, the data security can be guaranteed.
Description
Technical field
The present invention relates to computer software, information security software and system tool software field, relate in particular to a kind of under the Windows environment method of virtual disk.
Background technology
The Windows groupware comprises a plurality of members, now the widely used Windows 9x groupware and the WindowsNT/2000 of comprising.The Windows 9x groupware is the operating system software that ordinary PC is used, and it provides the platform of work and amusement for general computer user.And WindowsNT/2000 possesses than the much better than stability of the Windows 9x groupware owing to it, and the not available security function of the Windows 9x groupware, is the first-selection of PC operating system software in the enterprise.But the Windows groupware does not provide the safety protection function of data, and all users can visit the data on the disk, does not provide strong safeguard measure for user's private data.
The method that increases disk in system is provided in the kit of the Windows groupware, and operating system provides increases the calling interface of disk, but does not use this method to protect the practical application of user's data.
Though common encryption software can be finished the encryption and decryption of data, the operation of file is still undertaken by operating system (Windows), so can't avoid the existence of the data of clear-text way., must come out encrypted file decryption just can operate at the software that uses common data encryption technology when using encrypted file, after operation is finished, must encrypt the file that upgraded again, this be very inconvenient for the user.And the general user forgets the deletion file deciphering out easily after operation is finished, even and in explorer, deleted file also may be by other software rejuvenation, this is just very dangerous.
Based on above-mentioned the deficiencies in the prior art part, we consider a virtual security disk in system, it can guarantee the clear data that any time does not exist Any user to see on the disk of physics in explorer, that is: the data that can see of user all exist with encrypted form on actual disk forever, as long as close virtual disk files, can be used for stealing the data that the user is placed on virtual disk files without any the method for technical feasibility.
Summary of the invention
The objective of the invention is to propose create a virtual security disk in the Windows system, the data that leave in this disk are subjected to strict protection, do not have password or unwarranted user can't visit the data of this disk.The user can operate encrypt file on this virtual disk, and needn't be decrypted the flow process of file, editing files and encrypt file, can't stay the remains of declassified document and temporary file in system.
The present invention proposes a kind of under the Windows environment method of virtual disk, its implementation is as described below:
A kind of under the Windows environment method of virtual disk, utilize Windows 9x/NT disk driver interface in the Windows system, create one with hard disk in the corresponding virtual disk of actual file, said method comprising the steps of:
A. from the virtual disk corresponding file, read the information of the virtual disk that will generate, the file system that the sector number that comprises comprising the capacity of disk, cylinder number that disk comprises and magnetic head number, each cylinder, the byte number that each sector comprises and disk use;
B. virtual disk driver is according to disk unit of information creating of the virtual disk of reading among the step a;
C. use the interface of the increase disk that operating system provides, the disk unit of creating among the step b is submitted to operating system this disk unit can be used in system;
Wherein, the virtual disk corresponding file had built among the hard disk before creating virtual disk; The information of preserving in the virtual disk corresponding file is subjected to the protection of cryptographic algorithm, must obtain secret key with certain form it is deciphered, to read file content.Disk unit according to the information creating of the virtual disk of reading among the step a is actually a data structure that comprises virtual disk information.
Create after the virtual disk, just in system, increased a virtual disk, such as if hard disk, floppy drive and a CD-ROM drive were arranged in user's the system originally, then he can see A in explorer:, C: and D: three disks, can operate these three dishes, and after creating disk partition, having more a drive in the explorer is E: disk, drive can be selected by the user, can carry out any operation that the normal magnetic flux dish can carry out on this disk, actual effect is for to operate this disk corresponding file.
After virtual disk generated, virtual disk driver had been intercepted and captured all disks and has been called, and judges whether system calls virtual disk, if then call virtual disk; If not, then be to the calling of original disk in the system, directly finish by operating system.
Calling virtual disk may further comprise the steps:
A. the position of information data on disk of calling according to this time calculates the position of this information in the virtual disk corresponding file, and computing method are as described below:
Determine the position of data in virtual disk that will read or write, this position comprises three parameters: cylinder number C, head number H and sector number S are used for calculating real data in the side-play amount of virtual disk files with respect to file header:
Suppose that virtual disk comprises nC cylinder altogether, nH magnetic head, a magnetic head control nS sector on each cylinder, each sector comprises nB byte, the cylinder number of this read-write is that C, head number are that H and sector number are S, then needs the data that read or write with respect to the skew of file header the most in virtual disk files:
Offset (side-play amount)=(C * nH * nS+H * nS+S-l) * nB;
C * nH * nS is illustrated in the cylinder C sector number before at the data place that will read or write, H * nS is illustrated in the magnetic head H sector number before at the data place that will read or write among the cylinder C, S-l is illustrated in the sector S sector number before at the data place that will read or write among the magnetic head H, three's sum is the summation of the sector number of the data front that will read or write, and the byte number that multiply by each sector again obtains the side-play amount of data apart from file header:
B. determine that information data that this time call is this information data shared length in disk file in the length on the disk;
C. if read virtual disk, then according to the information data that will read position and the length data that from the virtual disk corresponding file, read needs in the virtual disk corresponding file, and the data of reading are decrypted, the result of deciphering is returned to the user;
D. if write virtual disk, then encrypt the data that will write, and, data encrypted is write in the virtual disk corresponding file according to the position and the length of the information data that will write in the virtual disk corresponding file.
Although the password that the user selects is changeable, the actual key that is used for encrypting virtual disk is generated automatically by system, can adopt 128 or 256 s' random key according to different needs, use the virtual disk of 256 random keys to crack with the violence method.
The key of encrypting virtual disk also is kept in the virtual disk files with encrypted form, and the user can select to encrypt this key with password or certificate, and can use IC-card to preserve the private key of this password or certificate correspondence.
The password of encryption key is not present in the virtual disk files with plaintext or encrypted form, but only in virtual disk files, deposit the summary of a password, whether the password that the character of digest algorithm has determined it both can be used for verifying that the user imported is correct, can not reveal information such as the concrete data of password and length again.
The remarkable result that the present invention had is:
The user can use password or digital certificate to set up virtual disk, and it supports IC-card and USB socket identification apparatus.And each user can set up a plurality of virtual disks, and each virtual disk is supported a plurality of user captures.
The file operation of virtual disk complete simulation physical disk, encryption and decryption are transparent to the user.
The virtual disk capacity is limited by disc free space only.Support Windows 9x, WindowsNT, Windows 2000 platforms, support FAT, FAT32 and new technology file system.
After virtual disk is installed, the no tangible time delay of the normal file of Windows system operation.
Description of drawings
Fig. 1: the simple flow chart of system call virtual disk
Embodiment
The present invention is described in further detail below in conjunction with accompanying drawing.
A kind of under the Windows environment method of virtual disk, utilize Windows 9x/NT disk driver interface in the Windows system, create one with hard disk in the corresponding virtual disk of actual file, said method comprising the steps of:
A. from the virtual disk corresponding file, read the information of the virtual disk that will generate, the file system that the sector number that comprises comprising the capacity of disk, cylinder number that disk comprises and magnetic head number, each cylinder, the byte number that each sector comprises and disk use;
B. virtual disk driver is according to disk unit of information creating of the virtual disk of reading among the step a;
C. use the interface of the increase disk that operating system provides, the disk unit of creating among the step b is submitted to operating system this disk unit can be used in system;
Wherein, the virtual disk corresponding file had built among the hard disk before creating virtual disk; The information of preserving in the virtual disk corresponding file is subjected to the protection of cryptographic algorithm, must with certain form or secret key it is deciphered, and read file content.Disk unit according to the information creating of the virtual disk of reading among the step a is actually a data structure that comprises virtual disk information.
Create after the virtual disk, just increased a virtual disk in system, if such as hard disk, floppy drive and a CD-ROM drive were arranged in user's the system originally, then he can see A in explorer:, C: and D; Three disks, can operate these three dishes, and after creating disk partition, having more a drive in the explorer is E: disk, drive can be selected by the user, can carry out any operation that the normal magnetic flux dish can carry out on this disk, actual effect is for to operate this disk corresponding file.
After virtual disk generated, virtual disk driver had been intercepted and captured all disks and has been called, and judges whether system calls virtual disk, if then call virtual disk; If not, then be to the calling of original disk in the system, directly finish by operating system.
Calling virtual disk may further comprise the steps:
A. the position of information data on disk of calling according to this time calculates the position of this information in the virtual disk corresponding file, and computing method are as described below:
The definite position of data in virtual disk that will read or write, this position comprises three parameters: cylinder number, head number and sector number are used for calculating real data in the side-play amount of virtual disk files with respect to file header;
Suppose that virtual disk comprises nC cylinder altogether, nH magnetic head, a magnetic head control nS sector on each cylinder, each sector comprises nB byte, the cylinder number of this read-write is that C, head number are that H and sector number are S, then needs the data that read or write with respect to the side-play amount of file header to be in virtual disk files:
Offset (side-play amount)=(C * nH * nS+H * nS+S-l) * nB;
C * nH * nS is illustrated in the cylinder C sector number before at the data place that will read or write, H * nS is illustrated in the magnetic head H sector number before at the data place that will read or write among the cylinder C, S-l is illustrated in the sector S sector number before at the data place that will read or write among the magnetic head H, three's sum is the summation of the sector number of the data front that will read or write, and the byte number that multiply by each sector again obtains the side-play amount of data apart from file header;
B. determine that information data that this time call is this information data shared length in disk file in the length on the disk;
C. if read virtual disk, then according to the information data that will read position and the length data that from the virtual disk corresponding file, read needs in the virtual disk corresponding file, and the data of reading are decrypted, the result of deciphering is returned to the user;
D. if write virtual disk, then encrypt the data that will write, and, data encrypted is write in the virtual disk corresponding file according to the position and the length of the information data that will write in the virtual disk corresponding file.
Wherein, the secret key of encrypting virtual disk is generated automatically by system, the secret key at random of encrypting virtual disk can adopt 128 or 256 according to actual needs, the secret key of encrypting virtual disk is kept in the virtual disk files with encrypted form, the user can select to encrypt this secret key with password or certificate, and can use card to preserve the private spoon of this password or certificate correspondence, the password of encryption key is not present in the virtual disk files with plaintext or encrypted form, and just in the virtual secure disk file
In deposit the summary of a password.
Claims (11)
1, a kind of under the WINDOWS environment method of virtual disk, it is characterized in that, utilize Windows9x/NT disk driver interface in the Windows system, create one with hard disk in the corresponding virtual disk of actual file, said method comprising the steps of:
A. from the virtual disk corresponding file, read the information of the virtual disk that will generate, the file system that the sector number that comprises comprising the capacity of disk, cylinder number that disk comprises and magnetic head number, each cylinder, the byte number that each sector comprises and disk use:
B. virtual disk driver is according to disk unit of information creating of the virtual disk of reading among the step a;
C. use the interface of the increase disk that operating system provides, the disk unit of creating among the step b is submitted to operating system this disk unit can be used in system;
2, method according to claim 1, it is further characterized in that the virtual disk corresponding file had built among the hard disk before creating virtual disk, the size of described file is the capacity of virtual disk, is used for preserving the data of virtual disk.
3, method according to claim 1, it is further characterized in that the information of preserving in the virtual disk corresponding file is subjected to the protection of cryptographic algorithm, must obtain secret key with certain form it is deciphered, to read file content.
4, method according to claim 1, it is further characterized in that, is actually a data structure that comprises virtual disk information according to the disk unit of the information creating of the virtual disk of reading among the step a.
5, method according to claim 1, it is further characterized in that, behind the establishment virtual disk, has increased a virtual disk in the system, promptly has more a disk with drive name in explorer, this drive name can be named voluntarily by the user.
6, method according to claim 1, it is further characterized in that after virtual disk generated, virtual disk driver had been intercepted and captured all disks and called, and judges whether system calls virtual disk, if then call virtual disk; If not, then be to the calling of original disk in the system, directly finish by operating system.
7, method according to claim 6, it is further characterized in that, calls virtual disk and may further comprise the steps:
A. the position of information data on disk of calling according to this time calculates the position of this information in the virtual disk corresponding file, and computing method are as described below:
Determine the position of data in virtual disk that will read or write, this position comprises three parameters: cylinder number C, head number H and sector number S are used for calculating real data in the side-play amount of virtual disk files with respect to file header:
Suppose that virtual disk comprises nC cylinder altogether, nH magnetic head, a magnetic head control nS sector on each cylinder, each sector comprises nB byte, the cylinder number of this read-write is that C, head number are that H and sector number are S, then needs the data that read or write with respect to the side-play amount of file header to be in virtual disk files:
Offset (side-play amount)=(C * nH * nS+H * nS+S-l) * nB;
C * nH * nS is illustrated in the cylinder C sector number before at the data place that will read or write, H * nS is illustrated in the magnetic head H sector number before at the data place that will read or write among the cylinder C, S-l is illustrated in the sector S sector number before at the data place that will read or write among the magnetic head H, three's sum is the summation of the sector number of the data front that will read or write, and the byte number that multiply by each sector again obtains the side-play amount of data apart from file header;
B. determine that information data that this time call is this information data shared length in disk file in the length on the disk;
C. if read virtual disk, then according to the information data that will read position and the length data that from the virtual disk corresponding file, read needs in the virtual disk corresponding file, and the data of reading are decrypted, the result of deciphering is returned to the user;
D. if write virtual disk, then encrypt the data that will write, and, data encrypted is write in the virtual disk corresponding file according to the position and the length of the information data that will write in the virtual disk corresponding file.
8, method according to claim 2, it is further characterized in that the secret key of encrypting virtual disk is generated automatically by system.
9, method according to claim 8, it is further characterized in that the secret key at random of encrypting virtual disk can adopt 128 or 256 according to actual needs.
10, method according to claim 9, it is further characterized in that, the secret key of encrypting virtual disk is kept in the virtual disk files with encrypted form, and the user can select to encrypt this secret key with password or certificate, and can use card to preserve the private spoon of this password or certificate correspondence.
11, method according to claim 10, it is further characterized in that the password of cryptographic keys is not present in the virtual disk files with plaintext or encrypted form, and just deposits the summary of a password in the virtual secure disk file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB011323450A CN1154050C (en) | 2001-11-29 | 2001-11-29 | Virtual magnetic disk method under windows |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB011323450A CN1154050C (en) | 2001-11-29 | 2001-11-29 | Virtual magnetic disk method under windows |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1373424A CN1373424A (en) | 2002-10-09 |
| CN1154050C true CN1154050C (en) | 2004-06-16 |
Family
ID=4671376
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB011323450A Expired - Fee Related CN1154050C (en) | 2001-11-29 | 2001-11-29 | Virtual magnetic disk method under windows |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1154050C (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100464315C (en) * | 2006-05-22 | 2009-02-25 | 中国软件与技术服务股份有限公司 | Mobile memory divulgence protection method and system |
| TWI343014B (en) * | 2006-09-07 | 2011-06-01 | Via Tech Inc | Virtual disks management methods and systems |
| CN101853363B (en) * | 2010-05-07 | 2012-08-08 | 飞天诚信科技股份有限公司 | File protection method and system |
| CN101923678A (en) * | 2010-07-30 | 2010-12-22 | 武汉天喻信息产业股份有限公司 | Data security protection method of enterprise management software |
| CN103020537B (en) * | 2011-09-22 | 2015-07-22 | 腾讯科技(深圳)有限公司 | Data encrypting method, data encrypting device, data deciphering method and data deciphering device |
| CN105550582B (en) * | 2015-12-11 | 2018-08-14 | 福建联迪商用设备有限公司 | Access the method and system of virtual disk |
| CN109325355A (en) * | 2018-01-11 | 2019-02-12 | 白令海 | Mobile terminal data method for secure storing based on virtual disk |
-
2001
- 2001-11-29 CN CNB011323450A patent/CN1154050C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1373424A (en) | 2002-10-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101563461B1 (en) | Method, server and computer program for security management in database | |
| EP0654920B1 (en) | Method for the efficient updating of the hash value of a data file | |
| KR100463842B1 (en) | Apparatus for managing key in afile security system and method for managing security key | |
| CN101408916B (en) | A method for protecting privacy of Internet software online | |
| CN1234081C (en) | Method and device for realizing computer safety and enciphering based on identity confirmation | |
| CN1294457A (en) | Encrypted/deencrypted stored data by utilizing disaccessible only secret key | |
| JP2009225437A (en) | Secure disposal of stored data | |
| EP1012691A1 (en) | Encrypting file system and method | |
| US20080235521A1 (en) | Method and encryption tool for securing electronic data storage devices | |
| CN101122938A (en) | A method and system for securely processing data files | |
| CN102693399B (en) | System and method for on-line separation and recovery of electronic documents | |
| CN1782941A (en) | Software authorizing and protecting device and method | |
| CN104834840B (en) | Cipher code protection method based on mapping drift technology | |
| KR20100031248A (en) | Method for protecting private information of personal computer and computer readable recording medium therefor | |
| CN1154050C (en) | Virtual magnetic disk method under windows | |
| CN117521140A (en) | A data hiding and rapid destruction method | |
| CN110837634B (en) | Electronic signature method based on hardware encryption machine | |
| CN1266617C (en) | A kind of computer data protection method | |
| CN118967423A (en) | Image copyright protection method and system based on blockchain and spatial watermark | |
| US20070186287A1 (en) | Data storage | |
| CN1454351A (en) | Method for editing/restoring electronic information | |
| KR20160114492A (en) | Method, server and computer program for security management in database | |
| CN1514572A (en) | Distribution type data encryption method | |
| CN117454412A (en) | Encryption and decryption file system and method | |
| CN101814120A (en) | Word document data transfer based on digital watermarking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20040616 Termination date: 20141129 |
|
| EXPY | Termination of patent right or utility model |