CN201408535Y - Trusted hard disk facing to trusted computation cryptograph supporting platform - Google Patents
Trusted hard disk facing to trusted computation cryptograph supporting platform Download PDFInfo
- Publication number
- CN201408535Y CN201408535Y CN2009200388543U CN200920038854U CN201408535Y CN 201408535 Y CN201408535 Y CN 201408535Y CN 2009200388543 U CN2009200388543 U CN 2009200388543U CN 200920038854 U CN200920038854 U CN 200920038854U CN 201408535 Y CN201408535 Y CN 201408535Y
- Authority
- CN
- China
- Prior art keywords
- hard disk
- trusted
- support platform
- credible
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000004364 calculation method Methods 0.000 claims description 25
- 238000005516 engineering process Methods 0.000 abstract description 5
- 238000004891 communication Methods 0.000 abstract description 2
- 238000000034 method Methods 0.000 abstract 1
- 210000000352 storage cell Anatomy 0.000 abstract 1
- QZXCCPZJCKEPSA-UHFFFAOYSA-N chlorfenac Chemical compound OC(=O)CC1=C(Cl)C=CC(Cl)=C1Cl QZXCCPZJCKEPSA-UHFFFAOYSA-N 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 230000008034 disappearance Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000003014 reinforcing effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses a trusted hard disk facing to a trusted computation cryptograph supporting platform and belongs to the field of communication technology relative to the research of data security. The trusted hard disk comprises an SATA interface chip (U1) and a main controller (U2) which are integrated and are in signal connection with each other on the same circuit board. The main controller (U2) is connected with a high capacity storage cell through a hard disk controller interface. The utility model is characterized in that: the main controller (U2) of the trusted hard disk is provided with an encryption protocol processor (U3); the main controller (U2), the encryption protocol processor (U3) and the SATA interface chip (U1) together form an encryption module unit of the trusted hard disk; the trusted hard disk accesses into a computer corresponding to the trusted computation cryptograph supporting platform through the SATA interface chip (U1) to process data exchange. When the trusted hard disk leaves the computer of the trusted computation cryptograph supporting platform, the illegal user cannot steal the data in the hard disk so as to provide strong safety guarantee for the important data in the hard disk.
Description
Technical field
The utility model relates to a kind of data storage device, relates in particular to a kind of hard disk unit that is applicable to the creditable calculation password support platform, belongs to communication technical field.
Background technology
In the current epoch, the application of infotech has changed people's work and life style widely, information has become emerging critical asset type, ensures the safety of information assets and information systems, and commercial interest and individual concerning vast enterprise and family from little are secret; From general goal concerning national security and economic interests.
The nineties in 20th century, some international IT vendors begin to have proposed the Trusted Computing theory, and set up TCPA tissue (credible calculating platform alliance) in 1999 and released the Trusted Computing standard, TCPA was reorganized as Trusted Computing tissue (TCG) in 2003, and this has been organized to set up about credible calculating platform, trusted storage and a series of standards such as trustable network is connected.
The TPM embedded security chip is the cipher key cache management device of the encryption application programming interface (API) of a kind of safe key maker and a kind of supporting industry standard.TPM with hardware generate, storage and managing keys, and utilize the remaining resource of system platform to come those dependence software cryptography algorithms before " reinforcings " and key be stored in many application in unsafe storer.TPM can be stored in key in the nonvolatile memory that is subjected to TPM controller and TPM tamperproof circuit protection, comprises storage root key, signature key and other sensitive data etc.The key code of PC end application software and data " disappearance ", they are transplanted to safely in the hardware of encryption lock and are protected.When needs used, application software can be instructed key code and data and return results in the encryption lock operation hardware by the funcall engine, thereby still can finish the whole function of whole software.Because these codes and data do not have copy to exist at the PC end, so deciphering person has no way of guessing algorithm or steals data, thereby guaranteed the security of whole software system largely.Present security computer has all been installed the TPM embedded security chip.
Yet the emphasis of information security issue is that domestic a large amount of research at present, exploitation and practical application all concentrate on network security and the security of system at proprietary data (especially user oneself creates the core data of the handling) control of being maintained secrecy in fact.The research and technology exploitation of storage security is in blank.Hard disk is as the most important carrier of current storage data, the data of the inside face the maximum hidden danger of being stolen by the disabled user, and existing hard disk or be not encrypt, encryption technology just is based on some software vendors and by encryption software data is carried out encryption, as the encryption software of VERITAS NetBacku.In a word, current HD encryption technology all is based on operating system or the software, key is stored in some places of hard disk, as long as the disabled user is to operating system or the very familiar words of encryption software, with regard to the easy to do encryption key that finds of energy, crack encipher hard disc, obtain the data that originally can not obtain easily.
Summary of the invention
The purpose of this utility model aims to provide a kind of credible hard disk towards the creditable calculation password support platform, be stored in the defective that easily is found and cracks that hard disk causes somewhere to overcome above-mentioned tradition based on software cryptography, encryption key, even itself is stolen hard disk, the data of its storage inside still can't be cracked, and make the data in the credible hard disk obtain safe and reliable guarantee.
The technical scheme that the purpose of this utility model is achieved is:
A kind of credible hard disk towards the creditable calculation password support platform, comprise integrated and signal links to each other on the same circuit board SATA interface chip (U1) and master controller (U2), described master controller (U2) links to each other with the high capacity storage unit by the hard disk controller interface, it is characterized in that: the master controller of described credible hard disk (U2) is equipped with a cryptographic coprocessor (U3), and both and SATA interface chip (U1) have constituted the encrypting module unit of credible hard disk jointly; Credible hard disk inserts the computer that meets the creditable calculation password support platform by SATA interface chip (U1) and carries out exchanges data.
Further, above-mentioned credible hard disk towards the creditable calculation password support platform, wherein this cryptographic coprocessor (U3) inserts on the same circuit board with master controller (U2), perhaps by external interface access master controller (U2).
Further, above-mentioned credible hard disk towards the creditable calculation password support platform, wherein the cryptographic coprocessor of this credible hard disk (U3) links to each other by the clear data signal with the TPM embedded security chip of creditable calculation password support platform; And master controller (U2) is communicated by letter with encrypt data by the hard disk controller interface with the high capacity storage unit and is linked to each other.
Further, above-mentioned credible hard disk towards the creditable calculation password support platform, wherein the high capacity storage unit is mechanical type hard disk or FALSH hard disk.
After the credible hard disk of the utility model design is used, its beneficial effect is embodied in: need not directly to leave in encryption key on the hard disk, and will deposit after the data encryption in the hard disk, when credible hard disk leaves the computer of creditable calculation password support platform, the disabled user can't steal the data on the hard disk, for the significant data in the hard disk provides powerful safety guarantee.
Below in conjunction with the utility model one preferred embodiment and accompanying drawing thereof, this credible hard disk towards the creditable calculation password support platform is carried out explanation in detail and without limitation.
Description of drawings
Fig. 1 is the structural representation of the utility model one embodiment according to flows of data signals;
Fig. 2 is the checking synoptic diagram of the utility model credible hard disk corresponding to the creditable calculation password support platform.
Embodiment
The structural representation that the utility model one embodiment as shown in Figure 1 connects according to flows of data signals is as seen: should mainly comprise towards credible hard disk of creditable calculation password support platform: SATA interface chip U1, master controller U2, cryptographic coprocessor U3, high capacity storage unit HD based on credible platform.Wherein SATA interface chip U1, master controller U2, can same hard disk controller (not shown based on the cryptographic coprocessor U3 of credible platform, being used for primary controller U2 is connected with high capacity storage unit HD) be placed on same circuit board, wherein cryptographic coprocessor U3 can not be placed on the same circuit board with other member yet, and be connected to master controller U2, and then connect high capacity storage unit HD in the mode of external interface; High capacity storage unit HD both can be that the mechanical type hard disk also can be the FALSH hard disk; And the cryptographic algorithm of cryptographic coprocessor U3 must be through the cryptographic algorithm checking of National Administration for the Protection of State Secrets.
This credible hard disk inserts the SATA interface of the computer main board that meets the creditable calculation password support platform and carries out exchanges data with this computer by SATA interface chip U1.
The checking synoptic diagram of this credible hard disk as shown in Figure 2 and corresponding creditable calculation password support platform is as seen: after computer powers on, this credible hard disk loads the BIOS password that has passed through the checking of creditable calculation password support platform, not related with the operating system generation, have higher security.Credible hard disk is with the key of this BIOS password as cryptographic algorithm in the cryptographic coprocessor U3, the cryptographic algorithm that master controller U2 provides by cryptographic coprocessor U3 is encrypted or is deciphered data and deposits or read high capacity storage unit HD in, being to be the encrypt data exchange between master controller U2 and the high capacity storage unit HD, then is clear data by master controller U2 and SATA interface chip U1 to the swap data of external computer output.This shows; these credible hard disk data are able to antitheft protection core and are to read computer BIOS password, checking by cryptographic coprocessor U3; and hard disc data is encrypted or deciphered, thereby ensured the security of the significant data in the hard disk with specific cryptographic algorithm control master controller U2.
This credible hard disk cooperates with the TPM chip of creditable calculation password support platform, key is not directly left on the hard disk, and when credible hard disk left the computer of creditable calculation password support platform, the disabled user can't learn key, can not steal the data on the hard disk.Even if be illegal user's Brute Force hard disk, because of the data in the hard disk are data encrypted entirely, the disabled user also can not understand the data in the hard disk, and illegally not revealing for the significant data of computer user provides reliable guarantee.
The cryptographic coprocessor connected mode diversity of mentioning in the foregoing description, the utility model can also have other embodiments.The technical scheme that is equal to replacement or equivalent transformation formation that adopts under the situation that does not deviate from the utility model spirit and essence thereof all should belong to the desired protection domain of the utility model.
Claims (5)
1. towards the credible hard disk of creditable calculation password support platform, comprise integrated and signal links to each other on the same circuit board SATA interface chip (U1) and master controller (U2), described master controller (U2) links to each other with the high capacity storage unit by the hard disk controller interface, it is characterized in that: the master controller of described credible hard disk (U2) is equipped with a cryptographic coprocessor (U3), and both and SATA interface chip (U1) have constituted the encrypting module unit of credible hard disk jointly; Credible hard disk inserts the computer with creditable calculation password support platform by SATA interface chip (U1) and carries out exchanges data.
2. the credible hard disk towards the creditable calculation password support platform according to claim 1: it is characterized in that: described cryptographic coprocessor (U3) inserts on the same circuit board with master controller (U2), perhaps by external interface access master controller (U2).
3. the credible hard disk towards the creditable calculation password support platform according to claim 1: it is characterized in that: described computer with creditable calculation password support platform comprises the TPM embedded security chip, and links to each other with the cryptographic coprocessor (U3) of credible hard disk by the clear data signal.
4. the credible hard disk towards the creditable calculation password support platform according to claim 1: it is characterized in that: described master controller (U2) is communicated by letter with encrypt data by the hard disk controller interface with the high capacity storage unit and is linked to each other.
5. according to claim 1 or 4 described credible hard disks towards the creditable calculation password support platform, it is characterized in that: described high capacity storage unit is mechanical type hard disk or FALSH hard disk.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009200388543U CN201408535Y (en) | 2009-05-11 | 2009-05-11 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009200388543U CN201408535Y (en) | 2009-05-11 | 2009-05-11 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201408535Y true CN201408535Y (en) | 2010-02-17 |
Family
ID=41679475
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009200388543U Expired - Lifetime CN201408535Y (en) | 2009-05-11 | 2009-05-11 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201408535Y (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102193876A (en) * | 2011-03-24 | 2011-09-21 | 北京思创银联科技股份有限公司 | Methods for encrypting and decrypting hard disk driver of personal finance service equipment |
| CN102819699A (en) * | 2012-06-04 | 2012-12-12 | 珠海欧比特控制工程股份有限公司 | Processor system |
| CN103119602A (en) * | 2010-08-06 | 2013-05-22 | 英特尔公司 | Providing fast non-volatile storage in a secure environment |
| CN108776765A (en) * | 2018-06-11 | 2018-11-09 | 山东超越数控电子股份有限公司 | A kind of hard disk data protection method and device |
| CN109583197A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of credible lamination file encryption-decryption method |
| CN109583169A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of safety certifying method |
| CN109583196A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of key generation method |
| CN109583214A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of method of controlling security |
| CN109598119A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of credible encipher-decipher method |
| CN109598125A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of safe starting method |
| CN109598154A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of credible overall encipher-decipher method |
| CN109598150A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of key application method |
| CN109614799A (en) * | 2018-11-28 | 2019-04-12 | 北京可信华泰信息技术有限公司 | A kind of information weight mirror method |
| CN109614154A (en) * | 2018-11-28 | 2019-04-12 | 北京可信华泰信息技术有限公司 | A kind of computer safety start method |
| CN109918918A (en) * | 2019-03-19 | 2019-06-21 | 联芸科技(杭州)有限公司 | A kind of credible accounting system implementation based on solid-state disk master control |
-
2009
- 2009-05-11 CN CN2009200388543U patent/CN201408535Y/en not_active Expired - Lifetime
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103119602A (en) * | 2010-08-06 | 2013-05-22 | 英特尔公司 | Providing fast non-volatile storage in a secure environment |
| TWI467383B (en) * | 2010-08-06 | 2015-01-01 | Intel Corp | Apparatus and method for accessing a secure partition in non-volatile storage and article comprising a non-transitory machine-accessible storage medium |
| CN103119602B (en) * | 2010-08-06 | 2016-03-16 | 英特尔公司 | A kind of method of the non-volatile storage for configuration-system and a kind of computer equipment |
| CN102193876A (en) * | 2011-03-24 | 2011-09-21 | 北京思创银联科技股份有限公司 | Methods for encrypting and decrypting hard disk driver of personal finance service equipment |
| CN102819699A (en) * | 2012-06-04 | 2012-12-12 | 珠海欧比特控制工程股份有限公司 | Processor system |
| CN108776765A (en) * | 2018-06-11 | 2018-11-09 | 山东超越数控电子股份有限公司 | A kind of hard disk data protection method and device |
| CN109598154A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of credible overall encipher-decipher method |
| CN109598150B (en) * | 2018-11-28 | 2021-01-08 | 北京可信华泰信息技术有限公司 | Key using method |
| CN109583196A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of key generation method |
| CN109583214A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of method of controlling security |
| CN109598119A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of credible encipher-decipher method |
| CN109598125A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of safe starting method |
| CN109583197A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of credible lamination file encryption-decryption method |
| CN109598150A (en) * | 2018-11-28 | 2019-04-09 | 北京可信华泰信息技术有限公司 | A kind of key application method |
| CN109614799A (en) * | 2018-11-28 | 2019-04-12 | 北京可信华泰信息技术有限公司 | A kind of information weight mirror method |
| CN109614154A (en) * | 2018-11-28 | 2019-04-12 | 北京可信华泰信息技术有限公司 | A kind of computer safety start method |
| CN109583169B (en) * | 2018-11-28 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Security authentication method |
| CN109583169A (en) * | 2018-11-28 | 2019-04-05 | 北京可信华泰信息技术有限公司 | A kind of safety certifying method |
| CN109583196B (en) * | 2018-11-28 | 2021-01-08 | 北京可信华泰信息技术有限公司 | Key generation method |
| CN109598119B (en) * | 2018-11-28 | 2021-03-16 | 北京可信华泰信息技术有限公司 | Credible encryption and decryption method |
| CN109614799B (en) * | 2018-11-28 | 2021-03-16 | 北京可信华泰信息技术有限公司 | Information authentication method |
| CN109598154B (en) * | 2018-11-28 | 2021-03-16 | 北京可信华泰信息技术有限公司 | Credible full-disk encryption and decryption method |
| CN109583214B (en) * | 2018-11-28 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Safety control method |
| CN109583197B (en) * | 2018-11-28 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Trusted overlay file encryption and decryption method |
| CN109598125B (en) * | 2018-11-28 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Safe starting method |
| CN109918918B (en) * | 2019-03-19 | 2021-04-23 | 联芸科技(杭州)有限公司 | Trusted computing system implementation scheme based on solid-state disk master control |
| CN109918918A (en) * | 2019-03-19 | 2019-06-21 | 联芸科技(杭州)有限公司 | A kind of credible accounting system implementation based on solid-state disk master control |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN201408535Y (en) | Trusted hard disk facing to trusted computation cryptograph supporting platform | |
| CN106330868B (en) | A kind of high speed network encryption storage key management system and method | |
| CN101038568B (en) | Method and device for encrypting date of external computer hard disk | |
| CN100449561C (en) | USB storage device data leakage prevention system and method based on certificate and transparent encryption | |
| EP1580663A1 (en) | A method for realizing security data storage and algorithm storage by means of semiconductor memory device | |
| CN102508792B (en) | Method for realizing secure access of data in hard disk | |
| CN102567688B (en) | File confidentiality keeping system and file confidentiality keeping method on Android operating system | |
| CN202694329U (en) | Wireless storage equipment | |
| CN102207999A (en) | Data protection method based on trusted computing cryptography support platform | |
| CN102932140A (en) | Key backup method for enhancing safety of cipher machine | |
| CN102915411A (en) | Dereplication encryption lock for software and hardware of embedded system | |
| CN112968774B (en) | Method, device storage medium and equipment for encrypting and decrypting configuration file | |
| CN102136048A (en) | Mobile phone Bluetooth-based ambient intelligent computer protection device and method | |
| CN103440462A (en) | Embedded control method for improving security and secrecy performance of security microprocessor | |
| CN101237353A (en) | A method and system for monitoring mobile storage device based on USBKEY | |
| CN102932155A (en) | High-speed storage control SOC chip supporting adoption of hardware encryption algorithm | |
| CN106022169A (en) | Encryption protection method based on ZYNQ small-size cipher machine and device for realizing method | |
| CN102024115B (en) | Computer with user security subsystem | |
| CN102279814A (en) | Encryption anti-copy system and anti-copy method thereof | |
| CN103336746A (en) | Safety encrypted USB (Universal Serial Bus) flash disk and data encryption method thereof | |
| CN105740733B (en) | A kind of encryption mobile hard disk and its implementation | |
| CN101930521A (en) | File protecting method and device thereof | |
| CN102945339A (en) | Data protection system for computer | |
| CN106100824A (en) | Physics crushes and logical algorithm complex encryption technology | |
| CN106203142A (en) | A kind of method and device of the Primary Hard Drive data protecting computer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: ACER COMPUTER (SHANGHAI) CO., LTD. Free format text: FORMER OWNER: FOUNDER TECHNOLOGY GROUP CORPORATION SUZHOU PRODUCT CO., LTD. Effective date: 20101201 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 215026 NO.188, SUHONG EAST ROAD, INDUSTRIAL PARK, SUZHOU CITY, JIANGSU PROVINCE TO: 200001 BUILDING 3, NO.168, TIBET MIDDLE ROAD, HUANGPU DISTRICT, SHANGHAI |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20101201 Address after: 3, No. 168 middle Tibet Road, No. 200001, Shanghai, Huangpu District Patentee after: Acer Computer (Shanghai) Co., Ltd. Address before: 215026, No. 188, Hung Tung Road, Suzhou Industrial Park, Jiangsu Patentee before: Founder Technology Group Corporation Suzhou Product Co., Ltd. |
|
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20100217 |