CN103729600B

CN103729600B - Data security interacted system method for building up and data security interacted system

Info

Publication number: CN103729600B
Application number: CN201210384081.0A
Authority: CN
Inventors: 汪家祥; 杨潇
Original assignee: Zhongtian Aetna (beijing) Information Technology Co Ltd
Current assignee: The safe and sound Information Technology Co., Ltd in sky in Beijing
Priority date: 2012-10-11
Filing date: 2012-10-11
Publication date: 2016-03-23
Anticipated expiration: 2032-10-11
Also published as: CN103729600A

Abstract

The invention provides a kind of data security interacted system to set up and data access method, comprising: step 1, the first computing equipment send request of access to the second computing equipment; Step 2, the second computing equipment send to the first computing equipment and dispose inquiry, inquire whether the first computing equipment is agreed to dispose secure storage method of data and data safe reading method; Step 3, the first computing equipment send to the second computing equipment and dispose response; If it is agree to dispose that step 4 disposes response, second computing equipment is at the first computing equipment deploy secure storage method of data and read method, second computing equipment is that the first computing equipment disposes the first safety storage apparatus, and is added on by the first computing equipment in the register list of the second computing equipment; Step 5, the second computing equipment utilize safe read method to read the data of the first computing equipment needs from the second safety storage apparatus of its correspondence; Access response is sent to the first computing equipment with step 6, the second computing equipment.

Description

Data security interacted system method for building up and data security interacted system

Technical field

The present invention relates to computer safety field, particularly relate to a kind of data security interacted system and method for building up thereof.

Background technology

Existing electronic information security field comprises security of system, data security and device security three sub-fields.

In data security arts, data security is guaranteed in general employing below three kinds of technology: (1) data content safety technique, comprise data ciphering and deciphering technology and end-to-end data encryption technology, ensure that data content in storage and transmitting procedure is not illegally read; (2) data security transfer techniques, comprises and prevents illegal copies, printing or other output, ensures that data are in the safety used and in transfer process; (3) network interrupter technique, comprises network physical and blocks and arrange the technology such as network barrier.

According to correlation analysis, all harm at present for computing machine always effectively detect ability at most about 50%; Due to above-mentioned technology scarce capacity when tackling computer inner core virus, wooden horse, Loopholes of OS, system backdoor and people for divulging a secret, in fact all may there is malicious code in any computing equipment (such as computing machine, handheld communication devices etc.).Once malicious code enters terminal system, above-mentioned encryption technology, anti-copy technology and network interrupter technique are in this case by ineffective.Existing hacking technique can utilize system vulnerability or system backdoor penetrate above-mentioned safety technique and implant malicious code, and utilizes malicious code to obtain user data.Above-mentioned technology more cannot be taken precautions against the active of concerning security matters personnel or passively to be divulged a secret, and such as, internal staff can carry memory device, downloads required data and take away memory device from internal network or terminal, causes inside to be divulged a secret; Again such as, computing equipment can directly be taken away by internal staff.

To sum up, anti-copy technology cannot ensure that classified information is not illegally stored in terminal.Filtration Network Based cannot guarantee that classified information is not lost.Concerning security matters personnel cause by malicious code or malice instrument and divulge a secret, and also may divulge a secret because of secrecy-involved apparatus or out of control the causing of storage medium.

Summary of the invention

The object of this invention is to provide a kind of data security interacted system and method for building up thereof, improve data security.

According to one aspect of the invention, a kind of method for building up of data security interacted system is provided, comprises:

Step 1, computing equipment send registration request to registrar;

Step 2, registrar send apply for information to computing equipment, inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus, or inquire whether this computing equipment is agreed to dispose secure storage method of data and data safe reading method;

Step 3, computing equipment send response message to registrar; With

Step 4, registrar check described response message;

If this response is not for agreeing to adapter, registrar refuses the registration request of this computing equipment, terminates method for building up;

If this response is for agreeing to adapter, registrar disposes secure storage method of data and read method on the computing device, registrar is this computing equipment deployment secure memory device, and is added on by this computing equipment in the register list on registrar; Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

If the described hardware instruction of step a3 stores instruction, the destination address revised in described storage instruction is the corresponding memory address on described safety storage apparatus; With

Step a4, amended storage instruction is sent to hardware layer; Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

If the described hardware instruction of step b3 is reading command, obtain the source address in reading command;

Step b4, search the first mapped bitmap, and according to the reading address in the data modification reading command of the first mapped bitmap; Described first mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus; With

Step b5, amended reading command is sent to hardware layer.

Optionally, after step a3, secure storage method of data also comprises:

Upgrade the position that described in the first mapped bitmap, destination address is corresponding;

The first mapped bitmap upgraded is synchronized to described safety storage apparatus, saves as the second mapped bitmap; Described second mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus.

Optionally, before step a1, secure storage method of data also comprises:

Set up the communication of computing equipment and described safety storage apparatus;

The second mapped bitmap on described safety storage apparatus is synchronized to described computing equipment, saves as the first mapped bitmap.

Optionally, before step b4, data safe reading method also comprises:

Optionally, in step a1 and b1, described hardware instruction is from hardware mapping layer.

Optionally, in step 4, registrar also disposes instruction recombination method when running on the computing device, and during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Step c2, obtain machine instruction fragment to be scheduled; Before the last item instruction of the machine instruction fragment of described acquisition, insert the second jump instruction, the entry address of described second jump instruction directional order restructuring platform, generates restructuring instruction fragment; The value of the address register in the instruction operation environment of described buffer memory is revised as the address of restructuring instruction fragment;

Step c3, recover described instruction operation environment; The value of the address register in described instruction operation environment is amended value.

Steps d 1, cache instruction running environment;

Steps d 2, from first memory location read destination address, obtain machine instruction fragment to be scheduled according to destination address; The last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Steps d 3, preserve the destination address of the first jump instruction in the first memory location;

Steps d 4, the first jump instruction is replaced with the second jump instruction, generate and there is two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform; With

Steps d 5, recover described instruction operation environment, and jump to the second address and continue to perform.

Step e1, cache instruction running environment;

Step e2, the address obtaining the jump instruction of preserving in stack and parameter, calculate the instruction address that next is about to run, this address is the first address;

Step e3, treat scheduling machine instruction fragment according to the first address acquisition; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

Step e4, to replace the first jump instruction be pop down instruction, records address and the operand of the first jump instruction in pop down instruction;

Step e5, after pop down instruction, add the second jump instruction, generate and there is two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform; With

Step e6, recover described instruction operation environment, and jump to the second address and continue to perform.

According to a further aspect of the present invention, a kind of data access method being applied to the data security interacted system that said method is set up is provided, comprises:

Step 1, the first computing equipment send request of access to the second computing equipment;

Step 2, the second computing equipment send secure address apply for information to registrar, inquire whether described first computing equipment is secure address;

Step 3, registrar send secure address response message to the second computing equipment, inform whether this first computing equipment is secure address;

If step 4 obtains the response message of affirmative, the second computing equipment reads corresponding data according to request of access, and reading process is described data safe reading method; If obtain the response message of negating, the second computing equipment ignores described request of access; With

Step 5, the second computing equipment send access response to the first computing equipment.

Optionally, described data access method also comprises after step 5:

If step 6 first computing equipment needs to preserve data, then preserve data according to described secure storage method of data.

According to a further aspect of the present invention, provide a kind of data security interacted system to set up and data access method, comprising:

Step 2, the second computing equipment send to the first computing equipment and dispose inquiry, inquire whether the first computing equipment is agreed to dispose secure storage method of data and data safe reading method, or whether inquiry the first computing equipment is agreed to take over operated by this first computing equipment and the data of access by safety storage apparatus;

Step 3, the first computing equipment send to the second computing equipment and dispose response;

Step 4, the second computing equipment check described deployment response;

If disposing response is do not agree to dispose, the second computing equipment refuses the request of access of the first computing equipment, terminates described method;

If disposing response is agree to dispose, second computing equipment is at the first computing equipment deploy secure storage method of data and read method, second computing equipment is that the first computing equipment disposes the first safety storage apparatus, and is added on by the first computing equipment in the register list of the second computing equipment;

Step 5, the second computing equipment utilize safe read method to read the data of the first computing equipment needs from the second safety storage apparatus of its correspondence; With

Step 6, the second computing equipment send access response to the first computing equipment;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

If the described hardware instruction of step a3 stores instruction, the destination address revised in described storage instruction is the corresponding memory address on safety storage apparatus; With

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, described data security interacted system is set up and data access method also comprises after step 6:

If step 7 first computing equipment needs to preserve data, the first computing equipment utilizes secure storage method of data to be kept in the first safety storage apparatus of its correspondence by the visit data of acquisition.

Optionally, after step a3, secure storage method of data also comprises:

Optionally, before step a1, secure storage method of data also comprises:

Optionally, before step b4, data safe reading method also comprises:

Optionally, in step 4, the second computing equipment is the instruction recombination method when the first computing equipment deploy is run also, and during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

Optionally, described data security interacted system is set up and data access method also comprises between step 1 and step 2:

Step f1, the second computing terminal send to dispose to the first computing terminal and check message, and this message is for checking whether deployed secure storage method of data and data safe reading method on the first computing terminal;

Step f2, the first computing terminal send to dispose to the second computing terminal and check feedback message; With

According to this deployment, step f3, the second computing terminal check that feedback message determines the deployable state of the first computing terminal: if disposed, to be then added on by the first computing equipment in the register list of the second computing equipment and to perform step 5; If not yet disposed, continue to perform step 2.

According to another aspect of the present invention, provide a kind of data security interacted system to set up and data access method, comprising:

Step 2, the first computing equipment send to the second computing equipment and dispose advertisement message, and this message has deployed secure storage method of data and data safe reading method for representing on the first computing equipment;

Step 3, the second computing equipment, based on deployment advertisement message, determine that the deployable state of the first computing equipment is for dispose;

Step 4, the second computing equipment utilize safe read method to read from the second safety storage apparatus of its correspondence the data that the first computing equipment will access; With

Step 5, the second computing equipment send access response to the first computing equipment;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, described data security interacted system is set up and data access method also comprises after step 5:

If step 6 first computing equipment needs to preserve data, the first computing equipment utilizes secure storage method of data to be kept in the first safety storage apparatus of its correspondence by the visit data of acquisition.

Optionally, after step a3, secure storage method of data also comprises:

Optionally, before step a1, secure storage method of data also comprises:

Optionally, before step b4, data safe reading method also comprises:

Optionally, described deployment advertisement message is instruction recombination method when expression has deployed row on the first computing equipment also, and during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

Optionally, in step 3, if the second computing equipment does not receive deployment advertisement message, or based on deployment advertisement message, the second computing equipment can not determine that the deployable state of the first computing equipment is for dispose, then ignore described request of access.

According to a further aspect of the present invention, a kind of data security interacted system is provided, comprises: computing equipment, safety storage apparatus and registrar;

Wherein, described registrar is suitable for registering computing equipment, and is computing equipment distribution safety storage apparatus; Described computing equipment is suitable for being saved the data on safety storage apparatus or from safety storage apparatus by secure storage method of data and data safe reading method reading data;

Wherein, secure storage method of data comprises: step a1, reception hardware instruction; Step a2, analyze described hardware instruction; If the described hardware instruction of step a3 stores instruction, the destination address revised in described storage instruction is the corresponding memory address on described safety storage apparatus; With step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises: step b1, reception hardware instruction; Step b2, analyze described hardware instruction; If the described hardware instruction of step b3 is reading command, obtain the source address in reading command; Step b4, search the first mapped bitmap, and according to the reading address in the data modification reading command of the first mapped bitmap; Described first mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus; With step b5, amended reading command is sent to hardware layer.

Optionally, described registrar is suitable for:

Receive the registration request from computing equipment;

Apply for information is sent to computing equipment, inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus, or inquire whether this computing equipment is agreed to dispose secure storage method of data and data safe reading method;

Receive and check the response message from computing equipment; If response, for not agreeing to adapter, refuses the registration request of this computing equipment; If response, for agreeing to adapter, is disposed secure storage method of data and read method on the computing device, is this computing equipment deployment secure memory device, and is added on by this computing equipment in the register list on registrar.

Optionally, instruction recombination method when described registrar is also suitable for disposing operation on the computing device, during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

According to another aspect of the present invention, a kind of data security interacted system is provided, comprises: the first computing equipment, the second computing equipment and safety storage apparatus; Wherein, described first computing equipment and the second computing equipment are suitable for mutual registration, and are saved the data on safety storage apparatus or from safety storage apparatus reading data by secure storage method of data and data safe reading method;

Optionally, instruction recombination method when described first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

According to another aspect of the present invention, a kind of data security interacted system is provided, comprises:

Be positioned at the first computing equipment and first safety storage apparatus of the first LAN (Local Area Network);

Be positioned at the second computing equipment and second safety storage apparatus of the second LAN (Local Area Network); With

Virtual secure storage server, is positioned at the first LAN (Local Area Network) and the second LAN (Local Area Network);

Wherein, described virtual secure storage server is suitable for registration first and second computing equipment, and is that the first and second computing equipments distribute the first and second safety storage apparatus respectively; Described first and second computing equipments are suitable for data being kept at respectively on the first and second safety storage apparatus or respectively from the first and second safety storage apparatus reading data by secure storage method of data and data safe reading method;

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

According to a further aspect of the present invention, a kind of data security interacted system is provided, comprises:

Be positioned at the first computing equipment of the first LAN (Local Area Network);

Be positioned at the second computing equipment of the second LAN (Local Area Network); With

Centralized safe storage server, is positioned at the first LAN (Local Area Network) and the second LAN (Local Area Network), comprises the first safety storage apparatus and the second safety storage apparatus;

Wherein, described centralized safe storage server is suitable for registration first and second computing equipment, and is that the first and second computing equipments distribute the first and second safety storage apparatus respectively; Described first and second computing equipments are suitable for data being kept at respectively on the first and second safety storage apparatus or respectively from the first and second safety storage apparatus reading data by secure storage method of data and data safe reading method;

Step c1, cache instruction running environment;

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

According to a further aspect of the present invention, a kind of computing equipment is provided, comprises:

Dispose inquiry unit, be suitable for sending apply for information to the second computing equipment, inquire whether this second computing equipment is agreed to take over operated by this second computing equipment and the data of access by safety storage apparatus;

Program deployment unit, is suitable for disposing data black hole system to the second computing equipment, after deployment terminates, is also suitable for upgrading register list, this second computing equipment is added entering in register list; With

Black hole unit, is suitable for disposing data black hole system;

Wherein, data black hole system comprises data safe reading method and secure storage method of data;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, described black hole unit is also suitable for and the second computing equipment interaction data.

Optionally, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

Step c2, obtain machine instruction fragment to be scheduled; Before the last item instruction of the machine instruction fragment of described acquisition, insert the second jump instruction, the entry address of described second jump instruction directional order restructuring platform, generates restructuring instruction fragment; The value of the address register in the instruction operation environment of described buffer memory is revised as the address of restructuring instruction fragment; With

Steps d 1, cache instruction running environment;

Step e1, cache instruction running environment;

Optionally, do not agree to adapter if represented from the response message of the second computing equipment, dispose inquiry unit and be suitable for the registration request refusing this second computing equipment; If this response message agrees adapter, dispose inquiry unit and be suitable for start-up routine deployment unit.

Optionally, described computing equipment also comprises:

Dispose inspection unit, be suitable for sending to dispose to the second computing equipment checking message, check whether the second computing equipment has deployed data black hole system.

Optionally, if dispose inspection unit inspection to find that described second computing equipment has deployed data black hole system, dispose inspection unit and be also suitable for upgrading register list, this second computing equipment is added entering in register list; If dispose inspection unit to find that this second computing equipment not yet disposes data black hole system, start and dispose inquiry unit.

Optionally, described computing equipment also comprises:

I/O interface, couples with deployment inquiry unit, program deployment unit and black hole unit respectively, is suitable for being connected with the second computing equipment Serial Communication of going forward side by side.

Optionally, described computing equipment also comprises:

I/O interface, respectively with deployment inquiry unit, program deployment unit, black hole unit with dispose inspection unit and couple, is suitable for being connected with the second computing equipment Serial Communication of going forward side by side.

Compared with prior art, apparatus and method of the present invention improve the security of data.By instruction recombination method, the instruction of monitoring calculation equipment under instruction operation state; Data safe reading method coordinates secure storage method of data to make data be present in controlled safe range all the time; Because this locality will no longer be kept at any data under concerning security matters state, therefore prevent the active of concerning security matters personnel to divulge a secret and passively to divulge a secret.

Accompanying drawing explanation

Fig. 1 is the system level schematic diagram of computing equipment in prior art;

The process flow diagram of instruction recombination method when Fig. 2 is the operation provided in one embodiment of the invention;

Fig. 3 is the generative process schematic diagram of the restructuring instruction fragment provided in one embodiment of the invention;

Fig. 4 is the process flow diagram of step S102 in the Fig. 2 provided in another embodiment of the present invention;

The process flow diagram of instruction recombination method when Fig. 5 is the operation provided in another embodiment of the present invention, utilizes address correspondence table to preserve the instruction fragment of having recombinated;

The process flow diagram of instruction recombination method when Fig. 6 is the operation provided in another embodiment of the present invention, opens up separately the destination address that the first jump instruction is preserved in memory location;

The process flow diagram of instruction recombination method when Fig. 7 is the operation provided in another embodiment of the present invention, carries out dis-assembling and compilation process for on-fixed length instruction collection;

The process flow diagram of instruction recombination method when Fig. 8 is the operation provided in another embodiment of the present invention, substitutes with pop down instruction or record the first jump instruction;

The process flow diagram of instruction recombination method when Fig. 9 a is the operation provided in another embodiment of the present invention, during operation wherein instruction recombination method comprehensive before feature in multiple embodiment;

Operating process schematic diagram when instruction recombination method is run on X86 system processor when Fig. 9 b-9d is the operation in Fig. 9 a;

Instruction recombination apparatus structure schematic diagram when Figure 10 is the operation provided in one embodiment of the invention;

Instruction recombination apparatus structure schematic diagram when Figure 11 is the operation provided in another embodiment of the present invention;

Figure 12 is the instruction recombination cellular construction schematic diagram provided in another embodiment of the present invention;

Instruction recombination apparatus structure schematic diagram when Figure 13 is the operation provided in another embodiment of the present invention;

Instruction recombination apparatus structure schematic diagram when Figure 14 is the operation provided in another embodiment of the present invention;

Figure 15 is the system level schematic diagram of computing equipment in one embodiment of the invention;

Figure 16 is the process flow diagram of the initialization procedure in the data security access procedure provided in one embodiment of the invention;

Figure 17 is the Bitmap schematic diagram in one embodiment of the invention;

Figure 18 is the process flow diagram of the secure storage method of data provided in one embodiment of the invention;

Figure 19 is the process flow diagram of the data safe reading method provided in one embodiment of the invention;

Figure 20 is the process flow diagram of the data safety access method provided in one embodiment of the invention;

Figure 21 is the process flow diagram of the data safe transmission method provided in one embodiment of the invention;

Figure 22 is network environment schematic diagram in one embodiment of the invention;

Figure 23 is the structural representation of the data safety storage device provided in one embodiment of the invention;

Figure 24 is the structural representation of the data security reading device provided in one embodiment of the invention;

Figure 25 is the structural representation of data security storage and the reading device provided in one embodiment of the invention;

Figure 26 is the structural representation of data security storage and the reading device provided in another embodiment of the present invention;

Figure 27 is the network environment in one embodiment of the invention;

Figure 28 a is the sequential chart of the method for building up of the data security interacted system provided in one embodiment of the invention;

Figure 28 b is the sequential chart of the data access method of computing equipment in the data security interacted system that provides in one embodiment of the invention;

Figure 28 c is the sequential chart of the data access method of computing equipment in the data security interacted system that provides in another embodiment of the present invention;

Figure 28 d is the sequential chart of the data access method of computing equipment in the data security interacted system that provides in another embodiment of the present invention;

Figure 28 e is the sequential chart of the data access method of computing equipment in the data security interacted system that provides in another embodiment of the present invention;

Figure 28 f is the structural representation of the computing terminal provided in one embodiment of the invention;

Figure 28 g is the structural representation of the registrar provided in one embodiment of the invention;

Figure 28 h is the structural representation of the computing terminal provided in another embodiment of the present invention;

Figure 28 i is the structural representation of the computing terminal provided in another embodiment of the present invention;

Figure 29 is the structural representation of the safe interacted system of wide area network data provided in one embodiment of the invention;

Figure 30 is the structural representation of the safe interacted system of wide area network data provided in another embodiment of the present invention;

Figure 31 is the structural representation of the safe interacted system of network payment provided in one embodiment of the invention.

Embodiment

In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with accompanying drawing, the present invention is described in more detail.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.

analyze

Be illustrated in figure 1 the system level schematic diagram of computing equipment in prior art, from top to bottom, computing equipment comprises: user interface layer 101, application layer 102, operating system nucleus layer 103, hardware mapping layer 104 and hardware layer 105.

Wherein, user interface layer 101 is the interfaces between user and equipment, and user such as, is undertaken by this layer and equipment (i.e. other levels of equipment, application layer 102) alternately.Application layer 102 refers to application software layer.

Operating system nucleus layer 103 is a kind of logical layers based on software, be made up of software data and software code in general, compared to contact bed 101 and application layer 102, the code of operating system nucleus layer 103 has higher authority, can carry out complete operation to the various software and hardware resources in computer system.

Hardware mapping layer 104 is a kind of logical layers based on software, and it is generally operational in operating system nucleus layer, has the authority identical with inner nuclear layer.The operator scheme of dissimilar hardware is mainly mapped as a kind of unified high-level interface to solve by hardware mapping layer, upwards shields the singularity of hardware.In general, hardware mapping layer is mainly used by operating system nucleus layer 103, has carried out the operation to various hardware.

Hardware layer 105 refers to all hardware parts forming computer system.

User is operated this computing equipment by user interface layer 101 (being namely in the user interface of user interface layer 101) and obtains graphical or non-patterned feedback.Be operating as example with what preserve data, its process comprises:

(1) user interface 101 that provided by certain application program of user, selects " preservation " function;

(2) application layer 102 calls corresponding code, above-mentioned user operation is converted into the interface function that one or more operating system provides, and namely " preservation " operation transforms into calling the interface function that sequence of operations system kernel layer 103 provides;

(3) each operating system interface function is converted into the interface function that one or more hardware mapping layer 104 provides by operating system nucleus layer 103; Namely " preservation " operation transforms into calling the interface function that a series of hardware mapping layer 104 provides;

(4) each interface function oneself provided is converted into one or more hardware instruction and calls by hardware mapping layer 104; Finally,

(5) hardware layer 105 (such as CPU) receives above-mentioned hardware instruction and calls and perform hardware instruction.

For this computing equipment, after it is invaded by malicious code, malicious code can obtain desired data from computing equipment, and after stealing data, its behavior pattern comprises:

(1) behavior is stored: target data content is saved in certain memory location;

(2) transport behavior: by the data stolen directly by Internet Transmission to the destination address of specifying.

In addition, the behavior pattern using the personnel of above-mentioned computing equipment or information equipment to carry out divulging a secret inside comprises:

(1) initiatively divulge a secret: concerning security matters personnel are copied by active, penetrate security system by malice instrument, insert the means such as wooden horse directly obtains confidential data, and divulges a secret;

(2) passively to divulge a secret: the computer of concerning security matters librarian use or storage medium are not good at losing because of keeping or improper use (such as concerning security matters equipment directly being accessed Internet) causes divulges a secret.

The above-mentioned multiple mode of divulging a secret makes the data security of this computing equipment to ensure.

Inventor finds after deliberation, and in computer run process, the address of the machine instruction that next will run preserved by cpu address register, the address that such as pc (programcounter, programmable counter) points to; Obtain the data in this register, and according to the address that these data are pointed to, read the lower one or more of machine instruction that will run, the object of catching machine instruction when running can be realized.

And, treat that dispatch command fragment (such as inserts extra jump instruction wherein by what revise that described one or more machine instruction forms, be called instruction recombination herein), make to regain CPU right of execution before this section of instruction operation is complete, and again catch the next one and treat dispatch command fragment, the object of catching machine instruction when running continuously can be realized.

Further, getting after dispatch command fragment, can also analyze machine instruction wherein and process, thus when not only can realize running, instruction be caught, recombinated, and can also realize the management to predetermined target instruction target word.

instruction recombination or instruction tracing

Based on above-mentioned analysis and discovery, provide instruction recombination method when one is run in one embodiment of the present of invention, when the method is run, be called instruction recombination platform.As shown in Figure 2, the method S100 comprises:

S101, cache instruction running environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S102, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S103, before described first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform, after namely performing this second jump instruction, performs step S101;

S104, is revised as the second address by the first address in described address register; With

S105, recovers described instruction operation environment.

In the present embodiment, during above-mentioned operation, instruction recombination method performs on the CPU of X86-based; In other embodiments of the invention, during above-mentioned operation, instruction recombination method also can perform on MIPS processor or the processor based on ARM framework.One of ordinary skill in the art will appreciate that, said method can the instruction process unit of any other type in computing equipment perform.

Wherein, in step S101, described cache instruction running environment can comprise:

In buffer memory stack, be pressed into CPU machine instruction run relevant register data.

In other embodiments of the invention, buffer memory or hold instruction running environment also can specify, acquiescence other caching data structure and address in carry out.

In step S101, described address register can be cpu address register.

In step s 102, in machine instruction fragment to be scheduled, the last item instruction is the first jump instruction, only have a jump instruction in machine instruction fragment to be scheduled, machine instruction fragment to be scheduled comprises described first jump instruction and the machine instruction all to be scheduled before it.

In step s 103, front in the last item instruction (i.e. the first jump instruction JP1) of described machine instruction fragment to be scheduled, insert the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform, generates and has the second address A " restructuring instruction fragment.

Inserting the second jump instruction is in order to when CPU runs described machine instruction fragment to be scheduled, before JP1 runs, restart to run described instruction recombination platform, like this, instruction recombination platform just can continue to analyze next section of machine instruction fragment to be scheduled, thus has carried out the restructuring to instruction during all operation by method iterates.

In step S105, recovering described instruction operation environment can comprise:

The register data that instruction operation is relevant is ejected from buffer memory stack; Wherein the destination address of the jump instruction of address register preservation has been revised as with the second address A " is the new machine instruction fragment of entry address.

After step S105 performs, recovered described instruction operation environment, instruction recombination platform completes and once runs, and CPU performs described restructuring instruction fragment, and namely CPU will perform with the second address A " is the machine instruction fragment of entry address.When restructuring instruction fragment performs the second jump instruction JP2, described instruction recombination platform obtains CPU control (namely performing step S101) again, now the destination address of the first jump instruction obtains, this destination address is the first new address, then re-executes step S101 ~ step S105.

Below in conjunction with Fig. 3, further illustrate the generative process of instruction recombination process and restructuring instruction fragment.

Fig. 3 comprises machine instruction set 401 (being such as loaded into the machine instruction of certain program in internal memory) to be scheduled, wherein instruction 4012 is the first jump instruction, if the destination address of instruction 4012 is variable, then first presumptive instruction 4012 points to machine instruction 4013; Machine instruction fragment 4011 is constituted from the machine instruction all to be scheduled comprising the first jump instruction 4012 before the first jump instruction 4012.

(instruction recombination platform 411), first cache instruction running environment after instruction recombination method is run; Then (such as copying) machine instruction fragment 4011 is obtained; Instruction recombination platform inserts the second jump instruction 4113, second jump instruction 4113 directional order restructuring platform 411 itself before the first jump instruction 4012, thus generates restructuring instruction fragment 4111, and the address of restructuring instruction fragment is A "; The value A of the address register in the instruction operation environment of described buffer memory is revised as address A "; Finally recover described instruction operation environment.

After instruction recombination platform 411 terminates operation, CPU performs with A, and " be the restructuring instruction fragment of address, when performing to the second jump instruction 4113, instruction recombination platform 411 can regain CPU control.Now, the destination address 4013 of the first jump instruction 4012 generates, this destination address is the first new address, instruction recombination platform restarts to perform step S101 ~ step S105 according to this destination address, continue to analyze follow-up machine instruction to be scheduled, thus the method for instruction recombination when completing operation.

According to a further embodiment of the invention, as shown in Figure 4, in step s 102, obtain machine instruction fragment to be scheduled can comprise:

S1021, reads machines instruction address to be scheduled from address register (such as cpu address register);

S1022 is searched targets with jump instruction, retrieves machine instruction and the subsequent instructions thereof of the sensing of described machines instruction address, until find first jump instruction (being called the first jump instruction); Described jump instruction refers to change the machine instruction that machine instruction order performs flow process, comprises Jump instruction, Call instruction, Return instruction etc.;

S1023, using described first jump instruction and the machine instruction all to be scheduled before it as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in instruction recombination platform, or the memory location that other instruction recombination platforms can read.

In other embodiments of the invention, obtaining machine instruction fragment to be scheduled also can with non-jump instruction (such as writing instruction, reading command etc.) for searched targets, further cutting machine instruction fragment.Due in such embodiments, also need to ensure that instruction recombination platform still can obtain CPU control or right of execution after performing until scheduling jump instruction, so jump instruction needs as the second searched targets, thus obtains the less machine instruction fragment of granularity.

According to a further embodiment of the invention, between step S102 and S103, during described operation, instruction recombination method can also comprise:

Utilize instruction set to mate described machine instruction fragment to be scheduled, obtain target machine instructions; Described instruction set comprises X86, MIPS and ARM instruction set; With

According to predetermined mode, revise described target machine instructions.

Instruction monitoring when not only can complete operation, can also carry out other processing procedures, related embodiment will be described in detail below.

Further, in order to improve the efficiency of instruction recombination method, can will treat that dispatch command obtains in step s 102 in the lump pointed by fixed address jump instruction.

According to a further embodiment of the invention, instruction recombination method when providing one to run, the method S300 comprises:

S301, cache instruction running environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S302, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S303, before described first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform, after namely performing this second jump instruction, performs step S301;

S304, is revised as the second address by the first address in described address register;

S305, recovers described instruction operation environment.

Compared with the method provided in embodiment before, difference is: in step s 302, can comprise many jump instructions in machine instruction fragment to be scheduled; Only have an argument address jump instruction in jump instruction, be called the first jump instruction.

It should be noted that, jump instruction can comprise two classes, argument address jump instruction and constant address jump instruction, wherein, the jump address of constant address jump instruction is constant (i.e. immediate), and calculates in the machine instruction of the argument address in argument address jump instruction generally before jump instruction.

Similarly, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; Machine instruction fragment to be scheduled comprises described first jump instruction and the machine instruction all to be scheduled before it.

Further, because the machine instruction generated in program operation process has very high repeatability, in order to improve the efficiency of instruction recombination method, saving the computational resource (cpu resource) of computing equipment, a small amount of storage space can be utilized preserve restructuring instruction fragment.

According to a further embodiment of the invention, instruction recombination method when providing one to run.As shown in Figure 5, the method S200 comprises:

S201, cache instruction running environment; Described instruction operation environment comprises address register (such as cpu address register) (in general, instruction operation environment refers to all registers of CPU, comprise general-purpose register, status register, address register etc.), the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S202, utilizes described first address search address correspondence table; For what represent that the first address A points to, described address correspondence table treats whether dispatch command fragment has the restructuring instruction fragment of having preserved, the data of address correspondence table are address pair;

S203, if find corresponding record, is revised as the address A ' of the restructuring instruction fragment of having preserved by described first address A (i.e. the value A of address register);

S204, if do not find corresponding record, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S205, before described first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform, after namely performing this second jump instruction, performs step S201;

S206, is revised as the second address by the first address in described address register;

S207, recovers described instruction operation environment.

Further, step S206 also comprises: utilize the second address A " with the first address A described address is corresponding show in set up address to (or one is recorded).There is address A " restructuring instruction fragment be stored in restructuring instruction platform, for reusing.

This method utilizes address correspondence table, saves computational resource, improves the efficiency of instruction recombination when running.

Above-mentioned recombination method is generally by treating that inserting required jump instruction among dispatch command fragment completes, and in other embodiments of the present invention, also can complete the generation of restructuring instruction fragment by other means.Introduce in detail below in conjunction with embodiment.

According to a further embodiment of the invention, provide a kind of instruction recombination method, open up separately the destination address that the first jump instruction is preserved in memory location.As shown in Figure 6, the method S110 comprises:

S111, cache instruction running environment;

S112, reads destination address from the first memory location, obtains the machine instruction fragment of waiting to dispatch (namely pending) according to destination address; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

S113, preserves the destination address of the first jump instruction in the first memory location;

S114, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform, after namely performing this second jump instruction, performs step S111;

S115, recovers described instruction operation environment, and jumps to the second address continuation execution.

Wherein, in step S112, obtaining machine instruction fragment to be scheduled can comprise:

S1121, be searched targets with jump instruction, retrieve machine instruction and subsequent instructions thereof that described machines instruction address points to, until find first jump instruction (being called the first jump instruction);

Described jump instruction refers to change the machine instruction that machine instruction order performs flow process, comprises Jump instruction, Call instruction, Return instruction etc.;

S1122, using described first jump instruction and the machine instruction all to be scheduled before it as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in instruction recombination platform, or the memory location that other instruction recombination platforms can read.

In step S113, the destination address parameter of destination address and jump instruction, it can be immediate or variable parameter, preserves its value for immediate, preserves its address/quote for variable parameter.When processor is about to perform certain jump instruction, its jump target addresses is complete as calculated.

According to a further embodiment of the invention, provide a kind of instruction recombination method, carry out dis-assembling and compilation process for on-fixed length instruction collection.As shown in Figure 7, the method comprises:

S121, cache instruction running environment;

S122, reads destination address from the first memory location, obtains treat dispatch command fragment according to destination address:

From destination address, obtain one section of machine instruction to be scheduled, this section of machine instruction is carried out dis-assembling, and dis-assembling result is undertaken processing and mates whether wherein comprise jump instruction by a lexical analyzer, if do not comprised, continue to obtain next section of machine instruction to be scheduled and repeat aforesaid operations, until match jump instruction, this jump instruction is the first jump instruction; First jump instruction and all instruction compositions before treat dispatch command fragment;

S123, preserves the destination address of the first jump instruction in the first memory location;

S124, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform; In the present embodiment, this first jump instruction and the second jump instruction are all assembly instruction;

S125, generates corresponding machine code by the assembly code after the restructuring generated by assembler; With

S126, recovers described instruction operation environment, and jumps to the second address continuation execution.

According to a further embodiment of the invention, provide a kind of instruction recombination method, substitute with pop down instruction or record the first jump instruction.As shown in Figure 8, the method S130 comprises:

S131, cache instruction running environment;

S132, obtains address and the parameter of the jump instruction of preserving in stack, and calculate the instruction address that next is about to run, this address is the first address;

S133, waits the machine instruction fragment of dispatching/performing according to the first address acquisition; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

S134, replacing the first jump instruction is pop down instruction, records address and the operand of the first jump instruction in pop down instruction;

S135, adds the second jump instruction after pop down instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform; With

S136, recovers described instruction operation environment, and jumps to the second address continuation execution.

One of ordinary skill in the art will appreciate that, the function provided in each embodiment above-mentioned or feature can be superimposed upon in same embodiment according to the actual needs, and just combination provides no longer one by one here, only gives one example below and carries out exemplary illustration.

According to a further embodiment of the invention, a kind of instruction recombination method is provided, as illustrated in fig. 9, comprises:

(1) cache instruction running environment, described instruction operation environment comprises whole CPU environment and memory environment; Obtain address and the parameter of the jump instruction of preserving in stack, calculate the instruction address (zero-address) that next article is about to run, the first address is set to zero-address;

(2) utilize the first address to search address correspondence table (also referred to as address search table), if find record, recover the instruction operation environment of institute's buffer memory, and jump to corresponding address (address in the correspondence table of address is internal) the continuation execution found;

(3) if do not find record, obtain pending machine instruction fragment from the first address, the ending of instruction fragment is jump instruction (jump instruction address is the 3rd address);

(4) from the first address, machine code is carried out dis-assembling, and dis-assembling result is processed by a lexical analyzer, generate the assembly code after restructuring, until the 3rd address;

(5) judge whether the code at the 3rd address place can process further, namely the destination address of the jump instruction at the 3rd address place be known quantity (such as, immediate), if passable, first address is set to the 3rd address (or destination address of the 3rd address), restarts to perform (3);

(6) if cannot, assembly code after the restructuring generated is last, add original address position (i.e. the value of the 3rd address) and the operand of current 3rd address of pop down instruction record, and after pop down instruction, add the instruction jumping to restructuring platform and start, step (1) namely can be made again to start to perform;

(7) assembly code after the restructuring generated is generated corresponding machine code by assembler, and be stored in the address (the second address) distributed in restructuring address space, and the second address and zero-address are stored in the correspondence table of address with the form that corresponding address is right;

(8) recover environment, and jump to the second address continuation execution.

Conveniently understand, the existing method run this embodiment provide with X86 system processor is described, and with reference to figure 9b-9d, an instantiation procedure of instruction recombination is as follows:

(1) after platform of recombinating is started working, first buffer memory present instruction running environment; Obtain address and the parameter of the jump instruction of preserving in stack, calculate the instruction address that next is about to run, this address is the first address.

(2) utilize the first address to search address correspondence table, if find record, recover the instruction operation environment of institute's buffer memory, and jump to corresponding address continuation execution (Fig. 9 b) found; If do not find record, proceed as follows (Fig. 9 c).

(3) machine code, from the first address, is carried out dis-assembling by-(6), and dis-assembling result is processed by a lexical analyzer, generates restructuring code;

This paragraph assembly code is retrieved, checks whether and comprise jump instruction;

Analyze first jump instruction, judge whether its jump target addresses is known quantity, if known quantity, then continue to find, until find the jump instruction of Article 1 argument address, be called the first jump instruction, the address of this instruction is the 3rd address;

Original address position and the operand of the first redirect of current 3rd address of pop down instruction record is finally added at the assembly code (from the first address to the machine instruction of the 3rd address, not comprising the first jump instruction) generated;

The instruction (the second jump instruction) jumping to restructuring platform and start is added after pop down instruction.

(7) assembly code generated is generated corresponding machine code by assembler, and be stored in the address (the second address) distributed in restructuring address space;

Second address and zero-address are stored in the correspondence table of address with the form that corresponding address is right.

(8) recover environment, and jump to the second address continuation execution.

(Fig. 9 d) processor starts to perform two address instruction, and the jump instruction in instruction fragment to be reorganized before has replaced with the instruction of pop down instruction and redirect duplicate removal group platform, and the main object of pop down instruction provides input parameter to restructuring platform.(Fig. 9 d) is when performing to the second jump instruction, restructuring platform is performed again, carries out above-mentioned step (1), by checking address and the parameter of the jump instruction of preserving in pop down instruction, calculate the instruction address that next is about to run, this address is the first address.

Process afterwards and the circulation of said process.

Further, in order to namely perform instruction monitoring when running after system startup, when realizing the operation of computing equipment operation phase, instruction is monitored entirely, in another embodiment of the present invention, load instruction during amendment computer starting, instruction recombination platform provided by the invention is called before load instruction performs, instruction recombination method when performing above-mentioned operation, because load instruction jump address is known fixed address, instruction recombination platform can establish address correspondence table and this Article 1 record in advance, and establishes first restructuring instruction fragment.

Further, according to a further embodiment of the invention, a kind of computer-readable medium is provided, wherein, the executable program code of computing machine is stored, the step of instruction recombination method when described program code is for performing the operation provided in above-described embodiment in described computer-readable recording medium.

Further, according to a further embodiment of the invention, a kind of computer program is provided, wherein, the step of instruction recombination method when described computer program comprises the operation provided in above-described embodiment.

for the instruction recombination of data security

During above-mentioned operation, instruction recombination method provides the foundation for further application.Various instruction recombination method when carrying out for different machines instruction the operation processed is provided in the following examples, comprising storage/reading command, I/O instruction, and Internet Transmission instruction:

(1) storage/reading command refers to all instructions of storing/read External memory equipment (including but not limited to disk, mobile storage, optical storage) or the packing of orders in computer system.

(2) I/O instruction refers to the instruction of the address space of all operations peripheral hardware in computer system, and these instructions finally can affect peripheral hardware input/output state, data, signal etc.Here I/O Address space includes but not limited to (I/O address space, memory-mapped I/O device address space).

(3) Internet Transmission instruction refers to all instructions affecting the network equipment in computer system, and these instructions finally can affect all correlation properties such as transmission, state, data, signal of computer system network equipment.

Wherein, common factor can be there is between storage/reading command and I/O instruction.

According to one embodiment of the invention, instruction recombination method S400 when providing a kind of operation for storage/reading command, comprising:

S401, cache instruction running environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S402, utilizes described first address search address correspondence table;

S403, if find corresponding record, is revised as the address A ' of the restructuring instruction fragment of having preserved by described first address A;

S404, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S4041, obtains and treats scheduling machine instruction fragment; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; Identical with step S102;

S4042, treats scheduling machine instruction fragment, obtains assembly instruction fragment described in dis-assembling;

S4043, searched targets assembly instruction, described target assembly instruction is storage/reading command;

S4044, if retrieve storage/reading command of obtaining in described assembly instruction fragment, amendment storage wherein and to read address be address on safety storage apparatus; Alter mode can be the direct mapping between home address space and safety storage apparatus address space;

S4045, before described first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S4046, collect the assembly instruction fragment revise, and generation has address A " restructuring machine instruction fragment;

S4047, utilizes restructuring machine instruction fragment address A " with the first address A described address is corresponding show in set up one and record (or address to), there is address A " restructuring instruction fragment be stored in and recombinate in instruction platform;

S4048, is revised as the second address A by the first address A ";

S405, recovers described instruction operation environment.

The present embodiment carries out instruction process after dis-assembling step; In other embodiments, dis-assembling and corresponding compilation step can also be omitted, direct handling machine instruction.

In step S4044, operate for storage and reading command, amendment target wherein and source address, to realize storing reorientation/redirected, guarantee data security.The method of safe storage/reading more specifically will be introduced in the following examples provided by the invention.

According to one embodiment of the invention, instruction recombination method S500 when providing a kind of operation for I/O instruction, comprising:

S501, cache instruction running environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S502, utilizes described first address search address correspondence table;

S503, if find corresponding record, is revised as the address A ' of the restructuring instruction fragment of having preserved by described first address A;

S504, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S5041, obtains and treats scheduling machine instruction fragment; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; Identical with step S102;

S5042, machine instruction fragment described in dis-assembling, obtains assembly instruction fragment;

S5043, searched targets assembly instruction, described target assembly instruction is I/O instruction;

S5044, if retrieve the I/O instruction obtained in described assembly instruction fragment, all stops the input instruction in described I/O instruction;

S5045, before described first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S5046, collect the assembly instruction fragment revise, and generation has address A " restructuring machine instruction fragment;

S5047, utilizes restructuring machine instruction fragment address A " with the first address A described address is corresponding show in set up one and record (or address to), there is address A " restructuring instruction fragment be stored in and recombinate in instruction platform;

S5048, is revised as the second address A by the first address A ";

S505, recovers described instruction operation environment.

In step S5044, operate for I/O instruction, the input instruction in described I/O instruction is all stoped, to realize the write operation thoroughly blocked local hardware device; In conjunction with the storage instruction process process in a upper embodiment, can also realize, to the prevention of the input instruction except storing instruction, the data security in computing equipment can being improved.

According to one embodiment of the invention, instruction recombination method S600 when providing a kind of operation for Internet Transmission instruction, comprising:

S601, cache instruction running environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

S602, utilizes described first address search address correspondence table;

S603, if find corresponding record, is revised as the address A ' of the restructuring instruction fragment of having preserved by described first address A;

S604, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S6041, obtains and treats scheduling machine instruction fragment; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; Identical with step S102;

S6042, treats scheduling machine instruction fragment, obtains assembly instruction fragment described in dis-assembling;

S6043, searched targets assembly instruction, described target assembly instruction is Internet Transmission instruction;

S6044, if retrieve the Internet Transmission instruction obtained in described assembly instruction fragment, remote computing devices corresponding to the destination address in described Internet Transmission instruction is checked whether to be secure address (i.e. accessible address), if not, stop described Internet Transmission instruction;

S6045, before described first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S6046, collect the assembly instruction fragment revise, and generation has address A " restructuring machine instruction fragment;

S6047, utilizes restructuring machine instruction fragment address A " with the first address A described address is corresponding show in set up one and record (or address to), there is address A " restructuring instruction fragment be stored in and recombinate in instruction platform;

S6048, is revised as the second address A by the first address A ";

S605, recovers described instruction operation environment.

In step S6044, stop/refuse Internet Transmission instruction the transfer instruction of itself to be replaced with " instruction of cancellation current operation " by inserting one to many instructions in code in the reassembled or directly to replace with illegal command, depending on the difference of hardware.

In step S6044, operate for Internet Transmission instruction, check remote computing devices corresponding to the destination address in described Internet Transmission instruction whether to be secure address; If not, stop described Internet Transmission instruction, to realize Security Data Transmission.

Address correspondence table in above-mentioned multiple embodiment is set up by instruction recombination platform and safeguards, can be the structure of arrays of regular length, also can be the list structure of variable-length, can also be that other store the suitable data structure of binary data.Preferably, its adjustable in length, and it takes up room and can discharge.The operation of release address correspondence table can be carried out at random, also can carry out in the cycle.In certain embodiments, described address correspondence table can also comprise record field Time Created, for when Free up Memory deletion record, according to the length deletion record of Time Created.In certain embodiments, described address correspondence table can also comprise record access times field, searching in the correspondence table step of address, if found, will change the value of this field; Described record access times field also for when Free up Memory deletion record, according to how many deletion records of access times.

In addition, those skilled in the art will appreciate that above-mentioned instruction recombination method (when namely running instruction recombination method) can use the method for software or hardware to realize:

(1) if with software simulating, then the step that said method is corresponding stores on a computer-readable medium with the form of software code, becomes software product;

(2) if with hardware implementing, the step that then said method is corresponding describes with hardware identification code (such as Verilog), and solidifies (through processes such as physical Design/placement-and-routing/wafer factory flows) and become chip product (such as processor products).To introduce in detail below.

instruction recombination device

Corresponding with instruction recombination method S100 during above-mentioned operation, according to one embodiment of the invention, instruction recombination device when providing one to run.As shown in Figure 10, instruction recombination device 500 comprises:

Instruction operation environment buffer memory and recovery unit 501, be suitable for buffer memory and recover instruction operation environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by this address register, and this address is the first address;

Instruction fetch unit 502, is suitable for, after unit 501 cache instruction running environment, obtaining machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Instruction recombination unit 503, be suitable for resolve, revise described machine instruction fragment to be scheduled, comprising: before the first jump instruction, insert the second jump instruction, generate there is the second address A " restructuring instruction fragment; Described second jump instruction indicator device 500, after namely performing this second jump instruction, instruction operation environment buffer memory and the recovery unit 501 of device 500 process next time; With

Address replacement unit 504, is suitable for the address of the value of the address register in the instruction operation environment of described buffer memory being revised as restructuring instruction fragment.

Described instruction operation environment buffer memory and recovery unit 501 respectively and instruction acquiring unit 502 and address replacement unit 504 couple, described instruction fetch unit 502, and instruction recombination unit 503 and address replacement unit 504 couple successively.

Device 500 implementation is as follows:

First, instruction operation environment buffer memory and recovery unit 501 cache instruction running environment, such as, be pressed into the register data that instruction operation is relevant in buffer memory stack;

Then, described instruction fetch unit 502 reads machines instruction address to be scheduled from cpu address register 511, and from described machines instruction address read machine instruction fragment, the instruction of described machine instruction fragment the last item is jump instruction;

Such as, instruction fetch unit 502 reads machines instruction address to be scheduled from cpu address register 511; Be searched targets with jump instruction, retrieve the machine instruction that described machines instruction address is corresponding, until find first jump instruction; Described jump instruction comprises such as Jump instruction and Call instruction etc.; Using described first jump instruction and all machine instructions before thereof as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in device 500, or the memory location that other device 500 can read;

Then, instruction recombination unit 503, before the last item instruction of the machine instruction fragment of described acquisition, inserts the second jump instruction, the entry address of described second jump instruction indicator device 500, generate there is address A " restructuring instruction fragment;

Then, the value A of the address register in the instruction operation environment of described buffer memory is revised as address A by address replacement unit 504 ";

Finally, instruction operation environment buffer memory and recovery unit 501 recover described instruction operation environment, such as, from buffer memory stack, eject the register data that instruction operation is relevant.

Corresponding with instruction recombination method S300 during above-mentioned operation, described instruction fetch unit 502 can using first non-constant address jump instruction as the first jump instruction.To improve the execution efficiency of reconstruction unit.

Corresponding with instruction recombination method S200 during above-mentioned operation, according to a further embodiment of the invention, instruction recombination device when providing a kind of operation, when can make full use of operation, instruction repeatability, raises the efficiency, saves computational resource.

As shown in figure 11, instruction recombination device 600 comprises:

Instruction operation environment buffer memory and recovery unit 601, be suitable for buffer memory and recover instruction operation environment; Described instruction operation environment comprises address register, and the address of the machine instruction that next will run preserved by address register, and this address is the first address;

Instruction fetch unit 602, is suitable for obtaining machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Instruction recombination unit 603, is suitable for treating scheduling machine instruction fragment described in parsing, amendment, comprises: before the first jump instruction, insert the second jump instruction, have two address restructuring instruction fragment to generate; Described second jump instruction indicator device 600, after namely performing this second jump instruction, instruction operation environment buffer memory and the recovery unit 601 of device 600 process next time;

Address replacement unit 604, is suitable for the address of the value of the address register in the instruction operation environment of described buffer memory being revised as restructuring instruction fragment; With

Instruction retrieval unit 605, is suitable for utilizing described first address search address correspondence table; For what represent that the first address A points to, described address correspondence table treats whether dispatch command fragment has the restructuring instruction fragment of having preserved, the data of address correspondence table are address pair;

If find corresponding record, instruction retrieval unit 605 is suitable for call address replacement unit 604, described first address A (i.e. the value A of address register) is revised as the address A ' of the restructuring instruction fragment of having preserved; If do not find corresponding record, instruction retrieval unit is suitable for utilizing the second address A " with address A described address is corresponding show in set up a record.

Described instruction operation environment buffer memory and recovery unit 601 respectively and instruction retrieval unit 605 and address replacement unit 604 couple, described instruction retrieval unit 605 is and instruction acquiring unit 602 respectively, instruction recombination unit 603 and address replacement unit 604 couple, and described instruction fetch unit 602, instruction recombination unit 603 and address replacement unit 604 couple successively.

The implementation of device 600 is as follows:

First, instruction operation environment buffer memory and recovery unit 601 cache instruction running environment, such as, be pressed into the register data that instruction operation is relevant in buffer memory stack;

Then, instruction retrieval unit 605 utilizes the value A of the address register in the instruction operation environment of described buffer memory to search address correspondence table;

If find corresponding record, instruction retrieval unit 605 call address replacement unit 604, the value A of described address register is revised as the value A ' in record by address replacement unit 604; Address replacement unit 604 call instruction running environment buffer memory and recovery unit 602, to recover described instruction operation environment, from buffer memory stack, namely eject the register data that instruction operation is relevant, this reorganization operation terminates;

If do not find corresponding record, described instruction fetch unit 602 is from cpu address register read machines instruction address to be scheduled, and from described machines instruction address read machine instruction fragment, the instruction of described machine instruction fragment the last item is jump instruction.Concrete, instruction fetch unit 602 is from cpu address register read machines instruction address to be scheduled; Be searched targets with jump instruction, retrieve the machine instruction that described machines instruction address is corresponding, until find first jump instruction; Described jump instruction comprises Jump instruction and Call instruction etc.; Using described first jump instruction and all machine instructions before thereof as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in device 600, or the memory location that other device 600 can read;

Then, instruction recombination unit 603, before the last item instruction of the machine instruction fragment of described acquisition, inserts the second jump instruction, the entry address of described second jump instruction indicator device 600, generate there is address A " restructuring instruction fragment;

Then, instruction recombination unit 603 is by address A " send to instruction retrieval unit 605, instruction retrieval unit 605 utilizes address A " is corresponding with address A address wherein show in set up a record; Reuse in order to subsequent instructions;

Then, the value A of the address register in the instruction operation environment of described buffer memory is revised as address A by address replacement unit 604 ";

Finally, instruction operation environment buffer memory and recovery unit 601 recover described instruction operation environment, from buffer memory stack, namely eject the register data that instruction operation is relevant.

Continue with reference to Figure 11, wherein, instruction recombination unit 603 can also comprise:

Instructions parse unit 6031, is suitable for utilizing instruction set to mate described machine instruction fragment, obtains pending target machine instructions (namely utilizing target instruction target word to retrieve machine instruction fragment to be scheduled); Described instruction set comprises X86, MIPS and ARM instruction set;

Modifying of order unit 6032, is suitable for, according to predetermined mode, revising described target machine instructions.

Such as, if described target instruction target word is storage/reading command, described instructions parse unit 6031 is by the storage/reading command in machine instruction fragment to be scheduled for responsible acquisition, and described modifying of order unit 6032 is revised storage wherein and read address is address on safety storage apparatus.Its effect is identical with above-mentioned corresponding embodiment of the method S400, repeats no more here.

Again such as, if described target instruction target word is I/O instruction, described instructions parse unit 6031 is by the I/O instruction in machine instruction fragment to be scheduled for responsible acquisition, and the input instruction in described I/O instruction all stops by described modifying of order unit 6032.Its effect is identical with above-mentioned corresponding embodiment of the method S500, repeats no more here.

Again such as, if described target instruction target word is Internet Transmission instruction, described instructions parse unit 6031 is by the Internet Transmission instruction in machine instruction fragment to be scheduled for responsible acquisition, and whether described modifying of order unit 6032 checks remote computing devices corresponding to the destination address in described Internet Transmission instruction to be secure address; If not, described modifying of order unit is suitable for stoping described Internet Transmission instruction.Its effect is identical with above-mentioned corresponding embodiment of the method S600, repeats no more here.

According to a further embodiment of the invention, above-mentioned instruction recombination unit can also comprise dis-assembling unit and assembly unit.As shown in figure 12, instruction recombination unit 703 comprises: the dis-assembling unit 7031 coupled successively, instructions parse unit 7032, modifying of order unit 7033 and assembly unit 7034.

Wherein, dis-assembling unit 7031 was suitable for before parsing, revising described machine instruction fragment to be scheduled, and machine instruction fragment to be scheduled described in dis-assembling, generates assembly instruction fragment to be scheduled; Send to instructions parse unit 7032.

Assembly unit 7034 is suitable for after parsing, revising described machine instruction fragment to be scheduled, and the assembly instruction fragment after compilation restructuring, obtains the restructuring instruction fragment that machine code represents; Send to instruction replacement unit.

In this embodiment, described instructions parse unit 7032 and modifying of order unit 7033 will operate assembly instruction fragment to be scheduled.

Corresponding with instruction recombination method S110 during above-mentioned operation, according to a further embodiment of the invention, instruction recombination device when providing one to run.As shown in figure 13, instruction recombination device 800 comprises:

Instruction operation environment buffer memory and recovery unit 801, be suitable for cache instruction running environment;

Instruction fetch unit 802 and the first memory location 803, wherein, instruction fetch unit 802 is suitable for reading destination address from the first memory location 803, and obtains the machine instruction fragment of waiting to dispatch/perform according to destination address; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction; And

Instruction recombination unit 804, is suitable for the destination address of preserving the first jump instruction in the first memory location 803, the first jump instruction is replaced with the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction indicator device 800.

Wherein, instruction operation environment buffer memory and recovery unit 801 are also suitable for, after instruction recombination unit 804 replacement instruction, recovering described instruction operation environment, and jump to the second address continuation execution.

The implementation of device 800 is as follows:

First, instruction operation environment buffer memory and recovery unit 801 cache instruction running environment;

Then, instruction fetch unit 802 reads destination address (treating dispatch command address) from the first memory location 803, obtains treat scheduling machine instruction fragment according to destination address; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

Then, instruction recombination unit 804 preserves the destination address of the first jump instruction in the first memory location 803; Its value is preserved for immediate, its address/quote is preserved for variable parameter;

Then, the first jump instruction is replaced with the second jump instruction by instruction recombination unit 804, generates and has two address restructuring instruction fragment;

Finally, instruction operation environment buffer memory and recovery unit 801 recover described instruction operation environment, and jump to the second address continuation execution.

According to a further embodiment of the invention, when providing one to run, instruction recombination device, corresponding with said method S130, and comprise the feature of the device provided in some embodiment above-mentioned.As shown in figure 14, this device 900 comprises:

Instruction operation environment buffer memory and recovery unit 901, be suitable for buffer memory and recover instruction operation environment;

Instruction fetch unit 902, the mode being suitable for being calculated by input parameter obtains next instruction address being about to run, and this address is the first address; Also be suitable for the machine instruction fragment treating scheduling/execution according to the first address acquisition; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

Instruction recombination unit 903, being suitable for replacement first jump instruction is pop down instruction, records address and the operand of the first jump instruction in pop down instruction; Also be suitable for adding the second jump instruction after pop down instruction, generate and there is two address restructuring instruction fragment; The entry address of described second jump instruction indicator device 900; Also be suitable for by the second address of restructuring instruction fragment and the first address address is corresponding show in set up a record;

Instruction retrieval unit 904, is suitable for utilizing described first address search address correspondence table; For what represent that the first address points to, described address correspondence table treats whether dispatch command fragment has the restructuring instruction fragment of having preserved, the data of address correspondence table are address pair;

If find corresponding record, instruction retrieval unit 904 is suitable for the instruction operation environment that call instruction running environment buffer memory and recovery unit 901 recover institute's buffer memory, and jumps to the corresponding address found and continue to perform (reorganization operation completes);

If do not find corresponding record, call instruction recomposition unit 903 carries out reorganization operation.

Wherein, instruction recombination unit 903 can also comprise dis-assembling unit 9031, instructions parse unit 9032, modifying of order unit 9033, and assembly unit 9034.

Wherein, after instruction recombination unit 902 completes restructuring, be suitable for the instruction operation environment that call instruction running environment buffer memory and recovery unit 901 recover institute's buffer memory, and the address jumping to restructuring instruction fragment continues to perform (this reorganization operation completes).

According to a further embodiment of the invention, above-mentioned dis-assembling unit 9031 can be positioned among instruction fetch unit 902, carries out dis-assembling operate when obtaining instruction fragment to be scheduled by it.

It will be appreciated by those skilled in the art that, the arrow of the data stream in the accompanying drawing of said apparatus embodiment is just for the ease of explaining the concrete operations flow process in above-described embodiment, do not limit the data flow in figure between unit or closure, in device between unit for coupling relation.

Above by some embodiments detailed describe operation time instruction recombination method and apparatus, it compared with prior art has the following advantages:

By instruction recombination method, can the instruction of monitoring calculation equipment under instruction operation state;

Utilize address correspondence table, improve instruction recombination efficiency, save computational resource;

Operate for storage and reading command, amendment target wherein and source address, to realize storing reorientation/redirected, guarantee data security;

Operate for I/O instruction, the input instruction in described I/O instruction is all stoped, to realize the write operation thoroughly blocked local hardware device; Can also realize, to the prevention of the input instruction except storing instruction, the data security in computing equipment can being improved;

Operate for Internet Transmission instruction, check remote computing devices corresponding to the destination address in described Internet Transmission instruction whether to be secure address; If not, stop described Internet Transmission instruction, to realize Security Data Transmission.

data security access procedure

Figure 15 is the system level schematic diagram of computing equipment in one embodiment of the invention.

Wherein, computing equipment (such as terminal system) 200 comprises: user interface layer 201, application layer 202, operating system nucleus layer 203, hardware mapping layer 204, safe floor 205, and hardware layer 206.

Wherein, hardware layer 206 comprises CPU2061 further, hard disk 2062 (i.e. local memory device) and network interface card 2063.

In addition, computing equipment 200 and memory device 10 (being also called safety storage apparatus) couple.

In the present embodiment, memory device 10 is remote disk array, by the network interface card 2063 of network connection hardware layer 206, exchanges data with computing equipment 200.In other embodiments of the invention, memory device 10 also can be other memory devices that are known or UNKNOWN TYPE.

Wherein, hard disk 2062 also can replace with the local memory device of other types, and such as u dish and CD etc., just illustrate here, and unrestricted object.

In conjunction with above-mentioned hierarchical structure, the data security access procedure that the present embodiment provides comprises:

S1000, initialization;

S2000, data write; With

S3000, digital independent.

With reference to Figure 16, above-mentioned initialization procedure S1000 comprises:

S1010, sets up the communication of terminal system 200 and safety storage apparatus 10;

S1020, from synchronization map bitmap (Bitmap) safety storage apparatus 10 to current computer terminal system 200, such as, is kept in terminal system 200 internal memory; Described mapped bitmap is for representing whether the data of local memory device are stored into safety storage apparatus;

S1030, if the synchronous operation failure of step S1020, safety storage apparatus 10 sets up Bitmap and initialization, is then synchronized to terminal system 200.

Wherein, in order to distinguish the Bitmap on the terminal 200 and Bitmap on memory device 10, hereinafter, except as otherwise noted, Bitmap in terminal system 200 (also can be called computing equipment) is called mapped bitmap or the first mapped bitmap, the Bitmap on safety storage apparatus 10 is called the second mapped bitmap.

In step S1020, if from second mapped bitmap synchronous memory device 10 to the operation failure of current computer terminal system 200, illustrate between memory device 10 and terminal system 200 it is First Contact Connections.

Wherein, step S1030 can comprise:

Local storage space in terminal system 200 is mapped on memory device 10, the mapping one by one that mapping relations are is unit with 1 sector (or other base units stored), and sets up mapped bitmap (Bitmap).

In other embodiments of the invention, other basic tankagies also can be used for unit sets up local storage space is to the Bitmap on memory device 100.

Figure 17 is the Bitmap schematic diagram in one embodiment of the invention.Figure comprises the storage medium 3000 on local memory device (hard disk 2062 in such as Figure 15), the storage medium 4000 on the memory device 10 be connected with local memory device network.

The process prescription setting up Bitmap is as follows.To storage medium 3000, storage medium 4000 sets up the storage space 4010 identical with its size, as mapping space one by one.Bitmap4020 is preserved in storage space 4010, Bitmap4020 is a bitmap, wherein 1 represents 1 sector, whether sector corresponding on data (the 0 or 1) mark/instruction storage medium 3000 of each in dump or the storage space 4010 of corresponding stored on storage medium 4000, so mapped bitmap also can be called dump list.Be synchronized to after Bitmap4020 on memory device 10 has set up in terminal system 200.

The process prescription upgrading Bitmap is as follows.In Bitmap4020, the sector mark of dump is 1, and the sector of non-dump does not mark (mark that dump sector and non-dump sector use can unrestricted choice).When application program or operating system preserve a data (such as during file), the file system of operating system inside opens up a certain amount of storage space by the storage medium 3000 of local memory device, such as sector 3040 and sector 3050, and distribute to the use of this file, and rewrite local file allocation table.During this file dumping (when the data of write sector 3040 and sector 3050 are stored on memory device 10), allocated sector, position 4040 and 4050 identical on storage medium 4000, and preserve unload database wherein, finally change the bit data of sector in Bitmap4020 3040 and sector 3050 correspondence into 1.

In conjunction with Figure 15, above-mentioned data writing process S2000 comprises further:

S2010, application layer 202 sends operating writing-file request by the file system of operating system nucleus layer 203, or operating system nucleus layer 203 directly sends operating writing-file request; Or

Application layer 202 sends data writing operation request directly to hardware mapping layer 204, or operating system nucleus layer 203 sends data writing operation request directly to hardware mapping layer 204;

S2020, written document request analysis is become hardware port instruction (i.e. hardware instruction) by operating system nucleus layer 203, is issued to hardware mapping layer 204, and wherein port command comprises the position (such as sector) needing to write memory device;

It should be noted that if step S2010 sends data writing operation request directly to hardware mapping layer 204, then this request has been hardware port instruction;

S2030, safe floor 205 receives the hardware port instruction from hardware mapping layer 204, and the writing position (i.e. sector) in port command is rewritten as the corresponding stored address be positioned on memory device 10, then the first mapped bitmap is upgraded, such as bit data corresponding for described sector is revised as 1, represents the dump of this sector; Amended port command is sent to hardware layer 206 by safe floor 205.

After ablation process is complete, terminal system 200 does not store the data of write, and the reorientation of corresponding data is stored on safety storage apparatus 10.

In another embodiment of the present invention, if it is different from writing network hard disc instruction to write local hard drive instruction itself, so not only needing change of address, also needing to change storage instruction.

According to a further embodiment of the invention, ablation process S2000 can also comprise:

S2040, is synchronized to the first mapped bitmap on memory device 10, saves as the second mapped bitmap, thus guarantees that the first mapped bitmap in terminal system 200 is consistent with the second mapped bitmap on memory device.

In other embodiments of the invention, in order to save system resource, S2040 also can unify to carry out once before the terminal system 200 of this locality is shut down.

In conjunction with Figure 15, above-mentioned data read process S3000 comprises further:

S3010, is synchronized to the second mapped bitmap on memory device 10 in terminal system 200, saves as the first mapped bitmap;

S3020, application layer 202 is sent by the file system of operating system nucleus layer 203 and reads file operation requests, or operating system nucleus layer 203 directly sends and reads file operation requests; Or

Application layer 202 sends read data operation requests directly to hardware mapping layer 204, or operating system nucleus layer 203 sends read data operation requests directly to hardware mapping layer 204;

S3030, safe floor 205 receives the data read command from hardware mapping layer 204, obtain reading address (source address) wherein, search the first mapped bitmap, if the bit data in the first mapped bitmap represents that described reading address is dump address, the reading address that safe floor 205 revises port command is the address on memory device 10; Amended port command is sent to hardware layer 206 by safe floor 205.

This reading process does not affect the existing operator scheme of user, achieves the reading for the data of dump on safety storage apparatus (i.e. memory device 10).

In step S3010, be in order to after having restarted in terminal system 200 from synchronous second mapped bitmap of memory device 10 to the process of this locality, keep the consistance of the data on local data and safety storage apparatus.

It will be understood by those skilled in the art that for the write of above-mentioned data, reading process and initialization procedure, perform required process or step according to actual needs.

data safety access method

Based on above-mentioned data writing process and the process of reading, be described below in detail data security provided by the invention and store and read method.

Above it will be understood by those skilled in the art that in conjunction with Figure 15 to illustrate that the reading of data and storing process conveniently understand, be not limit, in other embodiments of the present invention, each step described above can be performed on the applicable level of computing equipment.

According to one embodiment of the invention, provide a kind of secure storage method of data; As shown in figure 18, the method comprises the steps:

S4010, receives hardware instruction;

S4020, analyzes and judges whether this hardware instruction is store instruction;

S4030, if this hardware instruction stores instruction, the amendment destination address stored in instruction is the memory address on corresponding memory device (i.e. safety storage apparatus);

S4040, is sent to hardware layer by amended storage instruction.

In step S4010, described hardware instruction can be the hardware instruction from hardware mapping layer.Receive from hardware mapping layer hardware instruction can 100% all hardware instructions (interface instruction) being sent to the processors such as CPU of examination.

Wherein, in terminal system, can run Windows operating system, the hardware abstraction layer HAL in Windows system is hardware mapping layer.In other embodiments, terminal also can run other operating systems, such as Linux, Unix or embedded OS etc., and hardware mapping layer is the hardware mapping layer that Linux or Unix or embedded OS are corresponding.

In step S4010, in conjunction with instruction recombination method during above-mentioned operation, the process receiving hardware instruction can comprise: adopt instruction recombination method (such as S101-S105) when running to obtain hardware instruction.Change a kind of saying, exactly can when operationally instruction recombination method get machine instruction, process stores and reading command (such as S404, S504, or S604).Instruction recombination method during by running, not only can be stored into safety storage apparatus by the reorientation of calculating net result, the pilot process calculated (comprising the pilot process that operating system produces) whole reorientation can also be stored into safety storage apparatus.

In step S4010 and S4020, hardware instruction can be the types such as X86 instruction, ARM instruction, MIPS instruction, can in computing terminal built-in analysis mechanisms, to process dissimilar cpu instruction.

According to a further embodiment of the invention, after step S4030, can also comprise:

S4050, upgrade the first mapped bitmap, " position " that destination address (sector) is corresponding in the first mapped bitmap is set to dump mark, such as " 1 "; Further, the mapped bitmap upgraded is synchronized to described safety storage apparatus, saves as the second mapped bitmap.

In the present embodiment, dump operation for upper layer application and user completely transparent, do not affect active computer operation, application system workflow.

The said method that the present embodiment provides not only can use in terminal system, can also be applied in and anyly comprise on application layer, operating system nucleus layer, the computing equipment of hardware layer and intelligent terminal, perform before instruction at hardware layer, realize instruction-level and store reorientation/be redirected (namely based on the storage reorientation/be redirected of hardware store instruction).

According to one embodiment of the invention, provide a kind of data safe reading method; With reference to Figure 19, the method comprises:

S5010, receives hardware instruction;

S5020, analyzes and judges whether this hardware instruction is reading command;

S5030, if reading command, obtains the source address in reading command, searches the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap; With

S5040, is sent to hardware layer by amended hardware instruction.

Before step S5010, the method can also comprise S5000: be synchronized in terminal system 200 by the second mapped bitmap on memory device, save as the first mapped bitmap.

In step S5010, described hardware instruction can from hardware mapping layer.

In step S5010, in conjunction with instruction recombination method during above-mentioned operation, the process receiving hardware instruction can comprise: adopt instruction recombination method (such as S101-S105) when running to obtain hardware instruction.Change a kind of saying, exactly can when operationally instruction recombination method get machine instruction, process stores and reading command (such as S400).

In step S5020, if this hardware instruction is not reading command, then hardware layer can directly hardware instruction be sent to go to perform.

Step S5030 can also be decomposed into two steps further:

S5031, if reading command, obtains the source address in reading command, judges that whether described source address is the address on memory device;

S5032, if described source address is not the address on memory device, searches the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap.

In step S5031, if the source address of this reading command has been the address on memory device, then computing equipment (safe floor 205 in such as Figure 15) need not search the data in the first mapped bitmap again, can directly hardware instruction be sent to hardware layer to go to perform.

Further, in order to save Internet resources, in some embodiments of the invention, safety storage apparatus 10 can as the shared resource of multiple terminal system.

Once mentioned above and data security can be stored and the combination of read method and instruction recombination method, and conveniently understood, introduce in detail below by embodiment.

According to one embodiment of the invention, provide a kind of data safety access method.As shown in figure 20, the method S6000 comprises:

S6010, cache instruction running environment;

S6011, reads destination address from the first memory location, obtains the machine instruction fragment of waiting to dispatch/perform according to destination address; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction;

S6012, preserves the destination address of the first jump instruction in the first memory location;

S6013, analyzes and judges to wait whether each instruction of dispatching in machine instruction is access instruction;

S6014, if access instruction:

For storage instruction, the amendment destination address stored in instruction is the memory address on corresponding memory device (i.e. safety storage apparatus); And revise the first mapped bitmap;

For reading command, obtain the source address in reading command, search the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap;

If it is different from writing network hard disc instruction or read local hard drive instruction itself and to read network hard disc instruction different to write local hard drive instruction itself, so not only needs modified address, also needing corresponding amendment to store instruction or reading command;

S6015, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; The entry address of described second jump instruction directional order restructuring platform;

S6016, recovers described instruction operation environment, and jumps to the second address continuation execution.

It will be appreciated by those skilled in the art that, this embodiment is just illustrated to illustrate, do not limit the array mode of safe read method, method for secure storing and instruction recombination method, the various safe read method of above-mentioned introduction, method for secure storing and instruction recombination method can combinationally use in various required mode.

Storing and reading is generally the exchanges data of carrying out for the memory device of this locality; Transmission generally refers to the exchanges data of being undertaken by the network equipment.

Further, a kind of data safe transmission method is provided in one embodiment of the invention.

As shown in figure 21, the method comprises:

S7010, receives (such as from hardware mapping layer) hardware instruction;

S7020, analyzes and judges whether this hardware instruction is Internet Transmission instruction;

S7030, if this hardware instruction is transfer instruction, reads destination address;

S7040, judges whether destination address is secure address;

S7050, if secure address, is sent to hardware layer by hardware instruction; If not secure address, refuse this instruction;

S7060, hardware layer sends transfer instruction and the data terminal system to destination address;

S7070, the terminal system of destination address receives and utilizes secure storage method of data to preserve data.

In step S7040, judge that whether destination address is that the method for secure address is as follows.With reference to Figure 22, security server 820 is connected with terminal system 800,810 by network, and terminal system 800,810, when disposing the data safe transmission method provided in the above embodiment of the present invention, all has carried out registering operation to security server 820.Security server 820 internal maintenance secure address table, have recorded chartered all terminal systems.

When secure address table has change time, the secure address table of renewal is sent to each terminal by security server 820 automatically, and the framework of terminal system 800 comprises application layer 801, operating system nucleus layer 802, safe floor 803 and hardware layer 804, safe floor 803 is responsible for safeguarding this secure address table.

Safe floor 803 according to destination address whether in secure address table, will judge whether destination address is secure address.Namely in step S7040, if destination address has listed secure address table in, then destination address has been secure address.

The enforcement of above-mentioned safe transmission method, even if make wooden horse or malice instrument achieve classified information also cannot transmit acquired information.Safe interconnect portion is below launched to introduce by safe transmission method in conjunction with the embodiments.

Although the main body using terminal system as application method provided by the invention in some embodiments of the invention, but, any handheld device, intelligent terminal etc. can provide the electronic equipment of file or data edition, preservation or transmission, can become the carrier of application data security access provided by the invention and transmission method.

In addition, those skilled in the art will appreciate that above-mentioned secure storage method of data, read method and transmission method can use the form of software or hardware to realize:

(2) if with hardware implementing, the step that then said method is corresponding describes with the form of hardware identification code (such as Verilog), and solidifies (through processes such as physical Design/placement-and-routing/wafer factory flows) and become chip product (such as processor products).

data security access device

Corresponding with above-mentioned secure storage method of data, according to one embodiment of the invention, provide a kind of data safety storage device.

It should be noted that data safety storage device refers in the present invention: the device realizing secure storage method of data in the form of hardware; Safety storage apparatus refers in the present invention: for the storage entity of dump information or data, such as disk etc.

With reference to Figure 23, data safety storage device 7100 comprises: receiving element 7110, instruction analysis unit 7120, modifying of order unit 7130 and transmitting element 7140.Described receiving element 7110 and instruction analytic unit 7120 couples, and instruction analysis unit 7120 respectively and instruction amendment unit 7130 and transmitting element 7140 couples, and transmitting element 7140 is gone back and instruction amendment unit 7130 and coupled.

Wherein, receiving element 7110 is suitable for receiving hardware instruction, and described hardware instruction can from hardware mapping layer;

Instruction analysis unit 7120 is suitable for analyzing described hardware instruction and judges whether described hardware instruction is store instruction; If storage instruction, instruction analysis unit 7120 is also suitable for sending it to modifying of order unit 7130, and if not storage instruction, instruction analysis unit 7120 is also suitable for sending it to transmitting element 7140;

It is the corresponding memory address on safety storage apparatus that modifying of order unit 7130 is suitable for the destination address revised in described storage instruction, then amended storage instruction is sent to transmitting element 7140;

Transmitting element 7140 is suitable for the instruction received to be transmitted to hardware layer 7200.

Further, this data safety storage device can also comprise: updating block 7150 and lock unit 7160.Wherein, updating block 7150 and instruction amendment unit 7130 couples; Lock unit 7160 and updating block 7150 couple.

Described updating block 7150 is suitable for after modifying of order unit 7130 revises described storage instruction, upgrades the position that described in mapped bitmap, destination address is corresponding.In the present embodiment, by storing " position " the data set of sector correspondence in the first mapped bitmap that instruction target address comprises, represent dump.

Described lock unit 7160 is suitable for the communication of setting up computing terminal system and described safety storage apparatus, and is carried out by mapped bitmap synchronous between described computing terminal system and described safety storage apparatus.

Concrete, when computing terminal system starts, lock unit 7160 sets up the communication of computing terminal system and described safety storage apparatus, and the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal system, saves as the first mapped bitmap.

If the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal thrashing, represent that computing terminal system and safety storage apparatus are first time communications, local storage space in terminal system is mapped on described safety storage apparatus by lock unit 7160, and sets up mapped bitmap and the second mapped bitmap.Such as in the present embodiment, first on safety storage apparatus, set up the second mapped bitmap, be then synchronized to this locality, become the first mapped bitmap.

When updating block 7150 have updated the position that described in the first mapped bitmap (i.e. mapped bitmap), destination address is corresponding, lock unit 7160 sends to safety storage apparatus by the first mapped bitmap after renewal, and on safety storage apparatus, save as the second mapped bitmap.

Described safety storage apparatus can be remote storage device or local memory device, and described remote storage device can be a computing equipment service, also can be shared by multiple computing equipment.

Described hardware instruction can be hardware port I/O instruction.

Corresponding with above-mentioned data safe reading method, according to a further embodiment of the invention, provide a kind of data security reading device.

With reference to Figure 24, data security reading device 8100 comprises:

Receiving element 8110, instruction analysis unit 8120, modifying of order unit 8130 and transmitting element 8140.Wherein, receiving element 8110 and instruction analytic unit 8120 couples, and instruction analysis unit 8120 respectively and instruction amendment unit 8130 and transmitting element 8140 couples, and modifying of order unit 8130 also couples with transmitting element 8140.Transmitting element 8140 and hardware layer 8200 couple.

Described receiving element 8110 is suitable for receiving hardware instruction, and in the present embodiment, described hardware instruction is from hardware mapping layer.

Described instruction analysis unit 8120 is suitable for analyzing described hardware instruction and judges whether described hardware instruction is reading command, if described hardware instruction is reading command, obtains the source address of reading command and judge that whether described source address is the address on safety storage apparatus.

If described hardware instruction is not reading command, or described source address is the address on safety storage apparatus, and described hardware instruction is sent to transmitting element 8140 by instruction analysis unit 8120.

If described source address is not the address on safety storage apparatus, modifying of order unit 8130 searches mapped bitmap, and the reading address in reading command according to the data modification of mapped bitmap.

Identical with the mapped bitmap in above-described embodiment, mapped bitmap described in the present embodiment is also for representing whether the data of local memory address are dumped to described safety storage apparatus.Such as, modifying of order unit 8130 searches the position of sector correspondence in the first mapped bitmap that source address comprises.If " position " data are shown as 1, represent and dump occurs, if " position " data are shown as 0 or NULL (sky), represent and dump does not occur.If there is dump, described source address (reading address) is changed into corresponding dump address by modifying of order unit 8130, and amended hardware instruction is sent to transmitting element 8140.

Further, described data security reading device can also comprise lock unit 8150.Described lock unit 8150 and instruction amendment unit 8130 couples.Described lock unit 8150 is suitable for the communication of setting up computing terminal system and described safety storage apparatus, and is carried out by mapped bitmap synchronous between described computing terminal system and described safety storage apparatus.Concrete, lock unit 8150 is when computing terminal system starts, set up the communication of computing terminal system and described safety storage apparatus, and the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal system, save as the first mapped bitmap, provide modifying of order unit 8130 to use.

Described safety storage apparatus can be remote storage device, and described remote storage device can be shared by multiple computing terminal system.

In other embodiments of the invention, described safety storage apparatus also can be local memory device.

According to a further embodiment of the invention, above-mentioned data security reading device and data safety storage device can merge into a device, and wherein instruction analysis unit and modifying of order unit can process storage instruction and can process reading command again, and citing is below introduced.

According to a further embodiment of the invention, a kind of data security is provided to store and reading device.As Figure 25, data security stores and reading device 9100 comprises:

Instruction operation environment buffer memory and recovery unit 9101, be suitable for buffer memory and recover instruction operation environment;

Instruction fetch unit 9102, be suitable for obtaining next instruction address being about to run, this address is the first address; Also be suitable for the machine instruction fragment treating scheduling/execution according to the first address acquisition; Wherein, wait that the last item instruction of dispatching machine instruction fragment is the first jump instruction; Obtain and treat to describe in detail in the embodiment of the concrete mode of scheduling machine instruction fragment above, repeat no more here;

Instruction retrieval unit 9104, is suitable for utilizing described first address search address correspondence table; For what represent that the first address points to, described address correspondence table treats whether dispatch command fragment has the restructuring instruction fragment of having preserved, the data of address correspondence table are address pair;

If find corresponding record, instruction retrieval unit 9104 is suitable for the instruction operation environment that call instruction running environment buffer memory and recovery unit 9101 recover institute's buffer memory, and jumps to the corresponding address found and continue to perform (this has been recombinated);

If do not find corresponding record, call instruction recomposition unit 9103 carries out reorganization operation.

Wherein, instruction recombination unit 9103 comprises:

Instructions parse unit 9111 is combinations of above-mentioned instruction analysis unit 7120 and instruction analysis unit 8120, is suitable for analyzing described hardware instruction and waits described in judgement whether each hardware instruction in the machine instruction fragment of dispatching/performing is store or reading command;

Modifying of order unit 9112, if instructions parse unit 9111 finds to store or reading command:

For storage instruction, the destination address revised in described storage instruction is the corresponding memory address on safety storage apparatus;

For reading command, search mapped bitmap, and the reading address in reading command according to the data modification of mapped bitmap;

Updating block 9113, is suitable for after modifying of order unit 9112 revises described storage instruction, upgrades the position that described in mapped bitmap, destination address is corresponding, to embody dump;

Lock unit 9114, is suitable for the communication of setting up computing terminal system and described safety storage apparatus, and is carried out by mapped bitmap synchronous between described computing terminal system and described safety storage apparatus.

After instructions parse unit 9111, modifying of order unit 9112, updating block 9113 and lock unit 9114 have operated, it is pop down instruction that instruction recombination unit 9103 is suitable for replacement first jump instruction, records address and the operand of the first jump instruction in pop down instruction; Also be suitable for adding the second jump instruction after pop down instruction, generate and there is two address restructuring instruction fragment; The entry address of described second jump instruction indicator device 9100; Also be suitable for by the second address of restructuring instruction fragment and the first address address is corresponding show in set up a record.

Based on the description of the preceding paragraph, instruction recombination unit 9103 in other embodiments, also can and instruction resolution unit 9111, modifying of order unit 9112, updating block 9113 and lock unit 9114 as same level and column unit (as shown in figure 26).

After instruction recombination unit 9103 obtains restructuring instruction fragment, be also suitable for the instruction operation environment that call instruction running environment buffer memory and recovery unit 9101 recover institute's buffer memory, and the address jumping to restructuring instruction fragment continues to perform (reorganization operation completes).

It will be appreciated by those skilled in the art that, this embodiment is just illustrated to illustrate, restricting data security readers, data safety storage device and instruction recombination device do not merge mode, and the various data security reading devices of above-mentioned introduction, data safety storage device and instruction recombination device can merge in various required mode.

In addition, above-mentioned method for secure storing and device can also be combined with cloud, guarantee the safety of data in cloud, thus accelerate the application of cloud computing (cloudcomputing) and popularize.Specific embodiment will be introduced below.

It will be understood by those skilled in the art that the said method realized at safe floor also can complete to each layer in hardware layer at operating system nucleus layer.The position that realizes of concrete function does not depart from the spirit and scope of the present invention.

Describe method for secure storing provided by the invention and device in detail in above-described embodiment, compared with prior art, tool has the following advantages:

1, secure storage method of data achieves instruction-level data dump and data total dump, based on this, achieve the secure storage method of data of computing terminal system line period for the national games, on the one hand, even if make wooden horse or malice instrument achieve classified information also cannot preserve acquired information, data are made to be present in controlled safe range all the time; On the other hand, the local any data be no longer kept under concerning security matters state, therefore prevent the active of concerning security matters personnel to divulge a secret and passively to divulge a secret;

2, receive from hardware mapping layer hardware instruction can 100% all instructions of examination, improve data security further.

Describe safe read method provided by the invention and device also in detail in above-described embodiment, compared with prior art, tool has the following advantages:

1, data safe reading method coordinates secure storage method of data that data are present in controlled safe range all the time, and ensures, after safe data storage (dump), unload database to be read; Because this locality will no longer be kept at any data under concerning security matters state, therefore prevent the active of concerning security matters personnel to divulge a secret and passively to divulge a secret;

2, when safety storage apparatus is remote storage device, can share for multiple terminal, improve the space service efficiency of safety storage apparatus.

data security is interconnected

According to method and devices such as data security presented hereinbefore reading/storages, can the safe interacted system of design data, realize network data security.

According to one embodiment of the invention, provide a kind of network environment, as shown in figure 27, this network environment comprises:

By network 1 carry out interconnected terminal system A01, terminal system A02 ... terminal system A0n (n is natural number) and memory device A80;

By network 2 carry out interconnected terminal system A11, terminal system A12 ... terminal system A1n (n is natural number) and memory device A81;

Interconnected terminal system (not shown) and memory device A8n is carried out by network m;

By network x carry out interconnected network 1, network 2 ... network m and registrar A90.

Wherein, memory device (i.e. safety storage apparatus) A80, A81 ... A8n is the safety storage apparatus introduced in embodiment above.

Memory device A80 and terminal system A01, terminal system A02 ... mapped bitmap is set up between the local memory device of terminal system A0n; Terminal system A01, terminal system A02 ... terminal system A0n disposes data security storage/safe read method presented hereinbefore, instruction recombination method when can also dispose operation presented hereinbefore.

Memory device A81 and terminal system A11, terminal system A12 ... mapped bitmap is set up between the local memory device of terminal system A1n; Terminal system A11, terminal system A12 ... terminal system A1n disposes data security storage/safe read method presented hereinbefore, instruction recombination method when can also dispose operation presented hereinbefore.

Memory device A8n and by setting up mapped bitmap between the local memory device of the interconnected terminal system of network m; Data security storage/safe read method presented hereinbefore is disposed, instruction recombination method when can also dispose operation presented hereinbefore by the terminal system that network m is interconnected.

Network X can be network 1, network 2 ... one in network m, also can be different from network 1, network 2 ... another network of network m.In other words, registrar A90 can be positioned at network 1, network 2 ... in of network m, network 1, network 2 ... network m is interconnected.

Network 1, network 2 ... can also comprise data server or application server etc. in network m, it sets up mapped bitmap to the corresponding memory device in each network; Data security storage/safe the read method that server disposition is presented hereinbefore, instruction recombination method when can also run.

Registrar A90 can have one, also can have multiple.Registrar A90 is used for providing terminal system access authentication, and namely when terminal system wishes to get involved this network environment or network system, registrar A90 receives its registration request and judges whether to allow it to access.The operation of registrar A90 will be discussed in more detail below.

According to one embodiment of the invention, in this network environment, the data storage of terminal system and read operation can carry out according to the storage of above-mentioned data security and read method.

Concrete, terminal system (or data server/application server) data manipulation method S800 comprises:

S801, initialization operation, comprising:

S8011, set up the safety storage apparatus synchronization map bitmap of mapped bitmap from local memory device, save as the first mapped bitmap; Preserving position can in internal memory;

S8012, from synchronous safety address table registrar, save as local security address table (also can be called the first secure address table); Preserving position can in internal memory;

S802, receives hardware instruction;

S803, analyzes and judges whether this hardware instruction is reading command, stores instruction or transfer instruction;

S804, if these three kinds of instructions, it is as follows to carry out instruction process:

S8041, for storage instruction, is revised as the corresponding stored address set up with local memory device on the safety storage apparatus of mapped bitmap by the local destination address stored in instruction;

S8042, for reading command, obtains the source address in reading command, utilizes source address to retrieve the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap;

S8043, for transfer instruction, obtains the destination address in transfer instruction, utilizes destination address to retrieve the first secure address table, judge whether destination address is secure address, if not, refuse this transfer instruction;

S805, is sent to hardware layer by amended or not unaccepted hardware instruction.

According to a further embodiment of the invention, S8041 can also comprise:

Upgrade the first mapped bitmap, " position " that destination address (sector) is corresponding in the first mapped bitmap is set to the mark of 1 or other instruction dumps; Further, the mapped bitmap upgraded is synchronized to corresponding safety storage apparatus, in safety equipment, saves as the second mapped bitmap.

Namely computing equipment in above-mentioned network environment constitutes a kind of embodiment of data security interacted system provided by the invention.More embodiments of data security interacted system will be described in detail below.

According to one embodiment of the invention, provide a kind of process of establishing of data security interacted system, as shown in figure 28 a, this process of establishing S900 comprises:

S901a, computing equipment (being shown as computing terminal 1 in figure) send registration request to registrar;

S901b, registrar inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus;

S901c, computing equipment send response message to registrar;

If this response of S902a is not for agreeing to adapter, registrar refuses the registration request of this computing equipment, terminates this process of establishing; (this step is not shown)

If this response of S902b is for agreeing to adapter, registrar disposes above-mentioned secure storage method of data and read method and safe transmission method on the computing device, and registrar agrees to that this computing equipment is registered;

S902c, registrar are this computing equipment deployment secure memory device, complete process of establishing, mutual between this computing equipment of cut-out that simultaneously will be complete and any memory device except safety storage apparatus except, and also by cut off and all-network except safe interacted system mutual.

" cut-out " is wherein exactly by the operation of instruction-level, utilizes bitmap the operation of all memory devices except safety storage apparatus to be redirected on safety storage apparatus to realize.

The deployment area of this safety storage apparatus is hard-core, can be local at computing equipment, also can be arranged in the LAN (Local Area Network) at computing equipment place, also can be arranged in the LAN (Local Area Network) at registrar place, if having network can physical connection just passable.

In other embodiments of the present invention, instruction recombination method when registrar can also dispose above-mentioned operation to this computing equipment, instruction recombination or tracking when realizing running.Now, instruction recombination method and data safety access method in conjunction with S6000 when can also realize such as above-mentioned operation.

After computing equipment (such as terminal system or intelligent terminal) completes registration, stored and read method by above-mentioned data security, sensitive data or secure data will be preserved in safety storage apparatus.

According to one embodiment of the invention, add data server in safe interacted system, this data server also adds according to S900 registration, and the safety storage apparatus of its correspondence is such as safety storage apparatus 1.

When a computing equipment (such as computing terminal 2) needs the data in access security interacted system, first, add safe interacted system according to S900 registration, the safety storage apparatus of its correspondence is such as safety storage apparatus 2.

Then, as depicted in fig. 28b, the data access process S910 of computing terminal 2 in data security interacted system comprises:

S911, computing equipment (such as computing terminal 2) send request of access to data server;

S912, data server send secure address apply for information to registrar, inquire whether this computing terminal 2 is secure address;

S913, registrar send secure address response message to data server, inform whether this computing terminal 2 is secure address;

If after S914 obtains affirmative acknowledgement, data server reads corresponding data according to this request, and this reading process is above-mentioned data safe reading method; If obtain negative response, then data server ignores described data access request;

S915, data server send data answering to computing terminal 2; With

If S916 computing terminal 2 needs to preserve data, then according to above-mentioned secure storage method of data, in safety storage apparatus 2, preserve data.

In another embodiment, the content that in above-described embodiment, registrar completes also can complete in each terminal system, and namely each terminal system is a registrar simultaneously.The task whether visitor is safe is confirmed if need terminal oneself to complete, so need a kind of mechanism, any machine upper portion being connected to terminal by network of terminal check can be allowed to have affixed one's name to data black hole system and (to comprise above-mentioned data security storage/read method, instruction recombination method when can also comprise above-mentioned operation, above-mentioned data safe transmission method can also be comprised), and each terminal oneself safeguards a certification registration table.

After having had this mechanism, when terminal receives any one network request, first verify whether the promoter of request deploys data black hole system, be verified, the promoter joined request in the certification registration table of terminal, the promoter (another machine) of request is like this just by this terminal authentication.Whether the promoter of checking request deploys data black hole system can adopt the mutual trust verification algorithm based on timestamp to carry out, be verified, the promoter joined request in the certification registration table of terminal, the promoter (another machine) of request is like this just by this terminal authentication.

Accordingly, above-mentioned data access method S910 needs to adjust.According to one embodiment of the invention, as shown in Figure 28 c, there is the data access method S940 (being also simultaneously a kind of data security interacted system method for building up) of the computing equipment of registering functional, comprising:

S941, computing terminal 1 send request of access to computing terminal 2;

S942, computing terminal 2 send to computing terminal 1 and dispose inquiry, namely inquire whether computing terminal 1 is agreed to dispose above-mentioned secure storage method of data and read method;

S943, computing terminal 1 send to computing terminal 2 and dispose response;

In order to whole access process is described, in the present embodiment, computing terminal 1 sends affirmative acknowledgement; If computing terminal 1 sends negative response, then terminate with the information interaction of computing terminal 2, data access can not complete;

S944, computing terminal 2 is to computing terminal 1 dispositions method and specify safety storage apparatus; Described method and above-mentioned data security store and data safe reading method, instruction recombination method when can also comprise above-mentioned data safe transmission method and run; Described safety storage apparatus is safety storage apparatus 1;

S945, computing terminal 2 utilize safe read method to read from the safety storage apparatus 2 of its correspondence the data that computing terminal 1 will access;

S946, computing terminal 2 send access response to computing terminal 1; With

If S947 needs to preserve data, computing equipment 1 utilizes secure storage method of data to be kept in the safety storage apparatus 1 of its correspondence by the visit data of acquisition.

Optionally, a register list safeguarded by each computing terminal, such as, after computing terminal 1 deploys data black hole system, computing terminal 1 is added the register list of computing terminal 2, computing terminal 2 can also be added the register list of computing terminal 1 simultaneously.

Optionally, before step S942, first can check whether and deploy secure storage method of data and read method (or data black hole system).

As shown in figure 28d, according to a further embodiment of the invention, a kind of data access method S950 with the computing equipment of registering functional is provided, comprises:

S951, computing terminal 1 send request of access to computing terminal 2;

S952, computing terminal 2 send to dispose to computing terminal 1 and check message, and this message is used for checking on computing terminal 1, whether deployed data black hole system (or above-mentioned data safety access method);

S953, computing terminal 1 send to dispose to computing terminal 2 and check feedback message;

This feedback message comprises one or one group of numerical value, and according to this numerical value, computing terminal 2 can judge whether computing terminal 1 has deployed data black hole system;

The deployable state of computing terminal 1 determined by S954, computing terminal 2, namely judges whether computing terminal 1 deploys data black hole system;

(1) if described deployment checks that data black hole system disposed by feedback message determination computing terminal 1, then continue to perform:

S955, computing terminal 2 utilize safe read method to read from the safety storage apparatus 2 of its correspondence the data that computing terminal 1 will access;

S956, computing terminal 2 send access response to computing terminal 1;

If S957 needs to preserve data, computing equipment 1 utilizes secure storage method of data to be kept in the safety storage apparatus 1 of its correspondence by the visit data of acquisition.

(2) if described deployment checks that feedback message determination computing terminal 1 does not also dispose data black hole system, then above-mentioned data access method S940 is performed:

S943, computing terminal 1 send to computing terminal 2 and dispose response;

S944, computing terminal 2 is to computing terminal 1 dispositions method and specify safety storage apparatus; Described method and above-mentioned data security store and data safe reading method; Described safety storage apparatus is safety storage apparatus 1;

S946, computing terminal 2 send access response to computing terminal 1; With

Above-mentioned steps S953-S954 can comprise: computing terminal 1 and computing terminal 2 utilize the mutual trust verification algorithm based on timestamp to judge whether the other side has deployed data black hole system (the similar CHAP agreement of process).

Optionally, a register list safeguarded by each computing terminal, such as, after computing terminal 1 deploys data black hole system, computing terminal 1 is added the register list of computing terminal 2, computing terminal 2 can also be added the register list of computing terminal 1 simultaneously.When the machine accessed by certain computing terminal, first check whether registration class table comprises this computing terminal, if comprised, illustrates and registers, deployment need not be carried out again and check or dispose the operations such as inquiry.

Optionally, said method S950 can improve further, is initiatively illustrated self disposed data black hole system by access initiator.As shown in Figure 28 e, according to a further embodiment of the invention, a kind of data access method S960 with the computing equipment of registering functional is provided, comprises:

S961, computing terminal 1 send request of access to computing terminal 2;

S962, computing terminal 1 send " deployment advertisement message " to computing terminal 2, and this message is for notifying that computing terminal 2 has deployed data black hole system (or above-mentioned data safety access method) on computing terminal 1;

The deployable state of computing terminal 1 determined by S963, computing terminal 2, namely judges whether computing terminal 1 deploys data black hole system;

S964, computing terminal 2 utilize safe read method to read from the safety storage apparatus 2 of its correspondence the data that computing terminal 1 will access;

S965, computing terminal 2 send access response to computing terminal 1;

If S966 needs to preserve data, computing equipment 1 utilizes secure storage method of data to be kept in the safety storage apparatus 1 of its correspondence by the visit data of acquisition.

Further, in the embodiment of a registrar in each terminal, conveniently computing terminal use and in order to make safe interacted system have unidirectional import feature (data only import but no export), according to a further embodiment of the invention, the computing equipment (such as terminal system A01) in data security interacted system has two patterns:

In the flrst mode, be also called safe mode, instruction recombination platform on computing equipment runs (when namely deploying above-mentioned operation on the computing device instruction recombination method or when applying above-mentioned operation instruction recombination device), data store and read and all complete on the safety storage apparatus of its distribution, and mutual between this computing equipment of complete cut-out and any memory device except safety storage apparatus, also cut off this computing equipment and the all-network except safe interacted system mutual (shielding dependent instruction by instruction recombination platform during above-mentioned operation),

Under the second mode, be also called general mode, the instruction recombination platform on computing equipment does not run, and registration service function is not enabled, and the computing equipment under general mode can equally with common computing equipment use, such as, can obtain data from other network nodes.

In addition, can not mutually access between the computing equipment of general mode and safe mode computing equipment.Such as, suppose that computing terminal 1 is in safe mode and computing terminal 2 is in general mode.If access computation terminal 1 wanted by computing terminal 2, computing terminal 2 will send request of access to computing terminal 1, and transmission is disposed and checked message by computing terminal 1, and computing terminal 1 cannot obtain the effective response of computing terminal 2, and access can not be carried out.If access computation terminal 2 wanted by computing terminal 1, computing terminal 1 needs to send request of access to computing terminal 2, computing terminal 1 can attempt to obtain the deployment fox message of computing terminal 2 equally before transmitting, if computing terminal 1 cannot obtain the effective response of computing terminal 2, access can not be carried out.

The switching of above-mentioned two kinds of patterns can come by carrying out system reboot, concrete, at the beginning of system starts, interrogation system user is wished to enter which kind of pattern, and system user determines to enter which kind of pattern according to the user demand of oneself.

Corresponding to method S900, the S910 of description above substantially, according to one embodiment of the invention, provide a kind of computing terminal (i.e. computing equipment).As shown in Figure 28 f, this computing terminal f00 comprises:

I/O interface f01, is suitable for connecting with registrar f11 and communicating;

The registering unit f02 be connected respectively with I/O interface f01, black hole unit f03, query unit f04.

Wherein, registering unit f02 is suitable for being registered to registrar f11 by I/O interface f01;

The course of work of registering unit f02 comprises the information interaction with registrar, for registration on registrar or the deployment inspection accepting registrar, and specifically can reference method S900, S910 and S950.

Wherein, unit f03 in black hole is suitable for the data black hole system receiving registrar f11 deployment; Define in the introduction of described data black hole system above.Such as, data black hole system comprises (namely achieving) above-mentioned secure storage method of data and data safe reading method, or data black hole system comprises above-mentioned data safety storage device and data security reading device; Instruction recombination method when data black hole system can also comprise above-mentioned operation, or instruction recombination device when comprising above-mentioned operation; Data black hole system can also comprise above-mentioned data safe transmission method etc.

This black hole unit f03 is also suitable for carrying out data interaction with other computing terminals or computing equipment, such as, comprise and send request of access etc.

Wherein, query unit f04 is suitable for sending apply for information to registrar f11, inquires whether certain computing equipment is registered.

Corresponding to method S900, the S910 of description above substantially, according to one embodiment of the invention, provide a kind of registrar.As shown in Figure 28 g, this registrar g00 comprises:

I/O interface g01, is suitable for being connected with computing equipment (the computing equipment g11 in such as figure and computing equipment g12 is also called computing equipment a and computing equipment b) Serial Communication of going forward side by side;

Dispose inspection unit g02, be suitable for sending to dispose to computing equipment checking message, check whether computing equipment has deployed data black hole system; Check that reciprocal process can reference method S950; If dispose inspection unit g02 to check that this computing equipment of discovery has deployed data black hole system, dispose inspection unit g02 and be also suitable for upgrading register list g05, this computing equipment is added entering in register list; If dispose inspection unit g02 to find that this computing equipment not yet disposes data black hole system, start and dispose inquiry unit g03;

Dispose inquiry unit g03, be suitable for sending apply for information to computing equipment, inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus; If the response message from computing equipment represents do not agree to adapter, refuse the registration request of this computing equipment, terminate; If this response is for agreeing to adapter, calling program deployment unit g04 disposes data black hole system;

Program deployment unit g04, is suitable for disposing data black hole system to computing equipment, after deployment terminates, is also suitable for upgrading register list g05, this computing equipment is added entering in register list.

This registrar g00 also comprises: trade mark enquiries unit g06, for receiving the inquiry from computing terminal such as computing equipment g12, check whether certain specific computing terminal is registered by inquiry register list g05, and to computing equipment g12 feedback query result.

Corresponding to method S940, the S950 of description above substantially, according to a further embodiment of the invention, provide a kind of computing terminal.As shown in Figure 28 h, this computing equipment h00 comprises:

I/O interface h01, is suitable for connecting with computing equipment (the computing equipment h11 in such as figure, is also called computing equipment c) Serial Communication of going forward side by side;

Dispose inspection unit h02, be suitable for sending to dispose to computing equipment (such as computing equipment c) checking message, check whether computing equipment has deployed data black hole system; Check that reciprocal process can reference method S950; If dispose inspection unit h02 to check that this computing equipment of discovery c has deployed data black hole system, dispose inspection unit h02 and be also suitable for upgrading register list h06, this computing equipment c is added entering in register list; If dispose inspection unit h02 to find that this computing equipment c not yet disposes data black hole system, start and dispose inquiry unit h03;

Dispose inquiry unit h03, be suitable for sending apply for information to computing equipment (such as computing equipment c), inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus; If the response message from computing equipment represents do not agree to adapter, refuse the registration request of this computing equipment, terminate; If this response is for agreeing to adapter, calling program deployment unit h04 disposes data black hole system;

Program deployment unit h04, is suitable for disposing data black hole system to computing equipment, after deployment terminates, is also suitable for upgrading register list h06, this computing equipment is added entering in register list.

This computing equipment h00 also comprises: black hole unit h05, is suitable for disposing data black hole system.This black hole unit h05 is suitable for carrying out data interaction with other computing terminals or computing equipment, such as, comprise and send request of access etc.

Corresponding to the method S960 of description above substantially, according to a further embodiment of the invention, provide a kind of computing terminal/computing equipment.As shown in Figure 28 i, this computing equipment i00 comprises:

I/O interface i01, is suitable for connecting with computing equipment (the computing equipment i11 in such as figure, is also called computing equipment d) Serial Communication of going forward side by side;

Dispose inspection unit i02, be suitable for receiving the request of access from other computing equipments (such as computing equipment i11) and deployment advertisement message; If deployed data black hole system by disposing advertisement message determination computing equipment i11, then upgrade register list h06, this computing equipment d has been added entering in register list;

Black hole unit i03, is suitable for disposing data black hole system, is also suitable for carrying out data interaction with other computing terminals or computing equipment i11, such as, comprise and send request of access, deployment advertisement message etc.

In addition, instruction recombination method when unit i03 in black hole is also suitable for disposing above-mentioned operation.Now, computing equipment i00 can have two kinds of patterns, namely above-mentioned safe mode and general mode.

In addition, this computing equipment i00 can also comprise deployment inquiry unit and program deployment unit, when disposing inspection unit i02 and finding that computing equipment d does not dispose data black hole system, carries out deployment inquiry and deployment operation.

In other embodiments of the present invention, computing terminal in above-described embodiment or the units/components quantity in registrar can carry out increasing and decreasing (such as required, I/O interface can not be comprised, unit directly and destination object couple), the parts and function that there is provided in each embodiment can also be provided, or with the parts in known elements alternative embodiment.

It will be appreciated by those skilled in the art that; the embodiment of above-mentioned computing terminal and registrar is all that citing describes; not as the meaning of restriction, any those of ordinary skill in the art do not depart to the distortion that said apparatus may carry out the protection domain that the claims in the present invention state.

wide area network data safety is interconnected

Continue with reference to Figure 27, if one or more not in same LAN (Local Area Network) in network 1, network 2 and network m, the following will discuss data security interacted system in this case.

According to one embodiment of the invention, provide a kind of wide area network data safe interacted system.As shown in figure 29, this wide area network data safety mutual contact turnkey is drawn together:

Be arranged in the terminal system B01 of LAN (Local Area Network) 1, terminal system B02 ..., terminal system B0n, memory device B80;

Be arranged in the terminal system B11 of LAN (Local Area Network) 2, terminal system B12 ..., terminal system B1n, memory device B81;

Be arranged in the terminal system B21 of LAN (Local Area Network) m, terminal system B22 ..., terminal system B2n, memory device B82;

Virtual secure storage server B30 interconnected with LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m respectively.

Wherein, virtual secure storage server B30 is as the trunk node of distributed file system, and memory device B80-B82 is each partial node of distributed file system.Terminal B11 only needs accesses virtual safe storage server B 30, namely obtains the data of memory device B80, B81 and B82 by virtual secure storage server B30.Data access in all LAN all directly carries out, and the data access between all LAN in fact all carries out transfer by virtual secure server B 30.

In addition, in the safe interacted system of wide area network, what each node (comprising memory device and terminal system or even virtual secure storage server) was autonomous sets up access control registration (such as said method S950 or S960).

According to a further embodiment of the invention, provide a kind of wide area network data safe interacted system.As shown in figure 30, this wide area network data safety mutual contact turnkey is drawn together:

Be arranged in the terminal system C01 of LAN (Local Area Network) 1, terminal system C02 ..., terminal system C0n;

Be arranged in the terminal system C11 of LAN (Local Area Network) 2, terminal system C12 ..., terminal system C1n;

Be arranged in the terminal system C21 of LAN (Local Area Network) m, terminal system C22 ..., terminal system C2n;

Centralized safe storage server C30 interconnected with LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m respectively, comprises memory device C80, memory device C81 and memory device C82 etc.

Wherein, centralized safe storage server C30 has the corresponding network port and lan address to distribute to each LAN 1, LAN 2 and LAN m respectively.

Centralized safe storage server C30 has the function of registrar in above-described embodiment.Terminal system in LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m is all registered on centralized safe storage server C30, and instruction recombination method when being deployed the methods such as above-mentioned safety reading/storage and having run.

Centralized safe storage server C30 comprises multiple memory device, such as memory device C80, memory device C81 and memory device C82 etc.The system terminal in safe interacted system in each LAN distributed to by these memory devices, as the safety storage apparatus adopted in its secure access method.Concrete, to dispose at centralized safe storage server C30 the data security provided in previous embodiment of the present invention to terminal system and to store and when read method, memory device C80 distributes to terminal system in LAN (Local Area Network) 1 as safety storage apparatus; Memory device C81 distributes to terminal system in LAN (Local Area Network) 2 as safety storage apparatus; Memory device C82 distributes to terminal system in LAN (Local Area Network) m as safety storage apparatus.

According to one embodiment of the invention, above-mentioned wide area network data safety mutual contact construction in a systematic way cube method comprises:

SA01, computing equipment (such as system terminal C01) send registration request to safe storage server B 30 or C30;

SA02, safe storage server B 30 or C30 inquire whether this computing equipment is agreed to take over operated by this computing equipment and the data of access by safety storage apparatus;

SA03, computing equipment send response message to safe storage server B 30 or C30, and such as content is agree to the response message of adapter;

SA04, safe storage server B 30 or C30 (being the response message of agreeing to take over according to content) dispose data black hole system on the computing device, and register this computing equipment;

SA05, safe storage server B 30 or C30 are this computing equipment deployment secure memory device (such as memory device C80), complete process of establishing.

Instruction recombination method when if safe storage server B 30 or C30 dispose above-mentioned operation to this computing equipment, instruction recombination or tracking when just can realize running.Now, instruction recombination method and data safety access method in conjunction with S6000 when can also realize such as above-mentioned operation.

After computing equipment (such as terminal system or intelligent terminal) completes registration, stored and read method by above-mentioned data security, data will be preserved in safety storage apparatus, or read data from safety storage apparatus.

the safe interacted system of network payment

Apply above-mentioned data security interacted system, according to one embodiment of the invention, provide a kind of network payment safe interacted system.As shown in figure 31, this network payment safety mutual contact turnkey is drawn together:

Be arranged in network 1: registrar D91, the safety storage apparatus D81 of data server D01 and correspondence thereof, pay the safety storage apparatus D82 of application server D02 and correspondence thereof;

Be arranged in the network 2 interconnected with network 1: registrar D90, network terminal D03 (computing machine), mobile terminal D04, and the safety storage apparatus D83 of the two correspondence; With

Be arranged in the network 3 interconnected with paying application server D02: registrar D92, account settlement server D05, account data server D06, and account data server and safety storage apparatus D84 corresponding to account settlement server.

Wherein, the interface paying application server access network 1 is called application interface, and the interface of access network 3 is called payment interface.

Wherein, network 1 and network 2 can be a network.

Wherein, data server D01, pay application server D02, network terminal D03, mobile terminal D04 and all to have registered respectively by registrar D90 and registrar D91 according to the method for S900 presented hereinbefore and added the safe interacted system of network 1 and network 2; Pay application server D02, account settlement server D05, account data server D06 and all add safe interacted system according to the method for S900 presented hereinbefore by registrar D92 registration.Lay respectively among network 1 and network 3, so register respectively to registrar D91 and D92 owing to paying application server D02.

Wherein, data server D01, pay application server D02 corresponding safety storage apparatus also can be identical; The safety storage apparatus that network terminal D03, mobile terminal D04 are corresponding also can be different; The safety storage apparatus that account settlement server D05, account data server D06 are corresponding also can be different.

Wherein, instruction recombination method and the safe storage/reading/transmission method based on the method during the above-mentioned operation of registrar D90, D91 and D92 deployed with devices of registering to each.

Continue with reference to Figure 31, in the safe interacted system of network payment, network terminal D03 or mobile terminal D04 can data server D01 in accesses network 1, and can setting up on data server D01 accesses to your account preserves visit information (can certainly preserve visit information in this locality, its process is identical with S910).

The process of the data server D01 in network terminal D03 or mobile terminal D04 accesses network 1 is similar to S910, but adds the step of preserving visit information on data server D01.Concrete, this process (i.e. the processing procedure of the data access request of computing terminal) S920 comprises:

S921, computing equipment (network terminal D03 or mobile terminal D04) send request of access to data server D01; This request of access can directly send to data server D01 by computing equipment, also can be transmitted to data server D01 by other application servers;

S922, data server D01 send secure address apply for information to registrar D90, inquire whether this computing terminal is secure address;

S923, registrar D90 send secure address response message to data server D01, inform that this computing terminal is secure address;

S924, obtain affirmative acknowledgement after, data server D01 reads corresponding data according to this request, and this reading process is above-mentioned data safe reading method; If obtain negative response, then data server D01 ignores described data access request;

S925, data server D01 send data answering to computing terminal;

S926, computing terminal determine a part of visit data to be kept on data server D01, and according to above-mentioned secure storage method of data, data server D01 preserves data to safety storage apparatus D81.

Continue with reference to Figure 31, in the safe interacted system of network payment, network terminal D03 or mobile terminal D04 can buy the product or service of accessing by the payment application server D02 in network 1.

Network terminal D03 or mobile terminal D04 (by application interface) access is paid application server D02, is then comprised by process (i.e. the processing procedure of the payment request of the computing terminal) S930 paying application server D02 access account settlement server D05:

S931, computing equipment (network terminal D03 or mobile terminal D04) send to payment application server D02 the request of payment;

This payment request directly can be sent to by computing equipment and pay application server D02, also can be transmitted to by other application servers and pay application server D02;

This payment request comprises fund account information and the Transaction Information of user; Described fund account information can be the fund account information of entity bank account, virtual bank's account and other types, and described Transaction Information comprises number of transaction, unit price etc.;

S932, payment application server D02 send secure address apply for information to registrar B90, inquire whether this computing terminal is secure address;

S933, registrar D90 send secure address response message to payment application server D02, inform that this computing terminal is secure address;

If S934 obtains negative response, then pay application server D02 and ignore described payment request; If obtain affirmative acknowledgement, pay application server D02 and calculate transaction data according to the Transaction Information paid in request and generate settlement information; Settlement information can be a concrete numerical value (i.e. required payment), also can be a series of data for calculating settlement information;

S935, payment application server D02 (passing through payment interface) send clearing request to account settlement server D05; Described clearing request comprises fund account information and the settlement information of user;

S936, account settlement server D05 send secure address apply for information to registrar D92, inquire whether this payment application server D02 is secure address;

S937, registrar D92 send secure address response message to account settlement server D05, inform that this payment application server D02 is secure address;

S938, account settlement server D05 call corresponding fund account data according to the fund account information (such as account name and account ID) in settlement information;

Judge whether fund account data can meet the requirement of settlement information;

If can not meet, send to payment application server D02 and unsuccessfully reply;

If can meet, carry out settlement operations (amount of money by settlement information is deducted from fund account data), the fund account data of renewal are kept at corresponding safety storage apparatus D84, and send successful respond to payment application server D02;

S939, pay application server D02 according to the success received or unsuccessfully reply to send to computing terminal and successfully or unsuccessfully reply, and if be successful respond, the safety storage apparatus D82 of correspondence preserves this payment request information.

Wherein, in step S938, account settlement server D05 can also access account data server D06 to obtain fund account data.

Above-mentioned safe interacted system (such as the safe interacted system of data security interacted system/network payment) is by data security characteristic (such as data security storage/reading/transmission method, and based on the data security storage/reading/transmission method of instruction recombination method when running) implant in LAN (Local Area Network) or wide area network, ensure that the security of sensitive data in LAN and Wide Area Network.Even if rogue program is invaded, any data of its access all can not be stolen, and even all will forever be confined among the safety storage apparatus of safe interacted system together with rogue program itself.

Above-mentioned safe interacted system not only provides strong support to the data security in cloud computing, and more network payment and the universal of mobile payment have established safe basis.

It should be noted that and understand, when not departing from the spirit and scope of the present invention required by accompanying claim, various amendment and improvement can be made to the present invention of foregoing detailed description.Therefore, the scope of claimed technical scheme is not by the restriction of given any specific exemplary teachings.

Claims

1. data security interacted system is set up and a data access method, comprising:

Step 4, the second computing equipment check described deployment response;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer;

After step 6, also comprise:

2. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, after step a3, secure storage method of data also comprises:

3. data security interacted system as claimed in claim 2 is set up and data access method, and wherein, before step a1, secure storage method of data also comprises:

4. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, before step b4, data safe reading method also comprises:

5. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step a1 and b1, described hardware instruction is from hardware mapping layer.

6. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is the instruction recombination method when the first computing equipment deploy is run also, and during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

7. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is the instruction recombination method when the first computing equipment deploy is run also, and during this operation, instruction recombination method comprises:

Steps d 1, cache instruction running environment;

8. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is the instruction recombination method when the first computing equipment deploy is run also, and during this operation, instruction recombination method comprises:

Step e1, cache instruction running environment;

9. data security interacted system as claimed in claim 1 is set up and data access method, between step 1 and step 2, also comprises:

10. a data security interacted system, comprising: the first computing equipment, the second computing equipment and safety storage apparatus; Wherein, described first computing equipment and the second computing equipment are suitable for mutual registration, and are saved the data on safety storage apparatus or from safety storage apparatus reading data by secure storage method of data and data safe reading method;

11. data security interacted systems as claimed in claim 10, wherein, instruction recombination method when described first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

12. data security interacted systems as claimed in claim 10, wherein, instruction recombination method when described first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Steps d 1, cache instruction running environment;

13. data security interacted systems as claimed in claim 10, wherein, instruction recombination method when described first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step e1, cache instruction running environment;

14. 1 kinds of computing equipments, comprising:

Black hole unit, is suitable for disposing data black hole system;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

15. computing equipments as claimed in claim 14, wherein said black hole unit is also suitable for and the second computing equipment interaction data.

16. computing equipments as claimed in claim 14, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step c1, cache instruction running environment;

17. computing equipments as claimed in claim 14, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Steps d 1, cache instruction running environment;

18. computing equipments as claimed in claim 14, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step e1, cache instruction running environment;

19. computing equipments as claimed in claim 14, wherein, do not agree to adapter if represented from the response message of the second computing equipment, dispose inquiry unit and be suitable for the registration request refusing this second computing equipment; If this response message agrees adapter, dispose inquiry unit and be suitable for start-up routine deployment unit.

20. computing equipments as claimed in claim 14, also comprise:

21. computing equipments as claimed in claim 19, wherein, if dispose inspection unit inspection to find that described second computing equipment has deployed data black hole system, dispose inspection unit and be also suitable for upgrading register list, this second computing equipment is added entering in register list; If dispose inspection unit to find that this second computing equipment not yet disposes data black hole system, start and dispose inquiry unit.

22. computing equipments as claimed in claim 19, also comprise:

23. computing equipments as claimed in claim 19, also comprise: