CN104715206A - Data security protection method for mobile storage medium - Google Patents
Data security protection method for mobile storage medium Download PDFInfo
- Publication number
- CN104715206A CN104715206A CN201310677217.1A CN201310677217A CN104715206A CN 104715206 A CN104715206 A CN 104715206A CN 201310677217 A CN201310677217 A CN 201310677217A CN 104715206 A CN104715206 A CN 104715206A
- Authority
- CN
- China
- Prior art keywords
- memory medium
- mobile memory
- data
- random key
- file system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a data security protection method for a mobile storage medium. A file system not loaded by an operating system is established on the mobile storage medium, data in the mobile storage medium are encrypted, the encrypted data and encrypted files are read and written through a special tool, a browser of the operating system or other progresses cannot directly read or write the encrypted data and the encrypted files, infecting and stealing of Trojan, viruses and the like to the data are avoided, and the data and the files on the mobile storage medium can be effectively protected. Establishing and using can be achieved on any continuous storage space, special hardware is not needed, and the performance cost ratio is high.
Description
Technical field
The present invention relates to electronic information technical field, especially a kind of data security protection method of mobile memory medium.
Background technology
Mobile memory medium comprises USB flash disk, portable hard drive, floppy disk, CD, storage card etc., has little, the capacious feature of volume.The convenient storage medium of one as message exchange, nowadays mobile memory medium is used widely.Owing to lacking the effective control measures for mobile memory medium in the application, cause mobile memory medium to face the threats such as virus infections, important information loss, information-leakage, seriously annoying the information security of user.
At present, the most frequently used mobile memory medium is based on flash memory (Nand flash), as USB flash disk, CF card, SD card, TF card, SDHC card, mmc card, SM card, memory stick, XD card etc., particularly USB flash disk is convenient for carrying and the characteristic used with it, obtains a large amount of uses of user.
In order to solve the problem of data safety stored in mobile memory medium, soft and hardware encryption technology generally can be adopted to be encrypted the data that mobile memory medium is preserved and file, even if mobile memory medium is lost like this, also not worrying that data and file are divulged a secret.Conventional mode adopts encryption software, or specialized hardware is encrypted mobile memory medium.
When hardware encipher adopts to mobile memory medium to realize cost higher, impracticable, be not suitable for domestic consumer and to the less demanding enterprise of safe class.
Encryption software, generally based on password encryption, is relatively simple and easy to use.After inputting correct password, just by mobile memory medium file system normal load in operating system, with the use of generic file system without any difference, mobile memory medium occurs with the form of a drive.Now, the wooden horse on host, virus or the data can stolen on mobile memory medium and file, infect the program on mobile memory medium, the data security of mobile memory medium does not effectively improve.
Summary of the invention
The object of the invention is: the data security protection method that a kind of mobile memory medium is provided, the problem that the data security existed when it solves the data of existing employing software mode protection mobile memory medium is not high, to overcome the deficiencies in the prior art.
The present invention is achieved in that the data security protection method of mobile memory medium, and mobile memory medium creates the file system that an operating system can not load; According to the checking password of user's input, the random key of spanned file system, is saved in file system by the cryptographic hash of checking password and the random key after using checking password encryption; Utilize random key to carry out data encrypting and deciphering operation to mobile memory medium, thus realize the data security protecting to mobile memory medium.
The file system that described operating system can not load is, sets up a FAT32 system, and the gross space size of this FAT32 system is set to 0, and the true primary partition table of this file system and random key are kept at the position after the primary partition table of FAT32 system.
Described random secret key is, according to the checking password of user's input, the random key of spanned file system, is saved in the cryptographic hash of described checking password and the random key after using described checking password encryption in described file system.
Stream cipher encrypting algorithm is adopted when using described random key to carry out encryption and decryption to file.
Owing to have employed technique scheme; compared with prior art; the present invention creates the file system that an operating system can not load on mobile memory medium; data in mobile memory medium are encrypted; by the data after specific purpose tool read-write encryption and file; the browser that operating system carries or other process cannot data after direct read/write encryption and files; avoid wooden horse, virus etc. to the infection of data with steal, can data on available protecting mobile memory medium and file.The present invention can spatially create at any Coutinuous store and use, and do not need specialized hardware, cost performance is high.
Accompanying drawing explanation
Fig. 1 is workflow diagram of the present invention;
Fig. 2 is the structural representation of the FAT32 system of improvement in embodiments of the invention;
Fig. 3 is operational flowchart when reading and writing the data of mobile memory medium in embodiments of the invention;
Fig. 4 is the structural drawing of mobile memory medium data security protecting system in embodiments of the invention.
Embodiment
Embodiments of the invention: the data security protection method of mobile memory medium, mobile memory medium is set up a FAT32 system, the gross space size of this FAT32 system is set to 0, the true primary partition table of this file system and random key are kept at the position after the primary partition table of FAT32 system; Random secret key is the checking password according to user's input, the random key of spanned file system, is saved in file system by the cryptographic hash of checking password and the random key after using checking password encryption; Utilize random key to carry out data encrypting and deciphering operation to mobile memory medium, thus realize the data security protecting to mobile memory medium; Random key adopts stream cipher encrypting algorithm when carrying out encryption and decryption to file.
Concrete operating process is as shown in Figure 1:
In step S101, mobile memory medium creates the file system that an operating system can not load;
Use file system creating unit on mobile memory medium, open up one section of Coutinuous store space, create file system on this space, this file system is read and write by reading and writing data processing unit, directly can not be loaded in operating system and use, after such process, mobile memory medium directly cannot be loaded as drive in an operating system, cannot directly read, and avoids virus, wooden horse stealing and infecting the data in mobile memory medium.
In step s 102, the checking password that random key generation unit inputs according to user, the random key of spanned file system, is saved in file system by the cryptographic hash of checking password and the random key after using checking password encryption;
In step s 103, this random key is utilized to carry out data encrypting and deciphering operation to mobile memory medium.
In embodiments of the present invention, the checking password inputted during user-in file system creation, after being proved to be successful, decrypted random key, the encrypt and decrypt read and write data when operating after random key is used for.
In embodiments of the present invention, when file is write mobile memory medium, use this random key data encryption to be preserved, when data being read from mobile memory medium, use this random key to data deciphering.
Use when the encryption of this random key, data decryption and use stream cipher encrypting algorithm, such as RC4 etc., the problem of the file size that other cryptographic algorithm can be avoided to cause alignment.
After above-mentioned process, the browser that operating system carries, general browser or other process cannot data after the encryption of direct read/write mobile memory medium and files, thus avoid wooden horse, virus etc. to the infection of data in mobile memory medium with steal.
In an embodiment of the present invention, by carrying out special format process to mobile memory medium, the FAT32 system improved can be created, as shown in Figure 2.
1) primary partition table of FAT32 system is revised;
Before FAT32 system, 512 bytes are master boot sectors, and primary partition table is totally 64 bytes, are generally positioned at the 446th byte place in Zhu Yin15Dao district.In front 446 bytes, there is some area stores disk read-write parameter, as total disk space size, sector-size etc.
In FAT32 system, gross space size in the disk read-write parameter of this file system is set to 0, after such process, mobile memory medium is in general operating system, such as, directly cannot be loaded as drive in Windows system, directly cannot read, avoid virus, wooden horse stealing and infecting data in mobile memory medium.
2) the true primary partition table of file system and random key are kept at the position after the primary partition table of FAT32 system.
As shown in Figure 2, can create multiple sub-directory under the root directory of the FAT32 system improved, can store multiple file under each sub-directory, each file utilizes random key to be encrypted to the schematic construction of the FAT32 system of this improvement.
As shown in Figure 3, the operating process when data of embodiments of the invention to mobile memory medium are read and write, details are as follows:
In step S301, receive the checking password of user's input;
In step s 302, whether the checking password of authentication of users input is correct, correctly then performs step S303, otherwise logs off;
In step S303, utilize this checking password decryption random key;
In step s 304, when read data, utilize the data in this random key deciphering mobile memory medium;
In step S305, when writing data, this random key is utilized to encrypt the data write in mobile memory medium.
Fig. 4 shows the structure of the data security protecting system of the mobile memory medium that the embodiment of the present invention provides, and for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.
File system creating unit 41 creates the file system that an operating system can not load on mobile memory medium.Namely this file system is the FAT32 system of above-mentioned improvement.
In the FAT32 system of this improvement, the gross space size of this file system is 0, and the primary partition table of file system and random key are kept at the position after the primary partition table of FAT32 system.
The schematic construction of the FAT32 system of this improvement as shown in Figure 2, repeats no more.
The checking password that random key generation unit 42 inputs according to user, generates the random key of this file system, the cryptographic hash of checking password and the random key after using checking password encryption is saved in this file system.
Reading and writing data processing unit 43 utilizes this random key to carry out data encrypting and deciphering operation to mobile memory medium.
Reading and writing data processing unit 43 is specific purpose tools of this file system of read-write, such as special file browser or other Software tools etc., the browser that operating system carries, general browser or other process cannot data after the encryption of direct read/write mobile memory medium and files, thus avoid wooden horse, virus etc. to the infection of data in mobile memory medium with steal.
Stream cipher encrypting algorithm is adopted, such as RC4 etc., the problem of the file size that other cryptographic algorithm can be avoided to cause alignment when using random key to carry out encryption and decryption to data.
The present invention can spatially create at any Coutinuous store and use, and do not need specialized hardware, cost performance is high.
File system creating unit 41 can adopt known file read-write Interface realization; Random key generation unit 42 can adopt known random data generating algorithm; Reading and writing data processing unit 43 can adopt known data read and write interface to realize.
Claims (4)
1. a data security protection method for mobile memory medium, is characterized in that: on mobile memory medium, create the file system that an operating system can not load; According to the checking password of user's input, the random key of spanned file system, is saved in file system by the cryptographic hash of checking password and the random key after using checking password encryption; Utilize random key to carry out data encrypting and deciphering operation to mobile memory medium, thus realize the data security protecting to mobile memory medium.
2. the data security protection method of mobile memory medium according to claim 1; it is characterized in that: the file system that described operating system can not load is; set up a FAT32 system; the gross space size of this FAT32 system is set to 0, the true primary partition table of this file system and random key are kept at the position after the primary partition table of FAT32 system.
3. the data security protection method of mobile memory medium according to claim 1; it is characterized in that: described random secret key is; according to the checking password of user's input; the random key of spanned file system, is saved in the cryptographic hash of described checking password and the random key after using described checking password encryption in described file system.
4. the data security protection method of mobile memory medium according to claim 1, is characterized in that: adopt stream cipher encrypting algorithm when using described random key to carry out encryption and decryption to file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310677217.1A CN104715206A (en) | 2013-12-13 | 2013-12-13 | Data security protection method for mobile storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310677217.1A CN104715206A (en) | 2013-12-13 | 2013-12-13 | Data security protection method for mobile storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104715206A true CN104715206A (en) | 2015-06-17 |
Family
ID=53414522
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310677217.1A Pending CN104715206A (en) | 2013-12-13 | 2013-12-13 | Data security protection method for mobile storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104715206A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108733997A (en) * | 2018-04-04 | 2018-11-02 | 广东南方电力通信有限公司 | A kind of moving electric power data monitoring system and method based on fingerprint recognition |
| CN110378133A (en) * | 2019-06-28 | 2019-10-25 | 深圳市元征科技股份有限公司 | A kind of document protection method, device, electronic equipment and storage medium |
| CN115795519A (en) * | 2023-01-18 | 2023-03-14 | 苏州浪潮智能科技有限公司 | Data encryption and decryption processing method and device, electronic equipment and storage medium |
| CN116743378A (en) * | 2023-08-11 | 2023-09-12 | 江苏盖睿健康科技有限公司 | Method for encrypting USB flash disk data exchange |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101692266A (en) * | 2009-09-25 | 2010-04-07 | 天津大学 | Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID |
| WO2011003722A1 (en) * | 2009-07-07 | 2011-01-13 | Gemalto Sa | Software security module using the encryption of the hash of a password concatenated with a seed |
| CN103136122A (en) * | 2011-11-23 | 2013-06-05 | 北京兴宇中科科技开发股份有限公司 | Encryption method of removable disc |
| CN103236930A (en) * | 2013-04-27 | 2013-08-07 | 深圳市中兴移动通信有限公司 | Data encryption method and system |
| CN103258170A (en) * | 2013-04-24 | 2013-08-21 | 厦门市美亚柏科信息股份有限公司 | Mobile storage medium data safety protective method |
-
2013
- 2013-12-13 CN CN201310677217.1A patent/CN104715206A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011003722A1 (en) * | 2009-07-07 | 2011-01-13 | Gemalto Sa | Software security module using the encryption of the hash of a password concatenated with a seed |
| CN101692266A (en) * | 2009-09-25 | 2010-04-07 | 天津大学 | Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID |
| CN103136122A (en) * | 2011-11-23 | 2013-06-05 | 北京兴宇中科科技开发股份有限公司 | Encryption method of removable disc |
| CN103258170A (en) * | 2013-04-24 | 2013-08-21 | 厦门市美亚柏科信息股份有限公司 | Mobile storage medium data safety protective method |
| CN103236930A (en) * | 2013-04-27 | 2013-08-07 | 深圳市中兴移动通信有限公司 | Data encryption method and system |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108733997A (en) * | 2018-04-04 | 2018-11-02 | 广东南方电力通信有限公司 | A kind of moving electric power data monitoring system and method based on fingerprint recognition |
| CN108733997B (en) * | 2018-04-04 | 2021-09-24 | 广东南方电力通信有限公司 | Mobile power data monitoring system and method based on fingerprint identification |
| CN110378133A (en) * | 2019-06-28 | 2019-10-25 | 深圳市元征科技股份有限公司 | A kind of document protection method, device, electronic equipment and storage medium |
| CN115795519A (en) * | 2023-01-18 | 2023-03-14 | 苏州浪潮智能科技有限公司 | Data encryption and decryption processing method and device, electronic equipment and storage medium |
| CN116743378A (en) * | 2023-08-11 | 2023-09-12 | 江苏盖睿健康科技有限公司 | Method for encrypting USB flash disk data exchange |
| CN116743378B (en) * | 2023-08-11 | 2023-12-08 | 江苏盖睿健康科技有限公司 | Method for encrypting USB flash disk data exchange |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103106372B (en) | For lightweight privacy data encryption method and the system of android system | |
| CN104951409B (en) | A kind of hardware based full disk encryption system and encryption method | |
| US9811478B2 (en) | Self-encrypting flash drive | |
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| WO2017041603A1 (en) | Data encryption method and apparatus, mobile terminal, and computer storage medium | |
| CN101650693B (en) | Security control method for mobile hard disk and security mobile hard disk | |
| CN204595860U (en) | A kind of memory device encryption bridge | |
| TWI570590B (en) | Dynamic encryption keys for use with xts encryption systems employing reduced-round ciphers | |
| CN103955654A (en) | USB (Universal Serial Bus) flash disk secure storage method based on virtual file system | |
| US8891773B2 (en) | System and method for key wrapping to allow secure access to media by multiple authorities with modifiable permissions | |
| CN102831346A (en) | Method and system for file protection | |
| TW201530344A (en) | Application program access protection method and application program access protection device | |
| CN104063672A (en) | Data security storage method | |
| CN104715206A (en) | Data security protection method for mobile storage medium | |
| TWI503692B (en) | Secure storage method, terminal and system based on virtualization | |
| CN105760789A (en) | Protection method for encryption key in encrypted mobile solid-state disk | |
| CN103207976B (en) | Mobile storage file prevents the method for divulging a secret and the secret USB flash disk based on the method | |
| CN105205416A (en) | Mobile hard disk password module | |
| CN102346716A (en) | Encryption method and decryption method of hard disk storage device and encryption and decryption system used for hard disk storage device | |
| CN104361297A (en) | File encryption and decryption method based on Linux operating system | |
| CN101127013A (en) | Enciphered mobile storage apparatus and its data access method | |
| CN107861892B (en) | Method and terminal for realizing data processing | |
| CN103491384A (en) | Encrypting method and device of video and decrypting method and device of video | |
| CN103870769A (en) | Method and system for protecting magnetic disk | |
| CN104463003A (en) | File encryption protecting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150617 |