CN1517888A - storage unit data protection method and system - Google Patents
storage unit data protection method and system Download PDFInfo
- Publication number
- CN1517888A CN1517888A CNA031004733A CN03100473A CN1517888A CN 1517888 A CN1517888 A CN 1517888A CN A031004733 A CNA031004733 A CN A031004733A CN 03100473 A CN03100473 A CN 03100473A CN 1517888 A CN1517888 A CN 1517888A
- Authority
- CN
- China
- Prior art keywords
- storage unit
- user
- data
- identification module
- user identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000005192 partition Methods 0.000 claims abstract description 38
- 238000012545 processing Methods 0.000 claims abstract description 34
- 230000015654 memory Effects 0.000 claims abstract description 29
- 230000006870 function Effects 0.000 claims description 7
- 239000004973 liquid crystal related substance Substances 0.000 claims 2
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
技术领域technical field
本发明是关于一种储存单元数据保护方法以及系统,特别是关于一种应用在硬盘储存单元的数据处理装置的方法与系统。The present invention relates to a storage unit data protection method and system, in particular to a method and system applied to a data processing device of a hard disk storage unit.
背景技术Background technique
由于电子信息科技的一日千里,诸如个人计算机或笔记本型计算机等数据处理装置已成为我们日常生活中不可或缺的一部分。使用者除了可以通过该数据处理装置进行程序编写执行单纯的资料处理外,还能够通过强大的运算功能,作为声音、影像或声音影像相结合等多媒体资料的传播媒介,换句话,使用者能够通过该数据处理装置执行多媒体的编辑制作及播放等工作。另一方面,由于有线及无线的网络通讯环境的日益成熟,再加上该数据处理装置的体积愈来愈轻薄短小,便于使用者在移动中进行信息的取得。基于上述种种客观环境因素,使用者主观上也更乐意通过该具有网络连接与数据传输功能的数据处理装置进行信息的搜寻及取得。Due to the rapid development of electronic information technology, data processing devices such as personal computers or notebook computers have become an indispensable part of our daily life. In addition to writing programs and performing simple data processing through the data processing device, the user can also use the powerful computing function as a communication medium for multimedia data such as sound, video or a combination of sound and video. In other words, the user can Works such as editing, making and playing of multimedia are performed by the data processing device. On the other hand, due to the growing maturity of the wired and wireless network communication environment, coupled with the fact that the volume of the data processing device is becoming thinner and smaller, it is convenient for users to obtain information while moving. Based on the aforementioned various objective environmental factors, users are more willing to search and obtain information through the data processing device with network connection and data transmission functions subjectively.
承前所述,虽然我们能通过该数据处理装置享受到信息快速流通的便利,但在另一方面使用者担心的是资料安全的问题,使用者必须更进一步的考虑信息的保密性,因为以往纸上作业时期的资料均记录在书面上,现今的数据处理装置所具有的,如硬盘等形式的储存装置,已经可以提供使用者记录大量的文字、图像或影音等档案在其中,虽然大幅减少了文件的体积,但相对的也更容易进行资料的窃取与复制。例如,第三者可以通过诸如软盘、光盘烧录甚至网络传输等简单的方式,即可将所需的资料复制或传送。As mentioned above, although we can enjoy the convenience of fast information circulation through this data processing device, on the other hand, users are worried about the issue of data security. Users must further consider the confidentiality of information, because in the past, paper The data in the last working period are all recorded in writing. Today’s data processing devices have storage devices in the form of hard disks, etc., which can already provide users with a large number of text, image or audio-visual files in them. The volume of the file, but it is relatively easier to steal and copy the data. For example, a third party can copy or transmit the required data through simple methods such as floppy disk, CD burning or even network transmission.
现有的数据处理装置的数据保护技术不外有下列数种:通过基本输出入系统(BIOS)内所提供的安全(Security)功能,设定识别码(password),使用者在执行该数据处理装置的开机(power-on)过程中,该基本输出入系统会要求使用者输入识别码,借由识别码内容判断使用者是否有权使用该数据处理装置,若是,该基本输出入系统才会继续执行后续的开机程序。另一种形式是使用者在进入操作系统后,依据个人所设定的作业环境或储存的资料定义一个识别码,由操作系统依据不同使用者所输入的识别码开放对应识别码的作业环境或储存资料供使用者使用。The data protection technology of the existing data processing device is nothing more than the following several types: through the security (Security) function provided in the basic input/output system (BIOS), the identification code (password) is set, and the user executes the data processing During the power-on process of the device, the BIOS will require the user to input an identification code, and judge whether the user has the right to use the data processing device based on the content of the identification code. If so, the BIOS will Continue to execute subsequent boot procedures. Another form is that after the user enters the operating system, he defines an identification code according to the operating environment set by the individual or the stored data, and the operating system opens the operating environment or operating environment corresponding to the identification code according to the identification codes input by different users. Store data for use by users.
通过上述基本输出入系统保护的方法,第三者仅需将主机板上的一基本输出入系统重置端(BIOS Reset Jumper)短路,或是拆掉主机板上的电池后再接上,均可达到侵入该基本输出入系统设定内容的目的。后者通过操作系统保护的方式,在使用者通过其它方式开机后,如用软盘或光盘开机,仍然能够读取硬盘中的资料。对于使用者而言均无法达到理想的保护目的。Through the above-mentioned BIOS protection method, the third party only needs to short-circuit a BIOS Reset Jumper on the main board, or remove the battery on the main board and then connect it, all are safe. The purpose of invading the setting content of the basic input and output system can be achieved. The latter is protected by the operating system, and the data in the hard disk can still be read after the user boots up by other means, such as booting with a floppy disk or CD. All can't reach ideal protection purpose for the user.
发明内容Contents of the invention
为解决上述现有技术的缺点,本发明的主要目的在于提供一种储存单元数据保护方法以及系统,通过将分区表加密、隐藏,防止非法使用者进入操作系统以进行资料存取。In order to solve the above-mentioned shortcomings of the prior art, the main purpose of the present invention is to provide a storage unit data protection method and system, by encrypting and hiding the partition table, preventing illegal users from accessing the operating system to access data.
本发明的另一目的在于提供一种储存单元数据保护方法以及系统,通过软件或韧体的程控机制,即可达到保护储存单元数据的目的。Another object of the present invention is to provide a storage unit data protection method and system, which can achieve the purpose of protecting the storage unit data through the program control mechanism of software or firmware.
为达成以上所述的目的,本发明的储存单元数据保护系统包括:用以提供该储存单元数据保护系统提取信号、编译码及执行指令功能的中央处理单元;用以储存该数据处理装置的基本输出入系统及其它软件例程的记忆单元;用以提供该数据处理装置储存包括操作系统程序及其它程序或资料的储存单元;常驻在该记忆单元中,用以将使用者设定的识别码加以编码加密,并储存在该储存单元中的特定位置;此外,还能够分区表数据加以编码加密,储存在该储存单元的特定位置,且在使用者重新开机输入正确的识别码时,自该储存单元中取出该分区表数据加以译码还原后,覆盖至该分区表正确位置,供该数据处理装置继续进行正常的开机作业程序的使用者识别模块。In order to achieve the above-mentioned purpose, the storage unit data protection system of the present invention includes: a central processing unit for providing the storage unit data protection system with the functions of extracting signals, compiling and decoding, and executing instructions; The memory unit of the input and output system and other software routines; used to provide the data processing device to store the storage unit including the operating system program and other programs or data; resident in the memory unit to identify the user settings The code is encoded and encrypted, and stored in a specific location in the storage unit; in addition, the partition table data can also be encoded and encrypted, stored in a specific location of the storage unit, and when the user restarts the machine and enters the correct identification code, it will automatically The data of the partition table is taken out from the storage unit, decoded and restored, and overwritten to the correct position of the partition table, so that the data processing device can continue to perform the normal boot operation procedure of the user identification module.
通过上述的储存单元数据保护系统,执行储存单元数据保护方法是预先将该使用者识别模块安装至该记忆单元中,接着进行如下的步骤:首先,令该使用者识别模块将使用者设定的识别码进行编码加密后,储存至该储存单元的特定位置中;其次,令该使用者识别模块将分区表数据进行编码加密后,并储存至一指定的储存单元位置;再者,令该使用者识别模块将该分区表数据删除;最后,令该使用者识别模块在使用者重新开启该数据处理装置电源时,判断使用者输入的识别码是否正确,若是,则将该编码加密的分区表数据译码还原,并覆盖至正确的分配表位置,进行正常的开机作业;若否,则中止正常的开机作业程序。Through the above-mentioned storage unit data protection system, the implementation of the storage unit data protection method is to install the user identification module into the memory unit in advance, and then perform the following steps: first, let the user identification module set the user After encoding and encrypting the identification code, store it in a specific location of the storage unit; secondly, make the user identification module encode and encrypt the partition table data, and store it in a designated storage unit location; furthermore, make the user identification module The user identification module deletes the partition table data; finally, the user identification module judges whether the identification code input by the user is correct when the user turns on the power of the data processing device again, and if so, then encrypts the coded partition table The data is decoded and restored, and overwritten to the correct allocation table position, and the normal boot operation is performed; if not, the normal boot operation procedure is terminated.
与现有的储存单元数据保护方法以及系统比较,本发明的储存单元数据保护方法以及系统,用以提供使用者仅通过在开机程序中执行的使用者识别机制,就能够防止不具有使用权限的使用者任意开启该数据处理装置并进行储存单元中数据的存取。Compared with the existing storage unit data protection method and system, the storage unit data protection method and system of the present invention are used to provide the user with a user identification mechanism executed in the boot process to prevent unauthorized access The user opens the data processing device arbitrarily and accesses the data in the storage unit.
附图说明Description of drawings
图1是一应用架构示意图,用以显示执行本发明的储存单元数据保护系统应用于一个人计算机上的系统架构;FIG. 1 is a schematic diagram of an application architecture, which is used to show the system architecture of implementing the storage unit data protection system of the present invention applied to a personal computer;
图2是一方块示意图,用以显示本发明的储存单元数据保护系统中单元与模块间的相互关系;以及Fig. 2 is a schematic block diagram for showing the interrelationship between units and modules in the storage unit data protection system of the present invention; and
图3(A)及图3(B)是流程图,用以显示执行本发明的储存单元数据保护方法的流程步骤。FIG. 3(A) and FIG. 3(B) are flowcharts for illustrating the steps of executing the method for protecting storage unit data of the present invention.
具体实施方式Detailed ways
实施例Example
请参与图1,在以下实施例中,本发明的储存单元数据保护方法以及系统100,是应用在现有的个人计算机200架构中,以下仅就与本发明的储存单元数据保护方法以及系统100相关的单元与模块加以叙述,至于其它诸如键盘或鼠标等输入单元以及屏幕等显示单元等,均不再说明。Please refer to FIG. 1. In the following embodiments, the storage unit data protection method and system 100 of the present invention are applied to the existing personal computer 200 architecture, and the following are only related to the storage unit data protection method and system 100 of the present invention. Relevant units and modules are described, and other input units such as keyboard or mouse and display units such as screen are not described again.
请参阅图2,该储存单元数据保护系统100包括:中央处理单元110、记忆单元120、储存单元130以及使用者识别模块140。Please refer to FIG. 2 , the storage unit data protection system 100 includes: a central processing unit 110 , a memory unit 120 , a storage unit 130 and a user identification module 140 .
该中央处理单元110是用以提供该储存单元数据保护系统100提取信号、编译码及执行指令的功能,并能够通过数据传输路径如总线等,以自其它资源处传递及接收资料。The central processing unit 110 is used to provide the storage unit data protection system 100 with the functions of extracting signals, compiling and decoding, and executing instructions, and can transmit and receive data from other resources through a data transmission path such as a bus.
该记忆单元120是用以提供该储存单元数据保护系统100储存包括基本输出入系统及其它软件程序及/或例程。其性质属于不具有挥发性的记忆单元,也就是在该个人计算机200的工作电源切断后,储存在该记忆单元中的资料不会消失,在使用者激活该个人计算机200的工作电源时,能够执行诸如该基本输出入系统,完成该个人计算机200的开机程序。又该记忆单元120可以是电可抹除只读存储器(ElectricallyErasable Programmable Read Only Memory;EEPROM)或闪存(FlashMemory)。由于上述的存储器均具有用程序可改写的特性,能够提供使用者视实际情况需要,更新其中诸如基本输出入系统等的程序资料内容。The memory unit 120 is used to provide the storage unit for the data protection system 100 to store BIOS and other software programs and/or routines. Its property belongs to a non-volatile memory unit, that is, after the working power of the personal computer 200 is cut off, the data stored in the memory unit will not disappear, and when the user activates the working power of the personal computer 200, it can Executing such as the basic input/output system to complete the booting procedure of the personal computer 200 . Furthermore, the memory unit 120 can be an Electrically Erasable Programmable Read Only Memory (EEPROM) or a flash memory (FlashMemory). Since the above-mentioned memories are all rewritable by programs, it is possible for the user to update the contents of the program data such as the basic input/output system, etc., according to actual needs.
该储存单元130是用以提供该个人计算机200储存包括操作系统程序及其它程序或资料。在本实施例中,该储存单元130是硬盘(HardDisk),该储存单元130的功能及架构为现有技术,不重复说明。The storage unit 130 is used for the personal computer 200 to store operating system programs and other programs or data. In this embodiment, the storage unit 130 is a hard disk (HardDisk), and the function and structure of the storage unit 130 are in the prior art and will not be described repeatedly.
该使用者识别模块140是常驻在该记忆单元中的软件程序,用以通过该中央处理单元110,将使用者设定的识别码加以编码加密并储存在该储存单元130中的特定位置;此外,还能够通过该中央处理单元110,将分区表资料加以编码加密而储存在该储存单元130的特定位置;且在使用者重新开启该个人计算机200的工作电源,执行开机程序,并输入正确的识别码时,自该储存单元130中取出该分区表资料,通过该中央处理单元110加以译码还原后覆盖至该分区表正确位置,供该个人计算机200继续进行正常的开机作业程序。The user identification module 140 is a software program resident in the memory unit, which is used to encode and encrypt the identification code set by the user through the central processing unit 110 and store it in a specific location in the storage unit 130; In addition, the central processing unit 110 can also encode and encrypt the partition table data and store it in a specific location of the storage unit 130; When the identification code is displayed, the partition table data is taken out from the storage unit 130, decoded and restored by the central processing unit 110, and covered to the correct position of the partition table, so that the personal computer 200 can continue to perform normal booting procedures.
需特别说明的是,在本实施例中,该分区表是指该储存单元130也就是硬盘的分区表,现有的硬盘是由多个磁柱(cluster)、磁头(head)及扇区(sector)组成,每一扇区的容量为512个字节(byte)。其中,第0磁柱、第0磁头的第1扇区是定义为分割扇区,在该扇区中,前端是储存主引导记录(Master Boot Program;MBP);后端则是用以储存分区表资料。It should be noted that, in this embodiment, the partition table refers to the partition table of the storage unit 130, that is, the hard disk. The existing hard disk is composed of a plurality of magnetic columns (cluster), magnetic heads (head) and sectors ( sector), each sector has a capacity of 512 bytes (byte). Among them, the first sector of the 0th magnetic cylinder and the 0th magnetic head is defined as a split sector. In this sector, the front end is used to store the Master Boot Record (Master Boot Program; MBP); the back end is used to store partitions. table data.
其次,该个人计算机200的开机程序大约略下:由该记忆单元120的内存地址0FFFF0H开始执行,也就是(CS=FFFF、IP=0000)。该个人计算机的基本输出入系统在该0FFFF0H地址上的程序内容是:Secondly, the booting procedure of the personal computer 200 is roughly as follows: the execution starts from the memory address 0FFFF0H of the memory unit 120, that is (CS=FFFF, IP=0000). The program content of the basic input-output system of this personal computer on this 0FFFF0H address is:
「FFFF0:JMP START」"FFFF0: JMP START"
跳到START之后,该记忆单元120的基本输出入系统(ROMBIOS)首先会做一些初始的检查工作,例如检查随机存取内存、键盘、屏幕、磁盘驱动器等。然后会读入主引导记录,基本输出入系统会将控制权交给主引导记录继续执行下去。换言之,可分为以下几个步骤:After jumping to START, the basic input/output system (ROMBIOS) of the memory unit 120 will firstly do some initial checking work, such as checking random access memory, keyboard, screen, disk drive, etc. Then the master boot record will be read, and the BIOS will pass control to the master boot record to continue execution. In other words, it can be divided into the following steps:
1.计算机开机时,先执行基本输出入系统,将该储存单元130第一个扇区的主引导记录(Master Boot Record;MBR)写入随机存取内存中,再转移控制权至主引导记录中的程序代码。1. When the computer is turned on, the basic input and output system is first executed, and the master boot record (Master Boot Record; MBR) of the first sector of the storage unit 130 is written into the random access memory, and then the control right is transferred to the master boot record program code in .
2.主引导记录程序代码扫描整个主磁盘分区表,并在第一个分割区放置一个旗标(flag),并将该分割区标示为可开机。接着写入随机存取内存,并将控制权传给这个分割区里的程序代码。2. The master boot record program code scans the entire master disk partition table and places a flag on the first partition, marking the partition as bootable. Then write to random access memory, and pass control to the program code in this partition.
3.经由激活程序将磁盘中的系统文件(如MS-DOS的IO.SYS及MSDOS.SYS)加载到随机存取内存,再将控制权交给加载的系统文件。3. Load the system files in the disk (such as IO.SYS and MSDOS.SYS of MS-DOS) into the random access memory through the activation program, and then give the control right to the loaded system files.
承上所述,在该个人计算机200的开机程序中,该分区表资料具有不可或缺的重要性,若无该分区表资料则系统无法得知该储存单元130的分割状况,也无法得知诸如视窗XP或LINUX等操作系统的储存位置,当然无法顺利完成开机程序。As mentioned above, in the booting process of the personal computer 200, the partition table data is indispensable. Without the partition table data, the system cannot know the partition status of the storage unit 130, nor can it know The storage location of operating systems such as Windows XP or LINUX, of course, cannot successfully complete the boot process.
因此,该使用者识别模块140即依据上述分区表的特性,通过删除分区表资料以阻断不具有使用权限的使用者完成开机程序,进而达到保护该个人计算机200的储存单元130中储存资料的目的。Therefore, the user identification module 140 is based on the above-mentioned characteristics of the partition table, by deleting the data of the partition table to prevent users who do not have access rights from completing the boot process, thereby protecting the data stored in the storage unit 130 of the personal computer 200. Purpose.
请参阅图3(A),其中显示本发明的储存单元数据保护方法在执行储存单元130数据保护的流程步骤。预先令使用者在该个人计算机200的正常操作系统下,安装该使用者识别模块140至该记忆单元120中,随即进行步骤S301。Please refer to FIG. 3(A), which shows the process steps of the data protection method for the storage unit of the present invention in executing the data protection of the storage unit 130 . The user is preliminarily instructed to install the user identification module 140 into the memory unit 120 under the normal operating system of the personal computer 200, and then proceed to step S301.
在步骤S301中,令该使用者识别模块140将使用者设定的识别码进行编码加密后,储存至该储存单元130的特定位置中。在本实施例中,在该使用者识别模块140安装至该记忆单元120后,该使用者识别模块140会要求使用者设定一个识别码作为身分辨识之用,该识别码可以包括任何数字、文字与符号的组合。在使用者完成识别码设定后,该使用者识别模块140随即将该识别码编码加密备份至该储存单元130中的特定位置,接着进行步骤S302。In step S301 , the user identification module 140 encodes and encrypts the identification code set by the user, and stores it in a specific location of the storage unit 130 . In this embodiment, after the user identification module 140 is installed in the memory unit 120, the user identification module 140 will require the user to set an identification code for identity identification. The identification code can include any number, A combination of words and symbols. After the user completes the setting of the identification code, the user identification module 140 encrypts and backs up the encoding of the identification code to a specific location in the storage unit 130, and then proceeds to step S302.
在步骤S302中,令该使用者识别模块140将分区表数据进行编码加密,并储存至一指定的储存单元130位置。在本实施例中,该使用者识别模块140在执行完识别码加密备份的步骤后,随即将该分割扇区中该分区表数据加以编码加密,并在编码加密完成后,将该加密数据储存至该储存单元130中的另一指定位置,随即进行步骤S303。In step S302 , the user identification module 140 is instructed to encode and encrypt the partition table data, and store it in a specified location of the storage unit 130 . In this embodiment, the user identification module 140 encodes and encrypts the partition table data in the partitioned sector immediately after executing the step of encrypting and backing up the identification code, and stores the encrypted data after the encoding and encryption is completed. Go to another designated location in the storage unit 130, and then proceed to step S303.
在步骤S303中,令该使用者识别模块140将该分区表数据删除。在本实施例中,当该使用者识别模块140完成分配表数据加密储存的步骤后,随即将该分配表数据自该记忆单元120中删除。由于该分配表资料已自该记忆单元120中删除,在使用者重新开启该个人计算机200的工作电源,并执行开机程序的过程中,若无法输入正确的识别码,则该使用者识别模块140不会将该分配表资料还原覆盖在正确的分配表扇区,该个人计算机200即无法完成正常开机程序,也无法进入操作系统。In step S303, the user identification module 140 is instructed to delete the partition table data. In this embodiment, after the user identification module 140 completes the step of encrypting and storing the distribution table data, it immediately deletes the distribution table data from the memory unit 120 . Since the allocation table data has been deleted from the memory unit 120, if the user fails to input the correct identification code during the process of turning on the power supply of the personal computer 200 and executing the boot procedure, the user identification module 140 The allocation table data will not be restored and overwritten on the correct allocation table sector, and the personal computer 200 will not be able to complete the normal boot process, nor will it be able to enter the operating system.
实际操作步骤则如下所述。请参阅图3(B),显示当该完成数据保护设定程序的个人计算机200,是使用者重新开启工作电源,以执行验证保护阶段的流程步骤。The actual operation steps are as follows. Please refer to FIG. 3(B), which shows that when the personal computer 200 completes the data protection setting procedure, the user restarts the working power to execute the process steps of the verification protection stage.
在步骤S311中,令该使用者识别模块140在开机程序中要求使用者输入识别码,接着进行步骤S312。In step S311, make the user identification module 140 require the user to input an identification code during the boot process, and then proceed to step S312.
在步骤S312中,令该使用者识别模块140判断使用者输入的识别码是否与储存在该储存单元130中的识别码相同,若是,则进行步骤S313;若否则进至步骤S315。In step S312, let the user identification module 140 determine whether the identification code input by the user is the same as the identification code stored in the storage unit 130, if yes, proceed to step S313; otherwise, proceed to step S315.
在步骤S313中,令该使用者识别模块140将储存在该储存单元130中的分区表数据读出,并覆盖至正确的分区表资料扇区,接着进行步骤S314。In step S313, the user identification module 140 is instructed to read out the partition table data stored in the storage unit 130, and overwrite the correct partition table data sector, and then proceed to step S314.
在步骤S314中,令该个人计算机200依据正常的开机程序进入操作系统,供有权限的使用者进行该储存单元130中资料的存取。In step S314 , the personal computer 200 is made to enter the operating system according to the normal boot procedure, so that authorized users can access the data in the storage unit 130 .
在步骤S315中,因使用者无法输入正确的识别码,则该使用者识别模块140不会执行分区表数据覆盖的步骤,相对的,该储存单元130中的扇区分割及操作系统资料无法被该程序所提取,故无法执行正常的开机作业程序,达到防止无权限使用者存取该储存单元130中的资料。In step S315, because the user cannot input the correct identification code, the user identification module 140 will not perform the step of overwriting the partition table data. Correspondingly, the sector division and operating system data in the storage unit 130 cannot be overwritten. The program is extracted, so the normal boot operation program cannot be executed, so as to prevent unauthorized users from accessing the data in the storage unit 130 .
综上所述,本发明的储存单元数据保护方法以及系统,用以提供使用者仅通过在开机程序中执行的使用者识别机制,就能够防止不具有使用权限的使用者任意开启该个人计算机200并进行储存单元130中资料的存取。即使该储存单元130被不知道识别码的使用者拆除,仍无法通过其它的计算机装置进行资料的存取,借以确实达到数据保护的目的。To sum up, the storage unit data protection method and system of the present invention are used to provide the user with the user identification mechanism executed in the boot process, which can prevent the user who does not have the right to use the personal computer from arbitrarily opening the personal computer 200 And perform data access in the storage unit 130 . Even if the storage unit 130 is removed by a user who does not know the identification code, the data cannot be accessed through other computer devices, so as to truly achieve the purpose of data protection.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03100473 CN1277219C (en) | 2003-01-15 | 2003-01-15 | Storage unit data protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03100473 CN1277219C (en) | 2003-01-15 | 2003-01-15 | Storage unit data protection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1517888A true CN1517888A (en) | 2004-08-04 |
| CN1277219C CN1277219C (en) | 2006-09-27 |
Family
ID=34281184
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 03100473 Expired - Fee Related CN1277219C (en) | 2003-01-15 | 2003-01-15 | Storage unit data protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1277219C (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101930384A (en) * | 2010-09-10 | 2010-12-29 | 北京中科院软件中心有限公司 | Fault tolerance method and device for file system |
| CN101369304B (en) * | 2007-08-13 | 2011-08-24 | 华硕电脑股份有限公司 | Computer system startup and hard disk data protection method, and its data protection module |
| US8225056B2 (en) | 2007-10-19 | 2012-07-17 | Asustek Computer Inc. | Method for protecting data and method for managing access authority |
| CN103577246A (en) * | 2013-11-12 | 2014-02-12 | 浙江云巢科技有限公司 | Method and device for preventing virtual machine from escaping |
| CN105528307A (en) * | 2015-11-27 | 2016-04-27 | 联想(北京)有限公司 | Information processing method and electronic device |
| US10757087B2 (en) | 2018-01-02 | 2020-08-25 | Winbond Electronics Corporation | Secure client authentication based on conditional provisioning of code signature |
| CN115017557A (en) * | 2022-05-25 | 2022-09-06 | 北京明朝万达科技股份有限公司 | Data leakage prevention method and system based on disk partition encryption |
-
2003
- 2003-01-15 CN CN 03100473 patent/CN1277219C/en not_active Expired - Fee Related
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101369304B (en) * | 2007-08-13 | 2011-08-24 | 华硕电脑股份有限公司 | Computer system startup and hard disk data protection method, and its data protection module |
| US8225056B2 (en) | 2007-10-19 | 2012-07-17 | Asustek Computer Inc. | Method for protecting data and method for managing access authority |
| CN101930384A (en) * | 2010-09-10 | 2010-12-29 | 北京中科院软件中心有限公司 | Fault tolerance method and device for file system |
| WO2012031567A1 (en) * | 2010-09-10 | 2012-03-15 | 北京中科院软件中心有限公司 | Fault tolerance method and device for file system |
| CN103577246A (en) * | 2013-11-12 | 2014-02-12 | 浙江云巢科技有限公司 | Method and device for preventing virtual machine from escaping |
| CN103577246B (en) * | 2013-11-12 | 2017-05-31 | 浙江云巢科技有限公司 | The method and apparatus for preventing virtual machine from escaping |
| CN105528307A (en) * | 2015-11-27 | 2016-04-27 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN105528307B (en) * | 2015-11-27 | 2019-03-29 | 联想(北京)有限公司 | A kind of method and electronic equipment of information processing |
| US10757087B2 (en) | 2018-01-02 | 2020-08-25 | Winbond Electronics Corporation | Secure client authentication based on conditional provisioning of code signature |
| CN115017557A (en) * | 2022-05-25 | 2022-09-06 | 北京明朝万达科技股份有限公司 | Data leakage prevention method and system based on disk partition encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1277219C (en) | 2006-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8918579B2 (en) | Storage device and method for selective data compression | |
| US9111621B2 (en) | Solid state drive memory device comprising secure erase function | |
| US6654820B1 (en) | System capable of recording a content onto a recording medium which does not have a medium ID | |
| CN100389408C (en) | Fixed disk data enciphering back-up and restoring method | |
| US20050015540A1 (en) | Auto-executable portable data storage device and the method of auto-execution thereof | |
| US8996787B2 (en) | Storage device aware of I/O transaction and stored data | |
| US8275927B2 (en) | Storage sub-system for a computer comprising write-once memory devices and write-many memory devices and related method | |
| RU2353969C2 (en) | Method and device for computer memory binding to motherboard | |
| CN1469256A (en) | Secure memory element and method for producing the same | |
| US20050193195A1 (en) | Method and system for protecting data of storage unit | |
| US9047176B2 (en) | Storage device and method for utilizing unused storage space | |
| CN110826099A (en) | Safe storage method and system suitable for embedded real-time operating system | |
| US10331365B2 (en) | Accessing a serial number of a removable non-volatile memory device | |
| US7818567B2 (en) | Method for protecting security accounts manager (SAM) files within windows operating systems | |
| CN1517888A (en) | storage unit data protection method and system | |
| EP3516494B1 (en) | Data erasure method and apparatus | |
| Hughes et al. | Tutorial on disk drive data sanitization | |
| EP2208164A1 (en) | Method and device for digital rights protection | |
| US7882353B2 (en) | Method for protecting data in a hard disk | |
| TW588244B (en) | Data protection method and system for storage unit | |
| CN103677875A (en) | Method for starting electronic equipment, method for controlling permission and electronic equipment | |
| TW200935221A (en) | System for securing an access to flash memory device and method for the same | |
| KR20080088911A (en) | Data storage card, connection device and method using bad information of memory as encryption key | |
| CN1567259A (en) | Portable data storage device capable of automatic execution and automatic execution method thereof | |
| Nimmala | Forensic Research on Solid State Drives using Trim Analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| ASS | Succession or assignment of patent right |
Owner name: ZEPU SCI & TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: YIGUANG SCIENCE + TECHNOLOGY CO., LTD. Effective date: 20040611 |
|
| C06 | Publication | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| PB01 | Publication | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20040611 Address after: Taipei city of Taiwan Province Applicant after: Zepu Sci. & Tech. Co., Ltd. Address before: Taipei city of Taiwan Province Applicant before: Yiguang Science & Technology Co., Ltd. |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |