CN101419575A - Data protection method - Google Patents
Data protection method Download PDFInfo
- Publication number
- CN101419575A CN101419575A CN 200710166881 CN200710166881A CN101419575A CN 101419575 A CN101419575 A CN 101419575A CN 200710166881 CN200710166881 CN 200710166881 CN 200710166881 A CN200710166881 A CN 200710166881A CN 101419575 A CN101419575 A CN 101419575A
- Authority
- CN
- China
- Prior art keywords
- cut section
- data
- inlet point
- guard method
- district
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
A data protection method is used in an electronic device with a storage media, wherein, the storage media comprises a plurality of partitions and a partition table. In the method, when the electronic device enters a shutdown program, the partition entry points corresponding to specific partitions and partition data are acquired, and the partition entry points and the partition data are transmitted to an external storage device, and then, the partition entry points in the partition table are deleted, and the partition data are removed from the storage media. When starting the electronic device, a user must provide a corresponding external storage device by which the partition entry points and the partition data are written back in the storage media, thus preventing personal data in the storage media from being used optionally by others so as to realize the purpose of maintaining data security.
Description
Technical field
The present invention relates to a kind of data guard method, and particularly relate to a kind of under the situation of many people shared electron device, the protection personal data safety data guard method.
Background technology
Along with the progress of science and technology and the universalness of computer system, increasing modern's custom is handled file, browse network, broadcast audio/video file or storage data with computer system, and therefore computer system also becomes the modern at one of work or indispensable instrument in life.In order to safeguard user's privacy, manyly prevent that other people from spying on arbitrarily or use the mechanism that is stored in the data in the computer system also to arise at the historic moment thereupon.
In general, the user can set up the safety that harddisk password is safeguarded hard disc data.The user can enter Basic Input or Output System (BIOS) in the process of start (Basic Input/Output System BIOS) sets menu, chooses the harddisk password option to carry out the setting of password.The password that the user sets can be sent to hard disk controller with the form of package, and when opening computer system, computer system just can require the user to import harddisk password next time.If the password of user's input is correct, after opening computer system, could carry out access to the data that are stored in the hard disk; Otherwise hard disk can maintain the state of pinning, computer system thereby can't read any hard disc data.
Yet share many people under the environment of a computer system, service data safety is more important to guarantee that individual privacy also becomes.In order to prevent that other people from opening arbitrarily, altering, even the deletion documentum privatum, operating system provides the file security mechanism only can access data partly with the restriction user.When the user used a computer system at needs, the account number cipher that must import the individual was to obtain the harddisk access authority.For instance, suppose that user A, B, C share a computer system, that is these three users' personal data are stored in all in the hard disk of computer system.Fig. 1 is the synoptic diagram of the file system of computer system for this reason, as shown in Figure 1, file system 100 is tree structures, root directory in file system 100 comprises share directory 120, A catalogue 130, B catalogue 140 for 110 times, and four catalogues such as C catalogue 150, and under described four catalogues, a plurality of catalogues or file have been comprised.After user A logins computer system with account number cipher, just can only see and use catalogue or the file that is positioned under A catalogue 130 and the share directory 120.Similarly, concerning user B, C, after logining computer system, also can't see or use catalogue or file under any exclusive catalogue that belongs to other user.In other words, though every user's data all be stored in hard disk in, after the user logins computer system with account number cipher, the file data under can only the access particular category, and can not optionally carry out access to the data that belong to other user.
Summary of the invention
In view of this, the invention provides a kind of data guard method, under the situation of many people shared electron device, guarantee that the data that the user is stored in the electronic installation can be by other people use of access at random.
The present invention proposes a kind of data guard method, is used to have the electronic installation of medium, and wherein medium comprises several cut sections and partition table.The method at first makes electronic installation enter dormancy program or shutdown programm.Then capture the pairing cut section inlet point of specific cut section and district's data, and cut section inlet point and district's data are sent to external memory.At last, the cut section inlet point of deletion record in partition table, and remove district's data in the medium.
In one embodiment of this invention, before electronic installation enters the step of dormancy program or shutdown programm, also comprise and receive account number cipher that the user imported to login electronic installation.Specific cut section then comprises the cut section that has user's ability access of logining electronic installation only.
In one embodiment of this invention, the step that captures the pairing cut section inlet point of specific cut section and district's data comprises and obtains the cut section inlet point that is recorded in the partition table, and according to the cut section inlet point to obtain the district's data that are recorded in the cut section.
In one embodiment of this invention, the step that removes the district's data in the medium comprises the content that replaces district's data with default symbol.And the method also comprises this default symbol is sent to external memory.
In one embodiment of this invention, also comprise cut section numbering, and be sent to external memory in the lump corresponding to the inspection sum total of district's data with specific cut section.
From another viewpoint, the present invention proposes a kind of data guard method, is used to have the electronic installation of medium.In the method, at first provide to record cut section inlet point and the external memory of distinguishing data.Then, the reception account number cipher that the user imported is to carry out the dormancy awakening program or the boot program of electronic installation.Next, judge whether cut section inlet point and district's data accord with the cut section that user institute can access, and when meeting described cut section, with the cut section inlet point and distinguish data in writing medium.
In one embodiment of this invention, external memory also comprises the cut section numbering of record corresponding to the cut section inlet point.Behind the account number cipher that receives user's input, confirming according to account number cipher can only be by the cut section of user's access in medium.If cut section numbers therewith that cut section conforms to, then judge cut section inlet point and the cut section of district's data fit in the energy access of user institute.In addition, cut section inlet point and district's data are comprised in the step that writes medium the cut section inlet point is write in the partition table of medium.And, district's data are write to the cut section of medium according to the cut section inlet point.And after described action was finished, present embodiment also comprised operating system is loaded into electronic installation.
In one embodiment of this invention, external memory also comprises the default symbol of record.Behind the account number cipher that receives user's input, confirming according to account number cipher can only be by the cut section of user's access in medium.Then check and in this cut section, whether record default symbol.If cut section records default symbol, judge then then whether cut section inlet point and district's data accord with the cut section of user institute energy access.
In one embodiment of this invention, external memory also comprises the inspection sum total of record corresponding to district's data.And cut section inlet point and district's data are comprised according to checking the correctness of sum total with the test zone data in the step that writes medium.
In one embodiment of this invention, judging when cut section inlet point and district's data do not meet cut section in the energy access of user institute, also comprise operating system is loaded into electronic installation.
When the present invention is closed closing electronic device the user, with the user can access district's data and the cut section inlet point of cut section back up to external memory, and the district's data and the cut section inlet point that will be recorded in the medium are deleted.Other user who guarantees in view of the above to share this electronic installation only can carry out access to the cut section with rights of using behind the unlocking electronic device, and the data that can't open or use other people to store, to reach the purpose of protection personal data safety.
Beneficial effect of the present invention for the present invention according to the characteristic of tree-shaped file system, when closing electronic installation, the district's data and the cut section inlet point of the cut section of user institute energy access backed up to external memory with medium.And will be stored in district's data and the deletion of cut section inlet point in the medium.Guarantee the data of other user in can't this cut section of access after logining electronic installation in view of the above, to safeguard the data security of many people shared electron device.Only need the external memory of low capacity to store particular data, just can prevent his personal data of other user access at random, and then improve the convenience of service data safety.The user must provide corresponding external memory just to be able to the data in the access medium when unlocking electronic device once more.Can guarantee to have only the user that specific external memory is provided thus and just can carry out access the data in the cut section, thus the security that improves data access.Even if medium is hyperphoric to other electronic installation, that also having only provides corresponding when the unlocking electronic device external memory ability access is protected data, thereby guarantee data security.
For described feature and advantage of the present invention can be become apparent, preferred embodiment cited below particularly, and conjunction with figs. are described in detail below.
Description of drawings
Fig. 1 is the synoptic diagram of known file system.
Fig. 2 be according to one embodiment of the invention shown in the process flow diagram of data guard method.
Fig. 3 is the process flow diagram according to the data guard method shown in the another embodiment of the present invention.
Embodiment
In the hard disc archetecture of computer system, for convenient management can be that a plurality of cut sections use for different users with hard disk partition.And in the middle of first sector of each cut section (sector), mostly writing down the relevant data of cut section therewith, the number that cans be compared to the sub-directory that similarly is the type of file system, the position of root directory, corresponding this root directory, and the information such as position of sub-directory in hard disk.Because file system is the serial structure that belongs to tree-shaped, in case the data in first sector are destroyed, content that just can't this cut section of interpretation, the present invention is based on such file system characteristics and then develops a kind of data guard method of.In order to make content of the present invention more clear, below the example that can implement according to this really as the present invention especially exemplified by embodiment.
Fig. 2 be according to one embodiment of the invention shown in the process flow diagram of data guard method.In the present embodiment, several users share same electronic installation, and this electronic installation has comprised the medium with a partition table and several cut sections.For convenience of description, the hypothesis electronic installation is a computer system in following embodiment, and medium then is a hard disk.
Suppose that three employees such as user A, B, C must share described computer system, so in-company computer management personnel can be for example four cut sections with hard disk partition in advance.And be stored in the information such as initial and end position that partition table in the hard disk will write down each cut section.Then, the computer management personnel for example see through that (Basic Input/Output System, BIOS) interface that is provided is set user A, B, the C access right to each cut section by Basic Input or Output System (BIOS).For convenience of description, suppose that at this first cut section is to deposit shared data (for example operating system), so each user all there is the authority of these cut section data of access.Second and third, four cut sections then belong to user A, B, C respectively, can be used to the storage of personal file.
After the computer management personnel finished the setting of user to the access right of cut section, the account number cipher that user A, B, C can utilizations itself was logined computer system to operate.For instance, behind the account number cipher that computer system reception user A is imported, just can open first and second cut section and carry out access for user A.When person A to be used need not continue to use a computer system, computer system can be closed or make it enter dormant state.At this moment, shown in step 210, computer system receives the operational motion of user A to enter shutdown programm (or dormancy program).
Next shown in step 220, capture the pairing cut section inlet point of specific cut section and district's data.In the present embodiment, specific cut section for example is only to have user A that the cut section (i.e. second cut section) of authority access is arranged in hard disk.In more detail, this step at first will obtain the cut section inlet point of second cut section from partition table, then obtain the district's data (for example data in first sector of second cut section) that are recorded in second cut section according to the cut section inlet point.
Then in step 230, cut section inlet point and district's data are sent to external memory.In the present embodiment, external memory for example is carry-on dish or the floppy drive that is connected to computer system, does not limit its scope at this.What deserves to be mentioned is, in the present embodiment except with the cut section inlet point and the district data backup to external memory, also comprise cut section numbering, and be sent to external memory in the lump corresponding to the inspection sum total (check sum) of district's data with default symbol, second cut section.
After treating to have backed up to external memory, then shown in step 240, the cut section inlet point is removed from partition table corresponding to the cut section inlet point of user A and district's data.In view of the above, can't see through partition table and inquire about reference position and the end position of second cut section in hard disk.
In step 250, remove the district's data that originally are stored in the hard disk at last, and finish shutdown programm (or dormancy program).For instance, removing action is included in the hard disk with default symbol and replaces the content of distinguishing data.As previously mentioned, because in tree-shaped file system, first sector record of each cut section the root directory position of this cut section, sub-directory number and sub-directory location, therefore in case lacked first sectors of data, system can't judge that just which data is a catalogue and which data is a file, just can't carry out access to this cut section under these circumstances.
Further, after user A shuts down computer system's (or making it enter dormant state),, but can't see fully and any data that are stored in second cut section of access even if other user can login and operate this computer system.Continuing described embodiment, then is to illustrate when user A will reuse computer system in following embodiment, how to make computer system read the detailed step of second cut section smoothly.
See also Fig. 3, at first shown in step 310, when user A will open computer system, the external memory (for example carry-on dish) that at first must will store cut section inlet point and district's data was connected to computer system.In the present embodiment, external memory also comprises the cut section numbering that stores corresponding to the cut section inlet point, default symbol, and sums up corresponding to the inspection of district's data.
Then, in step 320, computer system receives the account number cipher that user A is imported, to carry out boot program (or dormancy awakening program).Behind the account number cipher that reception user A is imported, computer system just can be according to the previous setting of doing of computer management personnel, and second cut section of judging hard disk is the personal data in order to storage user A.Just second cut section only can be by the access of user A institute.
Next shown in step 330, check in second cut section that has the access of user A energy only whether record default symbol.Present embodiment is to check whether record default symbol in first sector of second cut section.If symbol do not preset in record; expression user A does not carry out as shown in Figure 2 data guard method during system last once shutting down computer; also may represent present access to be brand-new hard disk; therefore computer system will be shown in step 360; according to normal start flow process, be written into operating system to finish the boot action of computer system.
If in second cut section, record default symbol; expression user A once carried out the action of data protection during system last once shutting down computer; therefore in step 340, judge whether the cut section inlet point that is recorded in the external memory accords with second cut section with district's data.For instance, whether tranmittance accords with the order of second cut section in hard disk than the cut section numbering that external memory write down, and can judge just whether cut section inlet point and district's data accord with second cut section.
If both do not conform to, the expression user A may provide wrong external memory (for example providing other user's external memory), so computer system will be written into operating system and finish boot action shown in step 360.At this moment, the system though user A can use a computer can't see or any data that are stored in second cut section of access.
If the cut section inlet point all accords with second cut section with district's data, then shown in step 350, cut section inlet point and district's data are write hard disk.Further, at first the cut section inlet point is write to the partition table of hard disk, and, district's data are write in first sector of second cut section according to the cut section inlet point.And before the write area data, for example can be according to the inspection summation that is stored in the external memory, (Cyclic Redundancy Check, CRC) principle comes the correctness of district's data is confirmed, again it is write back hard disk after examine is errorless to utilize cyclic redundancy check (CRC).
Shown in step 360, operating system is loaded into computer system and finishes boot action at last.Thus, user A not only can operational computations machine system, can also successfully carry out access to the data in second cut section simultaneously.
Though be that the present invention will be described with computer system and hard disk in described embodiment, not in order to limit the scope of the invention.In other words, any electronic installation with medium all can utilize spirit of the present invention, to reach the purpose of the personal data of protecting the user.
In sum, the described data guard method of described embodiment has following advantage at least:
1. according to the characteristic of tree-shaped file system, when closing electronic installation with medium, with the user can access the district's data and the cut section inlet point of cut section back up to external memory.And will be stored in district's data and the deletion of cut section inlet point in the medium.Guarantee the data of other user in can't this cut section of access after logining electronic installation in view of the above, to safeguard the data security of many people shared electron device.
2. only need the external memory of low capacity to store particular data, just can prevent his personal data of other user access at random, and then improve the convenience of service data safety.
3. the user must provide corresponding external memory just to be able to the data in the access medium when unlocking electronic device once more.Can guarantee to have only the user that specific external memory is provided thus and just can carry out access the data in the cut section, thus the security that improves data access.
4. even if data medium is hyperphoric to other electronic installation, that also having only provides corresponding when the unlocking electronic device external memory ability access is protected, thereby guarantee data security.
Though the present invention discloses as above with preferred embodiment, so it is not in order to limit the present invention.The persond having ordinary knowledge in the technical field of the present invention, without departing from the spirit and scope of the present invention, when being used for a variety of modifications and variations.Therefore, protection scope of the present invention is as the criterion when looking claims person of defining.
Claims (19)
1. data guard method, an electronic installation that is used to have a medium, wherein, described medium comprises an at least one cut section and a partition table, it is characterized in that: described method comprises:
Enter a dormancy program or a shutdown programm;
Capture the pairing cut section inlet point of specific described cut section and district's data;
Transmit described cut section inlet point and described district data to an external memory;
Delete the described cut section inlet point in the described partition table; And
Remove the described district data in the described medium.
2. data guard method according to claim 1 is characterized in that: also comprised before the step that enters described dormancy program or described shutdown programm:
Receive a account number cipher that a user imported to login described electronic installation.
3. data guard method according to claim 1 is characterized in that: specific described cut section comprises and has the described cut section that a user who logins described electronic installation can limit access only.
4. data guard method according to claim 1 is characterized in that: the step that captures pairing described cut section inlet point of specific described cut section and described district data comprises:
Obtain the described cut section inlet point that is recorded in the described partition table; And
Obtain the described district data that are recorded in the described cut section according to described cut section inlet point.
5. data guard method according to claim 1 is characterized in that: the step that removes the described district data in the described medium comprises:
The content that replaces described district data with a default symbol.
6. data guard method according to claim 5 is characterized in that also comprising:
Transmit described default symbol to described external memory.
7. data guard method according to claim 1 is characterized in that also comprising:
The cut section numbering that transmits specific described cut section is to described external memory.
8. data guard method according to claim 1 is characterized in that also comprising:
Transmission checks that corresponding to one of described district data sum total is to described external memory.
9. data guard method, an electronic installation that is used to have a medium is characterized in that described method comprises:
Provide an external memory, in order to write down a cut section inlet point and district's data;
Receive a account number cipher that a user imported to carry out a dormancy awakening program or a boot program;
Judge described cut section inlet point and described district data whether accord with described user can access a cut section; And
During in described cut section, override described cut section inlet point and described district data in described cut section inlet point and described district data fit in described medium.
10. data guard method according to claim 9 is characterized in that: also comprise after the step that receives the described account number cipher that described user imported:
Confirm in described medium, to have only the described cut section of described user institute energy access according to described account number cipher.
11. data guard method according to claim 9 is characterized in that: described external memory also comprises the cut section numbering of record corresponding to described cut section inlet point.
12. data guard method according to claim 11 is characterized in that: judge described cut section inlet point and described district data whether accord with described user can access the step of described cut section comprise:
If described cut section numbering conforms to described cut section, judge that then described cut section inlet point and described district data fit are in described cut section.
13. data guard method according to claim 9 is characterized in that: override described cut section inlet point and described district data comprise in the step of described medium:
Write described cut section inlet point in a partition table of described medium; And
According to described cut section inlet point, write described district data to described cut section.
14. data guard method according to claim 9 is characterized in that: described external memory also comprises record one default symbol.
15. data guard method according to claim 14 is characterized in that: after the described account number cipher of reception is with the step of carrying out described dormancy awakening program or described boot program, also comprise:
Check whether described cut section records described default symbol; And
If described cut section records described default symbol, then judge described cut section inlet point and described district data whether accord with described user the described cut section of energy access.
16. data guard method according to claim 9 is characterized in that: described external memory also comprises the inspection sum total of record corresponding to described district data.
17. data guard method according to claim 16 is characterized in that: override described cut section inlet point and described district data comprise in the step of described medium:
Check the correctness of described district data according to described inspection sum total.
18. data guard method according to claim 9 is characterized in that: overriding described cut section inlet point and described district data also comprise after the step of described medium:
Be written into an operating system.
19. data guard method according to claim 9 is characterized in that also comprising:
Described cut section inlet point and described district data do not meet in described user can access described cut section the time, be written into an operating system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200710166881 CN101419575A (en) | 2007-10-23 | 2007-10-23 | Data protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200710166881 CN101419575A (en) | 2007-10-23 | 2007-10-23 | Data protection method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101419575A true CN101419575A (en) | 2009-04-29 |
Family
ID=40630370
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200710166881 Pending CN101419575A (en) | 2007-10-23 | 2007-10-23 | Data protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101419575A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105528307A (en) * | 2015-11-27 | 2016-04-27 | 联想(北京)有限公司 | Information processing method and electronic device |
| WO2016112567A1 (en) * | 2015-01-14 | 2016-07-21 | 宇龙计算机通信科技(深圳)有限公司 | Safety information management method, device and terminal |
| CN109669810A (en) * | 2018-10-18 | 2019-04-23 | 西安中兴新软件有限责任公司 | Information storage, storage card restoration methods and device, electronic equipment and storage medium |
| CN110147348A (en) * | 2019-04-01 | 2019-08-20 | 贵州力创科技发展有限公司 | A kind of long data block structured storage method and system |
-
2007
- 2007-10-23 CN CN 200710166881 patent/CN101419575A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016112567A1 (en) * | 2015-01-14 | 2016-07-21 | 宇龙计算机通信科技(深圳)有限公司 | Safety information management method, device and terminal |
| CN105847221A (en) * | 2015-01-14 | 2016-08-10 | 宇龙计算机通信科技(深圳)有限公司 | Security information management method and apparatus, and terminal |
| CN105847221B (en) * | 2015-01-14 | 2019-10-11 | 宇龙计算机通信科技(深圳)有限公司 | A kind of management method of security information, device and terminal |
| CN105528307A (en) * | 2015-11-27 | 2016-04-27 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN105528307B (en) * | 2015-11-27 | 2019-03-29 | 联想(北京)有限公司 | A kind of method and electronic equipment of information processing |
| CN109669810A (en) * | 2018-10-18 | 2019-04-23 | 西安中兴新软件有限责任公司 | Information storage, storage card restoration methods and device, electronic equipment and storage medium |
| CN109669810B (en) * | 2018-10-18 | 2023-07-14 | 西安中兴新软件有限责任公司 | Information storage method, information storage card recovery method, information storage device, information storage card recovery device, electronic equipment and storage medium |
| CN110147348A (en) * | 2019-04-01 | 2019-08-20 | 贵州力创科技发展有限公司 | A kind of long data block structured storage method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8041913B2 (en) | Data protection method | |
| CN103065102B (en) | Data encryption mobile storage management method based on virtual disk | |
| KR100749428B1 (en) | Distributed data archive device, system and recording medium | |
| CN105027498B (en) | A kind of method and its system and device by remotely separating and assembling data file realization secure storage | |
| JP4464340B2 (en) | Distributed data archiving system | |
| EP2161673A1 (en) | Method and system for protecting data | |
| EP2616942A1 (en) | Method and computing device for creating distinct user spaces | |
| CN101403993B (en) | Data security safekeeping equipment and method | |
| CN101082883A (en) | Storage apparatus having multiple layer encrypting protection | |
| CN2917099Y (en) | 'Three-tolerant' digital black box for mission-critical computer system | |
| CN104954534B (en) | Control method, device and the corresponding communication terminal of communication terminal | |
| US20080076355A1 (en) | Method for Protecting Security Accounts Manager (SAM) Files Within Windows Operating Systems | |
| CN108762782A (en) | A kind of safety access control method for encrypting solid state disk and BIOS chips based on safety | |
| CN104572762B (en) | The method and apparatus for deleting and restoring video file | |
| JP2006301849A (en) | Electronic information storage system | |
| CN106845261A (en) | A kind of method and device of destruction SSD hard disc datas | |
| CN101419575A (en) | Data protection method | |
| US20090271449A1 (en) | Work support apparatus for information processing device | |
| CN102801728B (en) | The management method of automatic login of client side and system | |
| CN108287988A (en) | Safety management system and method for mobile terminal document | |
| TWM356972U (en) | Portable storage device with local and remote identity recognition function | |
| CN106295362B (en) | A kind of chip self-destroying device and method | |
| CN102054148A (en) | File protection module and system | |
| EP3910485A1 (en) | Electronic data management device, electronic data management system, program therefor, and recording medium | |
| CN104182706B (en) | A kind of time slot scrambling, device and the mobile terminal of mobile terminal storage card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090429 |