CN105518700B - System for the data protection in shutdown mode - Google Patents
System for the data protection in shutdown mode Download PDFInfo
- Publication number
- CN105518700B CN105518700B CN201480047957.XA CN201480047957A CN105518700B CN 105518700 B CN105518700 B CN 105518700B CN 201480047957 A CN201480047957 A CN 201480047957A CN 105518700 B CN105518700 B CN 105518700B
- Authority
- CN
- China
- Prior art keywords
- data
- equipment
- calculating equipment
- security module
- data protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000004224 protection Effects 0.000 title claims abstract description 181
- 230000004044 response Effects 0.000 claims description 71
- 230000005611 electricity Effects 0.000 claims description 4
- 230000001808 coupling Effects 0.000 claims description 2
- 238000010168 coupling process Methods 0.000 claims description 2
- 238000005859 coupling reaction Methods 0.000 claims description 2
- 230000015572 biosynthetic process Effects 0.000 claims 3
- 238000005755 formation reaction Methods 0.000 claims 3
- 238000004590 computer program Methods 0.000 abstract description 10
- 230000015654 memory Effects 0.000 description 25
- 238000000034 method Methods 0.000 description 22
- 238000001514 detection method Methods 0.000 description 18
- 238000004891 communication Methods 0.000 description 17
- 230000003287 optical Effects 0.000 description 17
- 230000001960 triggered Effects 0.000 description 13
- 230000001413 cellular Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 230000003993 interaction Effects 0.000 description 7
- 238000011084 recovery Methods 0.000 description 7
- 239000000203 mixture Substances 0.000 description 6
- 230000000694 effects Effects 0.000 description 5
- 241001269238 Data Species 0.000 description 4
- 230000000875 corresponding Effects 0.000 description 4
- 239000000284 extract Substances 0.000 description 3
- 239000000463 material Substances 0.000 description 3
- 230000003068 static Effects 0.000 description 3
- 210000003128 Head Anatomy 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000001010 compromised Effects 0.000 description 2
- 238000011068 load Methods 0.000 description 2
- 230000005055 memory storage Effects 0.000 description 2
- 230000000051 modifying Effects 0.000 description 2
- 230000002093 peripheral Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 210000004556 Brain Anatomy 0.000 description 1
- 210000001503 Joints Anatomy 0.000 description 1
- 210000003660 Reticulum Anatomy 0.000 description 1
- 230000003213 activating Effects 0.000 description 1
- 230000000712 assembly Effects 0.000 description 1
- 239000011469 building brick Substances 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 230000001419 dependent Effects 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 230000001809 detectable Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000002708 enhancing Effects 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 230000003116 impacting Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006011 modification reaction Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 238000002604 ultrasonography Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Abstract
Provide the method, system and computer program product for the data that protection is stored in equipment in equipment shutdown.The equipment includes the first operating system and security module.First operating system (OS) is the main OS of the equipment, manages computer resource when equipment energization is in " booting " mode.Security module is separated with main OS, and is configured to monitor undesirable equipment and is distorted.The security module realizes that the security module works when the device is turned off within hardware, and therefore can protect data when the device is turned off from the access of unauthorized.The security module can be realized in the form of circuit, system on chip (SOC), the secondary OS that executes in the processor circuit separated with the processor hardware for executing main OS, and/or in another form.
Description
Background
More and more data are stored in equipment, are especially stored in mobile device.For example, people can store
Personal data, and employee can store on their device company data, government data, client-related data, intellectual property and/
Or the data of other sensitive forms.When device losses, being stolen or being compromised in some other manner, these sensitive datas are set to
In risk.
In order to solve this problem, the technology for protecting the sensitive data in equipment has been developed.Traditional equipment
Data Protection Technologies generally rely on some form of user authentication, encryption or combinations thereof.For example, user it is settable she equipment come
Input particular password or PIN are required before data can be accessed in equipment.Additionally, some equipment allow users to pair
The file or folder being stored thereon is encrypted, it means that must be inputted before file can be checked or be replicated close
Code.Although such mechanism can help prevent sensitive data by the access of unauthorized, they are not completely reliable.
For example, if user is forced to provide her password in the case where violating her wish, or if equipment is grasped in activity
It is removed when making (that is, after the password that user has had input her), then password mechanism will not have effect.Also some other sides
Formula can be used for capturing user authentication and encipherment scheme.Once these data protection measures have been hacked, then usually not square
Formula prevents access of the sensitive data by unauthorized.
If the user determine that the equipment that she is in her is likely to stolen place, then she comes the step that can take the initiative
Protect sensitive data.For example, user can input commands into equipment to delete all sensitive datas from the device.Depend on
In the scene, this may be necessary for the personal security's property and sensitive data of protecting user.However, in many feelings
Under condition, user will not be able to expect that her equipment will be stolen and thus without taking such step.Even if user can be pre-
In the case where expecting that equipment is stolen, user may be quick to delete from the device to interact with her equipment without enough Deal with Time
Feel data.
It summarizes
This general introduction is provided so as to introduce in simplified form will be described in detail below in some concepts for further describing.This
The key features or essential features for being not intended to mark claimed subject are summarized, are intended to be used to limit claimed
The range of theme.
Provide method, system and the computer for the data that protection is stored in equipment in equipment shutdown
Program product.The equipment includes the first operating system and security module.First operating system (OS) is the main OS of the equipment, is being set
Standby be powered when being in " booting " mode manages computer resource.Security module is separated with master operating system, and is configured to supervise
It is distorted depending on undesirable equipment.Security module is worked in equipment shutdown with hardware realization, the security module, and
Even therefore can also protect data from the access of unauthorized when equipment is shut down.
Below with reference to each attached drawing, the further features and advantages of detailed description of the present invention and each reality of the invention
Apply example structurally and operationally.It is worth noting that, the present invention is not limited only to specific embodiment described herein.It is presented herein this
The purposes of a little being merely to illustrate property of embodiment.Based on description contained herein, technology of the other embodiments for related fields
Personnel will be apparent.
Detailed description of the invention
It is integrated to this specification and the attached drawing formed part of this specification shows each embodiment of the invention, and
Together with the description, it is further used for illustrating the principle of the present invention, and those skilled in the relevant arts is allowed to implement and use these realities
Apply example.
It includes the data for being configured to protect the data of storage on the computing device that Fig. 1, which is shown according to an example embodiment,
The block diagram of the data protection environment of protection system.
Fig. 2 shows the streams for the process for providing the protection for being configured to stored data according to an example embodiment
Cheng Tu.
Fig. 3 shows the process for selecting the data protection for data to respond according to an example embodiment.
Fig. 4 shows the flow chart as optional data protection Response List according to an example embodiment.
Fig. 5 shows to provide and be triggered according to an example embodiment for monitoring context triggering associated with data pair
The flow chart of the process of the execution of data protection response.
Fig. 6 is shown according to an example embodiment for restoring according to the soft process for deleting deleted data.
Fig. 7 is shown according to an example embodiment for equipment to be distorted to the mistake for being dispatched to data and triggering as context
Journey.
Fig. 8, which is shown, is configured to distort equipment the context touching being used as data protection according to an example embodiment
The block diagram of the data protection system of hair.
Fig. 9 is shown according to an example embodiment for executing the process of security module.
Figure 10 shows to provide according to an example embodiment and distort for supervision equipment to trigger and respond to data protection
The flow chart of the process of execution.
Figure 11, which is shown, to be provided according to an example embodiment for the various processes of distorting sensor in supervision equipment
Flow chart.
Figure 12 shows the section of a part of the equipment for being associated with the sensor that monitoring is distorted according to an example embodiment
Figure.
Figure 13 A-13D shows the various example implementations of the security module according to each embodiment.
Figure 14 shows the block diagram that can wherein realize the illustrative user device of each embodiment.
Figure 15 shows the block diagram that can be used to realize the Example Computing Device of each embodiment.
When combining that wherein identical appended drawing reference identifies the attached drawing of corresponding element, the features and advantages of the present invention will be from
It is become more fully apparent in detailed description set forth below.In the accompanying drawings, identical reference label refers generally to identical, function
Similar element in upper similar and/or structure.The attached drawing that wherein element occurs for the first time is by most left in corresponding reference label
The digital indication of side.
Detailed description
I. it introduces
The specification and drawings disclose one or more embodiments including each feature of the invention.The scope of the present invention
It is not limited to the disclosed embodiments.The disclosed embodiments are merely exemplary the present invention, and the disclosed embodiments is modified
Version also by the present invention it is contemplated.Various embodiments of the present invention are defined by the claims appended hereto.
Described by reference expression in specification to " one embodiment ", " embodiment ", " example embodiment " etc.
Embodiment may include a particular feature, structure, or characteristic, still, each embodiment can need not include the special characteristic, structure,
Or feature.In addition, these phrases not necessarily refer to identical embodiment.In addition, when describing special characteristic, knot about a certain embodiment
When structure or characteristic, in spite of being explicitly described, realized about other embodiments this feature, structure or characteristic be considered as
In the knowledge of those skilled in the art.
Multiple exemplary embodiments are described below.It should be noted that any chapters and sections/sub- chapter title is not intended to provided herein
Limitation.Each embodiment is described in this document, and any kind of embodiment can be included under any chapters and sections/sub- chapters and sections.
In addition, each embodiment disclosed in any chapters and sections/sub- chapters and sections can from identical chapters and sections/sub- chapters and sections and/or different chapters and sections/sub- chapter
Any other embodiment described in section combines in any way.
Chapters and sections II below describes the example data including the calculating equipment for realizing the data protection of context triggering
Protect environment.It is the exemplary embodiment triggered for the context of data protection that chapters and sections III, which describes wherein equipment and distorts,.Chapter
Section IV describes the example movement for calculating equipment and desk device is realized.Chapters and sections V provides some example embodiments.Chapters and sections VI is provided
Some summing-ups are commented.
II. for the example embodiment of the data protection of context triggering
Each embodiment described herein is realized in a manner of based on the configurable of context and automatically and is set to being stored in
The protection of standby upper data.Provisioning Policy is allowed users to based on the data protection of context to protect the data in equipment to exempt from
By undesired access, such as used in the case where equipment has been stolen, in the wish that equipment is just violating user (for example,
User is forced to provide equipment password, equipment is removed in activity operations) in the case where and other situations under.It is examining
When measuring risky external context, movement predetermined is performed automatically to protect data, to prevent data from being damaged
It is bad.
Data protection system based on context is protected for the access that user accidentally or reluctantly authorizes.When
When risky context is identified, data are automatically protected come from being compromised.
The embodiment implemented for the data protection based on context and execute framework is provided.Implementing framework can be used for
Define data sensitive rank (for example, rank 1, rank 2 etc.), data protection response (for example, soft deletion, hard deletion etc.), wind
Between danger/triggering context (context 1, context 2) and these elements mapping (for example, rank 1- > context 1- > it is soft
It deletes, indicates when context 1 is detected, the content of rank 1 will be by soft deletion).Execution framework is configured to activate pre-
The action/response first defined is to ensure that data are protected.Movements such as " soft deletion " (hiding datas) can be reduced, and " hard
Delete " data are wiped completely without the option for data convert.
In embodiments, potential dangerous situation may occur in the shutdown mode of equipment.For example, when equipment is being closed
When machine mode, a people may attempt to open equipment to store thereon from the one or more storage equipment of equipment removal to access
Data.Provide the technology for detecting the situation automatically.In one embodiment, the implementation of data safety can in such case
By by the additional firmware of chipset (for example, Attached Processor, OS etc.) form include in a device with realize tampering detection come
It completes.For example, low-power consumption, the IC chip to work always and the 2nd OS may be present in the equipment to protect the equipment to exempt from
It is removed by storage.Even if equipment main OS shutdown when, once detect that device hardware is just tampered, data protection movement just by
The second, the OS to work always is executed.
In an example embodiment, data protection can be configured the selected data in equipment: equipment as follows
Equipped with the special chip group (one or more IC chips) distorted with low power consumption operation so as to processing equipment.The chipset can wrap
Include the 2nd OS to work always.The OS be installed at one or more device locations (be such as attached to the shell of equipment/
In physical container, the encirclement in device housings, at storing framework in a device (for example, being attached to the storage in equipment
At the screw of frame)) sensor connection.In the OS to work always, context setting can be configured.Monitor physical container
Sensor be configured to be arranged the acceptable acceptable terms (for example, correctly spiral open order) for opening equipment.
In main OS, the content to be protected stored in a device can be specific together with the context and (all) protected for trigger data
Protection response selected together.For example, the data protection about one or more file/folders can be requested to request to mark
Content to be protected out.(no matter whether main OS is switched on) when the 2nd OS is detected to physical container when distorting, the 2nd OS is just held
Row tentation data protects response/movement, may include the hard deletion of content, so that being marked as sensitive data can be deleted automatically
Remove and without it is any for recovery option.
Various possible responses can be taken to protect data in the case where context is triggered and is detected.Such data
The example of protection response includes one of the following or multiple: it is hard to delete, it is off-loaded automatically from wherein being marked as sensitive data
It is deleted in equipment, without the option for reduction;Soft deletion, wherein being marked as sensitive data by operating system (OS)
It (is deposited by the data of soft deletion by deleting the link to the data and link being stored in home automatically to hide
It stores up but invisible to user, protected data can be encrypted etc.);Prompting be provided to user (for example, message, sound,
Visual prompting etc.);File can be prohibited to open;Show that the window of the opening of the data can be closed;The window of opening can be hidden
It ensconces behind other windows;Etc..
Note that in embodiments, one or more of such data protection can be executed by " independently ", so that place
The user of reason equipment is unaware of data protection response and is executed.For example, the personnel of processing equipment, which may be because, distorts equipment (example
Such as, the shell for attempting to open equipment takes device memory), because fail correct time input password or key sequence,
Because by equipment conveying to specific position, because being interacted in a manner of unfamiliar with equipment UI, because being sensed personnel
Biometric condition etc. and cause data protection response to be performed.Data protection response can be performed in an independent way, be made
The personnel are unaware of response and are executed.For example, data can be by independently hiding, soft deletion or hard deletion, so that the personnel
Even data are unaware of to be present in equipment just in equipment or once.Additionally or alternatively, shown window can be in the people
The previous arrangement that member sees window is rearranged before, and prompting can be sent to equipment in the case where the personnel are unaware of
Owner or administrator, and/or other data protections response can be performed in a discrete fashion.
There can be various benefits to this independently execute of data protection.For example, unauthorized personnel attempts in access equipment
Sensitive data can trigger to the soft deletion of the sensitive data or hide.If unauthorized personnel is unaware of the data and just sets at this
It is standby upper or be once present in the equipment, and the data are not found on the device immediately (because it is hidden or is deleted by soft
Except), then the personnel more rapidly may find the data to trial on the device and lose interest.In addition, if the equipment
Authorized user just threatened by unauthorized personnel, then there are more close for the data on the device any by authorized user
Reason is shifted responsibility onto others.
If responding the data by soft deletion as data protection, which can be restored later by OS.When data are soft
When deletion, the link for only arriving the data (for example, file) is deleted.Data can by from secure storage restore chain fetch by
Reduction/recovery.In one embodiment, the recovery of data can be automatically, such as in user next time using correct
Password and correct password entry context are come when logging in.Alternatively, recovery can be triggered by correct password context.
Therefore, each embodiment provides feature, such as for the risky environment pair in outside that wherein user is located at
The method and system of the automatic and independent triggering of data protection is used for via contents attribute, is directed to all account's overlay devices
On the data protections of data distort to define the method and system of sensitive data to be protected, and for detection device
Method and system as the context for activating data protection to respond.
It is provided in following sub- chapters and sections and data the protection implement example is further described.For example, sub- chapter immediately below
Section describes the further embodiment for configuring protection for data, is the triggering and execution described to data protection later
The sub- chapters and sections of further embodiment.
A. the example embodiment for configuration data protection
In embodiments, data protection system can be configured in various manners to protect data from undesired visit
It asks.For example, it includes being configured to protect the data of storage on computing device 102 that Fig. 1, which is shown according to an example embodiment,
The block diagram of the data protection environment 100 of data protection system 136.It shows as shown in figure 1, data protection environment 100 includes calculating
Equipment 102 and server 104.It calculates equipment 102 and server 104 is communicatively coupled by network 106.Data protection system
136 are included in calculating equipment 102.In the embodiment in figure 1, data protection system 136 include subscriber interface module 108,
Context triggers monitor 110, data protection actuator 112 and storage 114.In addition, server 104 includes user interface
Module 128.These features of environment 100 are described as follows.
It shows as shown in figure 1, data protection system 136, which can be implemented in, to be calculated in equipment 102.Note that in another implementation
In example, data protection system 136, which can be partly implemented in, to be calculated in equipment 102, is partly implemented in server 104.
For example, subscriber interface module 108, context triggering monitor 110 and data protection actuator 112 can be included in calculating
In equipment 102.Alternatively, subscriber interface module 108 may not be present in calculating equipment 102, alternatively, server 104
User interface 128 and context triggering monitor 110 and data protection actuator 112 can be used as data protection system 136
A part.In another embodiment, both user interface 108 and 128 exists and one as data protection system 136
Point.
Calculating equipment 102 can be any kind of static or mobile computing device, including mobile computer (for example,Equipment, personal digital assistant (PDA), laptop computer, notebook computer, such as
Apple iPadTMTablet computer, net book etc.), mobile phone is (for example, mobile phone, such as MicrosoftPhone, is realized Apple iPhone AndroidTMThe phone of operating system,If
Standby, RIMThe smart phone of equipment etc.), wearable calculating equipment is (for example, smartwatch including such as GlassTMIntelligent glasses headset equipment etc.), smart camera or other types of mobile device or such as
The static calculations equipment such as desktop computer or PC (personal computer).
Storage 114 may include one or more of any kind of storage medium/equipment for storing data, including
Disk (for example, in hard disk drive), CD (for example, in CD drive), tape are (for example, in tape drive
In), RAM device, the memory devices of ROM device etc., and/or any other suitable type storage medium/equipment.
The data 124 for being shown as being stored in storage 114 can be any kind of data, including one or more texts
Part, one or more file, the combination of file and file, and/or any other type of data structure and/or it is any its
The data structure of its quantity.Although individual data example (data 124) is shown as being stored in storage 114, this is single
Data instance is displayed in Fig. 1 for explanation is simplified.It is appreciated that any number of data instance can be stored in
In storage 114, wherein each example is the arbitrary size with the corresponding security parameters configured as disclosed herein
One or more files and/or file.
The example of network 106 includes the logical of local area network (LAN), wide area network (WAN), personal area network (PAN) or such as internet
The combination of communication network.For the communication on network 106, calculates equipment 102 and server 104 can be respectively wired including can be
Or wireless network interface (for example, network interface card (NIC)), such as 802.11 WLAN of IEEE (WLAN) wirelessly connects
Mouthful, worldwide interoperability for microwave accesses (Wi-MAX) interface, Ethernet interface, universal serial bus (USB) interface, cellular network connect
Mouth, BluetoothTMWired or wireless interface of interface etc etc..
User can interact with the subscriber interface module 108 (when it is present) calculated at equipment 102, or can be with server
Subscriber interface module 128 (when it is present) at 104 interacts, to be configured to the number stored for calculating equipment 102
According to the data protection of (being such as stored in the data 124 in storage 114).The user of configuration data protection can be calculating equipment
102 owner or other users, system manager's (for example, when calculating equipment 102 is the equipment of enterprise) or other people
Member.
Calculating the subscriber interface module 108 at equipment 102 may be present as the user configuration use for calculating equipment 102
In the traditional approach of the protection for the data being stored in calculating equipment 102.Subscriber interface module 108 can be stored in calculating and set
Data protection application in standby 102 a part (for example, individually desk-top or mobile application, be based partially on cloud " app (is answered
With) " etc.), it can be a part for calculating the OS of equipment 102, or can be present in another way and be configured in calculating and set
In standby 102.
When interacting with the user interface generated by subscriber interface module 108, user may make to can determine storage
The selection of such data is used for data protection configuration by the data (such as data 124) stored in 114.User can with
Family interface interacts to data protection of the configuration pin to data 124, and can be by data protection configuration and data 124 in association
It is stored as security attributes 122.
In another embodiment, it may be desirable to which there is no subscriber interface module 108 in calculating equipment 102.For example, following
Situation can be confirmed as security vulnerabilities: obtaining and any personnel that can be logged on in calculating equipment 102 are able to access that user
Interface 108, and thus can configure (including removing) for being stored in the protection for calculating the data at equipment 102.In such reality
It applies in example, subscriber interface module 108 may not be present in calculating at equipment 102, and alternatively, subscriber interface module 128 may be present in
To be used for protection of the configuration pin to the data being stored in calculating equipment 102 at server 104.For example, subscriber interface module
128 can be stored in server 102 can not be by a part for the data protections application (or OS) that network accesses, can be with
Be can by network access application (for example, the addressable application of browser) a part or can deposit in another way
It is and is configured in server 104.
When interacting with the user interface generated by the subscriber interface module 128 of server 104, user's energy may make
The data (such as data 124) for calculating and being stored at equipment 102 are enough determined by network 106, data selection is used to count
According to relaying configuration.User can interact to data protection of the configuration pin to data 124 with user interface, and can be by data protection
Configuration is stored as security attributes 122 with data 124 in association.
In embodiments, subscriber interface module 108 and/or subscriber interface module 128 can be used for either type come
Configuration data protection.For example, in one embodiment, subscriber interface module 108 and/or subscriber interface module 128 can come according to fig. 2
Operation.Fig. 2 shows the processes for the process for providing the protection for being configured to stored data according to an example embodiment
Figure 200.Flow chart 200 is described below with reference to Fig. 1.Based on being described below, the embodiment of other structures and operation leads correlation
The technical staff in domain will be apparent.
Flow chart 200 starts from step 202.In step 202, it provides and data sensitive rank is dispatched to deposit
The user interface of the data of storage on the computing device.For example, show as shown in figure 1, subscriber interface module 108 (when it is present) can
User interface 138 is generated, and subscriber interface module 128 (when it is present) produces user interface 140.User interface 138 and use
Family interface 140 respectively can be any type of user interface including any number of user interface element, including figure is used
Family interface, touch interface, voice control interface, tactile interface, posture interface etc..
In one embodiment, user interface 138 and/or user interface 140 are provided to so that data sensitive rank
The data of storage on computing device 102, such as data 124 can be dispatched to.It shows as shown in figure 1, user interface 138 includes
First data sensitive (DS) selector 116, and user interface 140 includes the 2nd DS selector 130.Which deposited depending on
User can interact with DS selector 116 and/or DS selector 130 data sensitive rank is assigned to data 124.Example
Such as, DS selector 116 and/or DS selector 130 can be user interface element, such as check box, switching switch, button, under
Draw menu or another user interface element.The data sensitive that user can be interacted with user interface element to select data 124.
For example, user can be interacted with DS selector 116 or DS selector 130 selected data are appointed as it is sensitive or insensitive.?
In one embodiment, selected data can be also appointed as having different by user from DS selector 116 or the interaction of DS selector 130
Sensitivity level (for example, insensitive, medium sensitive, highly sensitive etc.).
In step 204, data protection response is enabled to be selected to by user interface associated with data.?
In one embodiment, user interface 138 and/or user interface 140 are provided to so that data protection response can be dispatched to and deposit
The data of storage on computing device 102, such as data 124.It is confirmed as being at least potentially subject to be not intended to or having wind in data
It (is misplaced, is potentially stolen, known being stolen, potentially just for example, calculating equipment 102 in the case where the access of danger
Access data etc. are just being forced to by the user of unauthorized personnel's access, calculating equipment 102), data can be executed for the data protect
Shield response.
It shows as shown in figure 1, user interface 138 includes the first data protection response (DPR) selector 118, and user circle
Face 140 includes the 2nd DPR selector 132.Which exist depending on, user can be with DPR selector 118 and/or DPR selector
132 interactions are to be assigned to data 124 for data protection response.For example, DPR selector 118 and/or DPR selector 132 can be
Disclosed herein or known any type of user interface element in other ways.User can hand over the user interface element
Mutually come select for data 124 data protection respond.Various types of data protection responses can be used for selecting and be assigned to number
According to 124.
For example, in one embodiment, the step 204 of flow chart 200 may include the process shown in Fig. 3.Fig. 3 shows basis
The step 302 for selecting the data protection for data to respond of one example embodiment.In step 302, data protection is rung
It should be allowed to select from the multiple data protections response for including soft deletion and deleting firmly.As a result, in one embodiment, DPR is selected
It selects device 118 and/or DPR selector 132 can provide data protection Response List, and one or more of data protection response
It can be selected from the list and be dispatched to data (for example, by drop-down menu, check box etc.).Data protection response can wrap
Include hard deletion data or soft deletion data.It is hard to delete " " including so that data are permanent as that will be discussed in more detail herein
Ground is inaccessible (for example, data in overriding memory/storage), and " soft deletion " includes so that data can not temporarily visit
It asks, so that it can be reduced in the subsequent time.
Other types of data protection response can be selected therefrom.For example, Fig. 4 shows offer according to an example embodiment
The flow chart 400 of process for optional data protection response.Each step of flow chart 400 describes separated and independent number
It is responded according to protection.Any one or more it can be selected and be dispatched in the response of data protection described in flow chart 400
Specific data instance.Flow chart 400 is described as follows.Based on being described below, the embodiment of other structures and operation is for phase
The technical staff in pass field will be apparent.
Flow chart 400 starts from step 402.In step 402, by the way that the image watermarking in equipment will be calculated not by user
It checks to execute the soft deletion to the data.As described above, DPR selector 118 and/or DPR selector 132 can provide use
In the option for the data protection response that soft deletion is assigned as being used for data.According to soft deletion, data are on computing device 102
It is hidden not checked by user.For example, indicating that the link to file of the data can be deleted, and link and/or data
The position for being considered safe can be stored in for possible sequential reduction/recovery.
In step 404, executed by deleting the data calculated in equipment without the option for being used to restore to this
The hard deletion of data.As described above, DPR selector 118 and/or DPR selector 132 can provide is divided for that will delete firmly
Group is the option for the data protection of data response.It is deleted according to hard, data are in such a way that data cannot be reduced or restore
It is deleted from storage (for example, storage 114).For example, data, which are stored in storage location therein, to be covered with 1 and 0 mode
It writes.
In a step 406, prompting is broadcasted.In one embodiment, DPR selector 118 and/or DPR selector 132 can mention
For the option for the data protection for being assigned as being used for data will to be reminded to respond.Prompting can be configured to calculating equipment 102
Authorized user (for example, owner, system manager etc.) notification data may be by the threat of unauthorized access.Prompting can quilt
The address of the telephone number of authorized user is delivered/is transmitted to, or present in another form, including such as email message, text
This message, social network message, call, serge serge noise (or other sound) etc..
In a step 408, file is prohibited to be opened.In one embodiment, DPR selector 118 and/or DPR choosing
Selecting device 132 can provide for that will forbid one or more files (indicating data) that can be opened as the data guarantor for data
Protect the option of response.File can be prohibited be opened in any way, including passing through lock file, being promoted to file
Permit (on access authority of user) etc..
In step 410, a data display window opened is closed.In one embodiment, DPR selector 118 and/or
DPR selector 132 can provide for ringing the display window for closing the opening of display data as the data protection for being used for data
The option answered.
In step 412, the data display window of opening is hidden in behind at least one other window.In an embodiment
In, DPR selector 118 and/or DPR selector 132 can provide for that open display window will be hidden in one or more
The option responded behind other windows as the data protection for data.For example, data display window can be moved to
Behind the one or more of the other window being opened, and/or one or more new windows can be opened in data display window
Front.
Note that as described in this article, data protection can be responded with DPR selector 118 and/or DPR selector 132
It is assigned to data.In another embodiment, data protection response can be by associated with data sensitive in advance, and works as the data
When sensibility rank is dispatched to specific data, associated data protection response is also dispatched to the data.For example, soft deletion
Can be associated with low data sensitive rank, and deleting firmly can be associated with high data sensitive rank.If hyposensitivity
Rank is dispatched to specific data (in the step 202 of flow chart 200), then soft deletion is assigned to the certain number with being automatically also
According to (in step 204).
Fig. 2 is referred back to, in step 206, context triggering is enabled to be dispatched to data by user interface.?
In one embodiment, user interface 138 and/or user interface 140 are provided to so that context triggering can be dispatched to storage
Data on computing device 102, such as data 124.Context triggering can be a certain condition or condition set, when detecting this
When condition or condition set, instruction, which calculates equipment 102, to be become by or vulnerable to unauthorized access.
It shows as shown in figure 1, user interface 138 includes the first context triggering (CT) selector 120, and user interface
140 include the 2nd CT selector 134.Which exist depending on, user can hand over CT selector 120 and/or CT selector 134
It is mutually triggered context is arranged, the detection designation date protected mode of context triggering is activated by data protection actuator 112.
For example, CT selector 120 and/or CT selector 134 can be disclosed herein or known any type in other ways
User interface element.User can interact that the context for data 124 is selected to trigger with the user interface element.Context
The example of triggering includes but is not limited to: sensing unauthorized user very close to calculating equipment 102;It distorts and calculates equipment 102;?
Equipment starting, login or down periods, user fail to provide desired input;And it calculates the user of equipment 102 and senses
Behavior indicate that the user is not authorized user.Various other context triggerings can also be used.
As described above, sensibility rank, data protection response and context triggering are selectable to be assigned to number
According to 124.Calculate equipment 102 at make to sensibility rank, data protection response and context triggering selection from
Family interface module 108 is exported as security attributes 122A.That makes at server 104 protects sensibility rank, data
What shield response and context triggered selects to export from subscriber interface module 128 as security attributes 122B, and in signal of communication
In be sent on network 106 calculate equipment 102.Security attributes 122A or 122B can be stored in association with data 124
As security attributes 122.
B. for triggering and executing the example embodiment of data protection
Data protection system can be configured in various manners to monitor the data threatened by unauthorized access, and executes number
The data are protected according to Preservation tactics.For example, calculating the data protection system in equipment 102 as described in above with respect to Fig. 1
136 include context triggering monitor 110 and data protection actuator 112.Context triggering monitor 110 and data protection are held
Row device 112 is configured to detect the unauthorized access to data and executes data protection.Context triggers monitor 110 and data
Protection actuator 112 is being described below in relation to Fig. 5.Fig. 5, which is shown, to be provided according to an example embodiment for monitoring and data
Associated context triggers to trigger the flow chart 500 of the process of the execution to data protection response.Flow chart 500, up and down
Text triggering monitor 110 and data protection actuator 112 are such as described below.Based on being described below, other structures and operation
Embodiment will be apparent those skilled in the relevant art.
Flow chart 500 starts from step 502.In step 502, the generation of monitoring context triggering.For example, as shown in figure 1
Display, context triggers the context triggering that monitor 110 receives security attributes 122 associated with data 124.Up and down
Text triggering monitor 110 can directly receive the context touching of security attributes 122 from subscriber interface module 108 or from storage 114
Hair.Context triggering monitor 110 determines whether to have been detected by any one in context triggering with time operation.
If context triggering monitor 110 determines that context triggering has been detected, context triggering monitor 110 passes through life
Carry out notification data protection actuator 112 at trigger notice 126.
In step 504, when detecting the generation of context triggering, data protection response associated with data is held
Row.In response to trigger notice 126, data protection actuator 112 be can be performed in security attributes 122 associated with data 124
Data protection response.Performed data protection response is shown as the movement 142 being performed in Fig. 1.
In embodiments, the data protection response in security attributes 122 can indicate and data protection actuator 112
Referred to herein or known any one or more data protection responses in other ways can be performed.For example, data protection
Response can indicate and data protection actuator 112 can be performed it is showing in flow chart 400 (Fig. 4) and it is herein otherly
Just describe data protection response in it is any one or more and/or based on introduction herein for those skilled in the art
Member will become apparent to any other suitable data protection response.Therefore, data protection actuator 122 may include or access is used
In the functionality for executing one or more data protection responses.For example, data protection actuator 112 may include or access and can hold
(it may include file encryption, file/folder is mobile and/or renames, reconfigures for the soft deletion of style of writing part and/file
To the link etc. of file/folder) file manager module.Data protection actuator 112 may include or access is configured to
The messaging interface of reminder message is sent (for example, tool of sending short messages, e-mail, instant message transrecieving tool, social activity
Internet message receives and dispatches tool, telephone communication tool, audio instrument etc.).In another example, data protection actuator 112 can wrap
Include or access (for example, OS) window management module that can be rearranged shown window and/or open window.Data are protected
Shield actuator 112 can be configured with such as will be apparent to those skilled in the art based on introduction herein for executing
One or more data protections response it is additional and/or replacement functionality.
Therefore, in embodiments, can be triggered based on context (undesired to distort equipment etc.) for storage
The data protection of data in equipment.The example of such data protection includes soft deletion, hard deletion, prompting etc..Note that such as
Fruit data are by soft deletion, then once it is determined that the threat of unauthorized data access is weakened or is passed through, data can be resumed.Cause
This, Fig. 6 is shown according to an example embodiment for restoring according to the soft process for deleting deleted data.In step 602,
Data are recovered as visible to user on the computing device.In such embodiments, previously in a device by it is soft deletion or it is hidden
The data of hiding can be resumed or restore.For example, the link to data file can restore from the home etc. in storage.Recovery can
To be automatically, such as to log on to meter using correct password and correct password entry context in authorized user next time
When calculating in equipment 102.Alternatively, recovery only can be triggered manually, such as by being triggered by password context.
III. equipment distorts the example embodiment of the triggering as data protection
As described above, specific data is selectable to protect.For example, user can be with subscriber interface module with reference to Fig. 1
108 (calculating equipment 102) or subscriber interface module 128 (server 104) interaction carry out the security parameters of configuration data.Data peace
Full property rank can be dispatched to data, and (for example, the step 202) in Fig. 2, and data protection response can be dispatched to data (example
Such as, the step 204) in Fig. 2.In one embodiment, equipment, which is distorted, can be assigned as context triggering (for example, the step of Fig. 2
In 206).If calculate equipment 102 just physically distorted in the following manner: an obvious entity just attempting by from calculate equipment
102 extract one or more physical assemblies (for example, memory devices) to obtain the unauthorized access to data, then such
Trigger data protection response can be detected and be used for by distorting.
For example, Fig. 7 is shown according to an example embodiment for assigning the step 702 that context triggers to data.?
In step 702, equipment, which is distorted, to be enabled to be dispatched to data.Therefore, the equipment comprising data of interest is not intended to
Distort be context triggering.For example, (such as being attempted opening equipment 102 in an undesired manner when calculating equipment 102
Unauthorized personnel) when distorting (for example, remove one or more memory devices), context triggering can be detected, and institute
The data protection response of choosing can be performed.
CT selector 120 and/or CT selector 134 allow equipment to distort to be selected in various ways.For example, CT is selected
Device 120 and/or CT selector 134 allow to make the context triggering selection of general " equipment is distorted " type.In such feelings
In shape, calculate in equipment 102 it is any distort sensor all and can be monitored triggered as potential context for data.Another
In one embodiment, CT selector 120 and/or CT selector 134 allow to include specific distorting biography calculate in equipment 102
Sensor is individually selected to be triggered as context.The example of such sensor that may be present include equipment open sensor,
(device housings are fixed together screw sensor by its sensing, by the mechanism attaches such as storing framework to interior of shell etc.
Screw is by turn), optical sensor (it is by being opened to detection environment light come sensor device shell), device housings integrality pass
Sensor etc..
Data protection system 136 can be configured to monitor in various manners threat of the designation date by unauthorized access
Distort triggering.It is configured to distort equipment as the upper of data protection according to an example embodiment for example, Fig. 8 is shown
The block diagram of the data protection system 800 hereafter triggered.As shown in Fig. 8, data protection system 800 includes 802 He of security module
One or more distorts sensor 804.Security module 802 is configured to supervision equipment and distorts and execute for the number for calculating equipment
According to protection, even if when calculating equipment is shut down/powers off.Security module 802 includes that context trigger sensor 110 and data are protected
Protect actuator 112.Main OS 814 and storage 114 are also presented in fig. 8.In one embodiment, context triggers monitor 110
The step 502 (Fig. 5) of executable flow chart 500, and flow chart can be performed in the data protection actuator 112 of security module 802
500 step 504.Data protection system 800 is an example of the data protection system 136 being displayed in Fig. 1, and is gone out
It is not that all features of system 800 are all necessarily displayed in fig. 8 in the purpose for being easy explanation.Data protection system 800 can quilt
It is included in and calculates in equipment 102.Data protection system 800 is described below.
In the embodiment in fig. 8, context triggering monitor 110, which is configured to distort equipment, is used as data protection
Context triggering.Specifically, distorting sensor 804 as shown in Fig. 8 and being configured to sense by unauthorized personnel to meter
Calculate distorting for equipment 102.It distorts sensor 804 and can determine in various ways and equipment is distorted, including set by sensing to calculate
Standby 102 one or more attributes, this distorts instruction.
Therefore, in one embodiment, data securing apparatus 800 can be operated according to Fig. 9.Fig. 9 is shown according to an example
The step 902 for being used to execute security module of embodiment.In step 902, with the peace that separates of operating system calculated in equipment
Full module is performed.For example, as shown in figure 8, security module 802 is dividually operated with main OS 814.It is powered when calculating equipment 102
When being in "ON" mode, main OS 814 is executed in the processor hardware for calculating equipment 102 with management equipment resource.Calculate equipment
102 can be powered off by user, such as by user by calculate equipment 102 power switch from "ON" move on to "Off", by user by
The lower predetermined button for calculating equipment 102 is said word " shutdown " (or similar word) up to the predetermined amount time, by user or is passed through
User executes other movements or by calculating 102 automatic shutdown of equipment (such as in order to save power in the non-use of predetermined amount
After time).When calculating equipment 102 powers off, and therefore main OS814 is no longer able to operation, security module 802 continues to operate.
By this method, even if security module 802 can also detect distorting to calculating equipment 102 when calculating the shutdown of equipment 102.One
In embodiment, security module 802 is configured to (relative to the main OS814 executed in the processor hardware for calculating equipment 102)
Consume lower power consumption.By this method, security module 802 can keep operation when calculating equipment 102 and being shut down, fast without consuming
Speed exhausts the excessive power for calculating the battery of equipment 102.
In this way, security module 802 can operate in various ways.For example, Figure 10 shows offer according to an example embodiment
Distort for supervision equipment to trigger the flow chart 1000 of the process of the execution responded to data protection.In one embodiment,
Security module 802 can be operated according to flow chart 1000.Flow chart 1000 is described below with reference to Fig. 8.Based on being described below, other
Structure and the embodiment of operation will be apparent those skilled in the relevant art.
Flow chart 1000 starts from step 1002.In step 1002, security module is executed when calculating equipment shutdown.As above
Face description, security module 802 is configured to execute when calculating equipment 102 and shutting down.By this method, even if calculating
When equipment 102 is shut down, security module 802 also can protect data from unwarranted access.In embodiments, security module
802 power and set in calculating being coupled to the power supply one or more battery of equipment 102 (for example, calculate), persistently receive this
Standby 102 hardware for not entering "Off" or " economize on electricity " mode when being shut down are (for example, one or more processors circuit and/or other
Circuit) in realize.
In step 1004, the instruction distorted to the shell for calculating equipment is received from least one sensor.For example, having
Fig. 8 is closed, sensor 804 is distorted and is configured to sense distorting to calculating equipment 102.It is detectable to calculating to distort sensor 804
Distorting for the shell of equipment 102 is such as agitated, unscrews or is otherwise set with each feature interaction of shell with opening calculating
Standby 102, hole is bored or otherwise formed on the surface for calculating equipment 102, is hit with object and calculates equipment 102 or with calculating
102 impacting object of equipment is split with attempting to make to calculate equipment 102, or otherwise distorts shell.It is such distort interaction can
It is executed by unauthorized personnel, attempts to remove the storage equipment comprising protected data from calculating equipment 102.As shown in figure 8, distorting
Indicator 806 is distorted in the generation of sensor 804, and instruction distorts sensor and has been detected by distorting to calculating equipment 102.Up and down
Text triggering monitor 110 be configured to monitor be used to indicate distort distort indicator 806.
For example, in one embodiment, context triggering monitor 110 can be operated according to Figure 11.Figure 11 shows offer root
According to the flow chart 1100 for the various processes for distorting sensor in supervision equipment of an example embodiment.Flow chart 1100
Each step describes separating of being performed and absolute version distorts monitoring.Described in flow chart 1100 any one or
Multiple monitoring processes of distorting can be executed by context triggering monitor 110, this depends on spy that is on the scene and being configured for monitoring
Surely sensor is distorted.For the purpose of explanation, flow chart 1100 is described below with reference to Fig. 8 and 12.Figure 12 is shown to be shown according to one
The sectional view of a part of the equipment 1200 for being combined with the sensor that monitoring is distorted of example embodiment.Equipment 1200 is to calculate equipment
102 example.Based on being described below, the embodiment of other structures and operation will be aobvious for those skilled in the relevant art
And it is clear to.
Flow chart 1100 starts from step 1102.In step 1102, shell is fixed together and/or fixed storage frame
One or more screws it is monitored.In one embodiment, context triggering monitor 110 can be configured to monitor one or
Multiple screw sensors, this one or more screw sensor monitoring calculate the screw of equipment.Screw sensor can be configured to
Determine whether the screw that each structure for calculating equipment is fixed together is rotated and/or is removed from equipment is calculated.If screw
Be removed and/or rotated, then calculate equipment may be in be opened during and/or such as calculate equipment memory set
Standby etc structure may be in be removed during.In this way, what screw sensor can be unscrewed and/or be removed by detection
One or more screws distort calculating equipment to detect, and produce and distort indicator 806 to indicate this.
For example, equipment 1200 includes first housing portion 1202 and second housing portion 1204 with reference to Figure 12.First and
Two casing parts 1202 and 1204 are interlocked as shown in figure 12 to form the shell of each component for equipment 1200.Such component
Example include such as display, one or more button, one or more microphones, one or more cameras, one or more
Integrated circuit, and/or other electronic building bricks etc..Shell forms encirclement 1206, wherein may include certain components.In each embodiment
In, equipment 1200 may include any amount of casing part.
As shown in figure 12, the first and second casing parts 1202 and 1204 can be connected to one by one or more screws 1216
It rises.In addition, as shown in figure 12, other components of equipment 102 can be attached to the shell of equipment 102 by one or more screws 1222
On, such as dispose the component palette or storage framework 1218 of one or more memory devices 1220.Screw 1216 and/or 1222 can
It is coupled to one or more screw sensors 1208.Screw sensor 1208 is configured to detect screw (such as screw 1216
And/or one of 1222) when unscrewed and/or removed.When screw 1216 just by unscrewing or removal when, this indicating equipment 1200
Shell is being opened, so that internal component (may such as store the memory devices 1220 of sensitive data) may be moved
It removes.Similarly, when screw 1222 just by unscrewing or removal when, this instruction motherboard or storing framework 1218 be removed so that institute
The component (may such as store the memory devices 1220 of sensitive data) of placement may be removed.
Each example of screw sensor 1208 includes potentiometer or other types of rheostat etc..One or more screws pass
Sensor 1208 can trigger monitor 110 with context and be communicatively coupled to distort instruction to the context triggering offer of monitor 110
Symbol 806 is just tampered with the one or more corresponding screws of instruction.
In step 1104, monitor whether each section of shell becomes to be separated from each other.In one embodiment, context touches
Hair monitor 110 can be configured to monitor one or more cover sensors, this one or more cover sensor detection calculates
Whether each section of the shell of equipment is just being separated from each other.Cover sensor can be configured to determine calculate equipment whether be in by
During being opened so that each structure of memory devices for such as calculating equipment etc is likely to be in removed danger.
Calculating equipment is distorted in this way, cover sensor can be separated to detect by detection casing part, and produces and distorts finger
Show symbol 806 to indicate this.
For example, with reference to Figure 12, equipment 1200 may include one or more of different piece for being coupled to the shell of equipment 1200
A cover sensor 1210.In the illustration in fig 12, cover sensor 1210 is coupling in the first and second casing parts 1202
And between 1204, and it therefore can detect when that the first and second casing parts 1202 and 1204 are just being separated from each other and equipment
1200 are being opened.For example, cover sensor 1210 can be one usually coupled when being closed in circuit with equipment 1200
The connected connectivity sensor of a or multiple conductive and/or magetic indicator joints.When the first and second phases of casing part 1202 and 1204
Connector is separated from each other when mutually removing, and dead circuit, resistance increase, electric current is caused to reduce (because of disconnecting circuit) and/or shell
The magnetic field that sensor 1208 can sense changes.In other embodiments, cover sensor 1210 can be configured in other ways
Detect when the first and second casing parts 1202 and 1204 are separated from each other.
In step 1106, the destruction to shell is monitored.In one embodiment, context triggering monitor 110 can be matched
It is set to monitoring detection and calculates the one or more shell mechanism the sensors whether shell of equipment is just being destroyed.Shell mechanism sensing
Device may be configured to determine that whether calculating equipment is in and be drilled into, breaks, crushing etc. so that such as calculate the memory of equipment
During each structure of equipment etc is likely to be in removed danger.In this way, shell mechanism sensor can pass through detection
Shell is destroyed to detect and distort calculating equipment, and produces and distort indicator 806 to indicate this.
For example, equipment 1200 may include that can be incorporated into the shell of equipment 1200 and/or along equipment with reference to Figure 12
One or more shell mechanism sensors 1214 that 1200 surface combines.In the illustration in fig 12, shell mechanism sensor
1214 are integrated in the material of the first and second casing parts 1202 and 1204, and therefore can detect when first and second
Casing part 1202 and 1204 is destroyed and the encirclement 1206 of equipment 1200 is being accessed.For example, shell mechanism sensor
1210, which can be detection, senses the electric resistance sensor or piezoelectric film of first and/or the destruction of second housing portion 1202 and 1204
Device, detection device 1200 are just accelerated to adding for the speed that (for example, when broken or when being thrown into surface) may destroy
Velocity sensor or other types of destruction sensor.
In step 1108, the light in encirclement that monitoring shell is formed.In one embodiment, context triggers monitor
110, which can be configured to monitor detection, calculates the one or more the optical sensors whether shell of equipment has been opened.Optical sensor
It can be configured to determine that calculating equipment is opened because the light quantity that optical sensor receives has increased, so that calculating depositing for equipment
Each structure of storage device etc is likely to be in removed danger.In this way, photo structure sensor can be by detecting shell quilt
It destroys to detect and be distorted to calculating equipment, and produces and distort indicator 806 to indicate this.
For example, equipment 1200 may include one for being incorporated into the encirclement 1206 of equipment 1200 or more with reference to Figure 12
A optical sensor 1212.In the illustration in fig 12, optical sensor 1212 is placed in the inner surface of first housing portion 1202, but
It is that in other embodiments, other places in equipment 1200 can be placed in.Therefore, optical sensor 1212 can detect equipment
When 1200 be opened (for example, the first and second casing parts 1202 and 1204 have been separated from each other), because working as equipment
The light quantity (environment light is received by optical sensor 1212) that 1200 optical sensors 1212 when being opened receive, which is noticeably greater than, works as equipment
The light quantity that (periphery 1206 is dark) optical sensor 1212 receives when 1200 closing.For example, optical sensor 1212 can be light
Electric diode or other types of optical sensor.
Note that sensor monitoring process shown in the flow chart 1100 of sensor and Figure 11 shown in Figure 12 is as solution
What the purpose said provided, it is not intended to limit.By introduction herein, other kinds of sensor and monitoring process are to ability
It is obvious for the technical staff in domain.
In step 1006, in response to the received instruction distorted, data protection associated with data responds quilt
It executes.In one embodiment, context triggering monitor 110 also receives usurping for security attribute 122 associated with data 124
Change sensor context triggering 810.Distorting sensor context triggering 810 can be as described above (for example, Fig. 2 step
206) data 124 are assigned to.It includes (all as above with each sensor of calculating equipment 102 for distorting sensor context triggering 810
The other types of sensor that the detection of the one or more sensors and/or equipment 102 of face description is distorted) it is one associated
Or multiple context triggerings.Context triggering monitor 110 determines that one distorted in sensor 804 is usurped with time operation
Change sensor whether have been detected by it is any distort sensor context triggering.
For example, distorting sensor context triggering 810 can indicate that one or more distorts sensor context triggering, such as
Screw is distorted (as monitored in the step 1102 of Figure 11), shell separates (as monitored in the step 1104 of Figure 11), shell is broken
It bad (as monitored in the step 1106 of Figure 11), internal light sensing (as monitored in the step 1108 of Figure 11) and/or other usurps
Change sensor context triggering.
Context triggering monitor 110 is configured to distort instruction by what is received in distorting indicator 806 and distort
The sensor context triggering of respectively distorting of sensor context triggering 810 is compared.If it is true that context triggers monitor 110
Surely distort sensor context triggering be detected, then context triggering monitor 110 by generate distort notify 808 come
Notification data protects actuator 112.It distorts and notifies 808 instructions that should data 124 be executed with data protection response.
Pay attention in one embodiment, context triggering monitor 110 can receive to distort not to be considered in indicator 806
Distort it is predetermined distort instruction, and filtered out due to not guaranteeing data protection by context triggering monitor 110.For example,
Distorting indicator 806 can indicate that the screw for calculating equipment is unscrewed with certain order (for example, such as the screw sensor 1208 of Figure 12
It is detected).However, distorting sensor context triggering 810 can indicate that the screw unscrewing of specific predesigned order is acceptable
(for example, sequential order that the screw of equipment can be removed suitably), and do not indicate to distort.Such predesigned order can be protected
It stays and is known by the personnel for opening the calculating equipment for maintenance, repairing, upgrading and/or other purposes are authorized to.If
Context triggering monitor 110, which detects, to be distorted indicator 806 and/or is not indicating to receive in the other sensing datas distorted
Such predesigned order, then context triggering monitor 110, which may not generate to distort, notifies 808.
As shown in fig. 8, the reception of data protection actuator 112, which is distorted, notifies 808 and data protection response 812.Base
808 are notified in distorting, and data protection actuator 112 can be performed the data in security attributes 122 associated with data 124 and protect
Shield response 812.As described above, one biography is distorted with distort sensor context triggering 810 when distorting the instruction of indicator 806
When sensor context triggers matched distort, data protection actuator 112 is configured to carry out data protection response 812.
Therefore, in embodiments, the data protection to data can be triggered based on context (such as equipment is distorted).This
The example of the data protection of sample includes soft deletion, hard deletion, prompting etc..In the case where equipment is distorted, hard it will delete with counting
It may be to close to need according to protection response.This is because the personnel of very possible unauthorized attempt to extract memory from calculating equipment
Equipment accesses the data being stored thereon.Memory devices will likely be lost for the owner for calculating equipment, and because
This sensitive data of storage thereon can also be permanently deleted before unauthorized personnel successfully extracts memory devices.Pay attention to
If data are by soft deletion, once it is determined that the threat of unauthorized data access has been eliminated or in the past (for example, the step of Fig. 6
It is rapid 602), such as unauthorized personnel extracts memory devices not successfully and calculates equipment be resumed when, data can
It is resumed.
As described above, security module 802 (Fig. 8) can be implemented in various ways in calculating equipment, so that peace
Full module 802 can protect sensitive data when calculating equipment shutdown.For example, Figure 13 A-13D is shown according to each reality
Apply each example implementation of the security module 802 in calculating equipment of example.Figure 13 A-13D is described as follows.
Figure 13 A shows the example embodiment of security module 802, and wherein security module 802 is implemented in circuit 1302.
In such embodiments, security module 802 can be implemented in pure hardware (non-firmware or software).Hardware may include one or
Multiple IC chips are (for example, ASIC (application specific integrated circuit), FPGA (field programmable gate array), resistor, electricity
Container, transistor, switchs and/or is configured to realize other hardware components of each function of security module 802 inductor).?
In another embodiment, other than hardware, circuit 1302 may also include firmware to execute its function.For example, circuit 1302 may be used also
The one or more processors circuit of each function of security module 802 is realized including being configured to carry out firmware.Circuit 1302
It is coupled to the battery (such as rechargeable battery) for calculating equipment, provides power when calculating equipment shutdown to allow
Circuit 1302 operates.
Note that circuit 1302 may include the battery (chargeable or not chargeable) of their own, to provide function to circuit 1302
Rate is with safe operation module 802, even if exhausting to the one or more battery electricity that the other components for calculating equipment provide power
It is no longer able to provide power.
Figure 13 B shows the example embodiment of security module 802, and wherein security module 802 is implemented in system on chip
(SOC) in 1304.SOC 1304 is the example of circuit 1302, and the integrated circuit of each function including realizing security module 802
Chip.SOC 1304 can be entirely hardware, or may include consolidating of executing in the one or more processors circuit of SOC1304
Part.SOC 1304 is provided with power supply (for example, other batteries from its own battery and/or calculating equipment) even if to count
It is also executed when calculating equipment shutdown.
Figure 13 C shows another example embodiment of security module 802, and wherein security module 802 is implemented in the second behaviour
Make in system (OS) 1306.2nd OS 1306 is secondary OS, so that the execution of security module 802 can be supported by calculating equipment.
In such embodiments, security module 802 can be implemented in the one or more processors circuit 1314 for calculating equipment
In the software of execution.2nd OS does not include the repertoire of main OS, because security module 802 is supported to need less function, thus
Less memory space is consumed, in lower power operation.Processor circuit 1314 is provided with power (for example, certainly from it
The battery of body and/or the other batteries for calculating equipment) to be executed when calculating equipment shutdown.Processor circuit 1314
It can be included in the hardware separated with the processor circuit/hardware for executing the main OS for calculating equipment.
For example, Figure 13 D shows the example of the security module 802 in the 2nd OS 1306 separated with the main OS for calculating equipment
It realizes.As illustrated in figure 13d, main OS 814 is realizing one or more processor circuits 1312 in the first integrated circuit 1308
Middle operation.2nd OS 1306 operation is being realized in one or more processor circuits 1304 in the second integrated circuit 1310.
In the embodiment of Figure 13 D, the first and second integrated circuits are separated from each other.By this method, the second integrated circuit 1310 can receive
Power with even if the first integrated circuit 1308 does not receive power to be operated in power on mode, or calculate equipment shutdown when
It operates in the low power mode.
IV. example movement and static device embodiment
Calculating equipment 102, server 104, subscriber interface module 108, context triggering monitor 110, data protection are held
Row device 112, DS selector 116, DPR selector 118, CT selector 120, subscriber interface module 128, DS selector 130, DPR
Selector 132, CT selector 134, data protection system 136, system 800, security module 802, main OS 814, circuit 1302,
System on chip 1304, the 2nd OS 1306, integrated circuit 1308, integrated circuit 1310, processor circuit 1312, processor circuit
1314, flow chart 200, step 302, flow chart 400, flow chart 500, step 602, step 702, step 902, flow chart 1000
And flow chart 1100 can have the hardware of software and/or firmware with hardware or combination to realize.For example, subscriber interface module
108, context triggers monitor 110, data protection actuator 112, DS selector 116, DPR selector 118, CT selector
120, subscriber interface module 128, DS selector 130, DPR selector 132, CT selector 134, data protection system 136, system
800, security module 802, main OS814, the 2nd OS 1306, flow chart 200, step 302, flow chart 400, flow chart 500, step
Rapid 602, step 702, step 902, flow chart 1100 and/or flow chart 1100 can be implemented as being configured in one or more
It is executed in processor and is stored in computer program code/instruction in computer readable storage medium.Alternatively, calculating is set
Standby 102, server 104, subscriber interface module 108, context triggering monitor 110, data protection actuator 112, DS selection
Device 116, DPR selector 118, CT selector 120, subscriber interface module 128, DS selector 130, DPR selector 132, CT choosing
Select device 134, data protection system 136, system 800, security module 802, main OS 814, circuit 1302, system on chip 1304,
Two OS 1306, integrated circuit 1308, integrated circuit 1310, processor circuit 1312, processor circuit 1314, flow chart 200,
Step 302, flow chart 400, flow chart 500, step 602, step 702, step 902, flow chart 1000, and/or flow chart
1100 can be implemented as hardware logic/electronic circuit.
For example, in one embodiment, in any combination, subscriber interface module 108, context triggering monitor 110,
Data protection actuator 112, DS selector 116, DPR selector 118, CT selector 120, data protection system 136, system
800, security module 802, main OS 814, circuit 1302, system on chip 1304, the 2nd OS 1306, integrated circuit 1308, integrated
Circuit 1310, processor circuit 1312, processor circuit 1314, flow chart 200, step 302, flow chart 400, flow chart 500,
One or more of step 602, step 702, step 902, flow chart 1000 and/or flow chart 1100 can be in SoC together
It is implemented.SoC may include IC chip, which includes following one or more: processor (such as centre
Manage unit (CPU), microcontroller, microprocessor, digital signal processor (DSP) etc.), memory, one or more communications
Interface, and/or further circuit for executing its function and optionally execute the program code received and/or including
The firmware of insertion.
Figure 14 shows the block diagram of EXEMPLARY MOBILE DEVICE 1400, which includes being indicated generally at component
1402 various optional hardware and software components.For example, the component 1402 of mobile device 1400 may be included in mobile device
The example of the component in calculating equipment 102 (Fig. 1) in embodiment.Any quantity of feature/element of component 1402 and combination
And additional and/or alternative features/element can be included in mobile device embodiment, as known to those skilled in the relevant arts
's.Note that any component in component 1402 can with any other assembly communication in component 1402, although for ease of explanation
All connections are not showed that.Mobile device 1400 can be it is described elsewhere herein or refer to or in other ways
In known various mobile devices (for example, cellular phone, smart phone, handheld computer, personal digital assistant (PDA) etc.)
It is any, and allow via one or more communication network 1404 such as honeycomb or satellite network or pass through local area network
Or wide area network carries out the wireless two-way communication with one or more mobile devices.
Shown mobile device 1400 may include for executing such as Signal coding, image procossing, data processing, input/defeated
The controller or processor (referred to as processor circuit 1410) of the task of processing, power supply control, and/or other function etc out.
Processor circuit 1410 is in one or more physical hardware electronic circuit apparatus elements and/or as central processing unit
(CPU), IDE (the semiconductor material core of microcontroller, microprocessor, and/or other physical hardware processing circuits
Piece or tube core) in realize electronics and/or optical circuit.The executable storage of processor circuit 1410 is in computer-readable medium
Program code, such as one or more application 1414, the program code of operating system 1412, appointing of storing in memory 1420
What program code etc..The controllable distribution and use to component 1402 of operating system 1412, and support one or more application journey
Sequence 1414 (also referred to as " application ", " app " etc.).Application program 1414 may include public mobile computing application program (for example, electronics
Mail applications, calendar, contact manager, web browser, information receiving application program) or any other calculating application
(such as word processing application, mapping application, media player application).
As shown, mobile device 1400 may include memory 1420.Memory 1420 may include non-removable memory
1422 and/or removable memory 1424.Non-removable memory 1422 may include RAM, ROM, flash memory, hard disk or other crowds
Well known memory storage techniques.Removable memory 1424 may include flash memory or the well known subscriber in gsm communication system
Identity module (SIM) card, or the other well known memory storage techniques of such as " smart card ".Memory 1420 can be used for storing
Data and/or for run operating system 1412 and application 1414 code.Sample data may include having via one or more
Line or wireless network are sent to and/or the webpage received from one or more network servers or other equipment, text, image,
Audio files, video data or other data sets.Memory 1420 can be used for storing such as International Mobile Subscriber identity (IMSI)
Etc. the device identifiers such as subscriber identifiers, and International Mobile Equipment Identifier (IMEI).This class identifier can be transmitted
To network server with identity user and equipment.
Multiple programs can be stored in memory 1420.These programs include that operating system 1412, one or more are answered
With program 1414, other program modules and program data.The example of such application program or program module may include for example,
For realizing computer program logic below (for example, computer program code or instruction): subscriber interface module 108, up and down
Text triggering monitor 110, data protection actuator 112, DS selector 116, DPR selector 118, CT selector 120, Yong Hujie
Face mould block 128, DS selector 130, DPR selector 132, CT selector 134, data protection system 136, system 800, safe mould
Block 802, main OS 814, flow chart 200, step 302, flow chart 400, flow chart 500, step 602, step 702, step 902,
Flow chart 1000, and/or flow chart 1100 (any appropriate step including flow chart 200,400,500,1000,1100) and/
Or other embodiments herein described.
Mobile device 1400 can support such as touch screen 1430, microphone 1434, camera 1436, physical keyboard 1438, and/or
One or more input equipments 1430 of tracking ball 1440, and the one or more of such as loudspeaker 1452 and display 1454
Output equipment 1450.Such as the touch screen of touch screen 1432 can detect input in different ways.For example, capacitive touch screen is in object
Body (for example, finger tip) detects touch input when the electric current for flowing through surface being made to deform or interrupt.As another example, touch screen can
Using optical sensor, touch input is detected when the light beam from optical sensor is interrupted.For passing through certain touches
Shield for the input being detected, the physical contact with screen surface is not required in that.For example, as known in the art, touching
Touching screen 1432 can be configured to use capacitance sensing support finger hovering detection.Other detections as already described above can be used
Technology, including detection and detection based on ultrasound based on camera.In order to realize that finger hovers, the finger of user is usually being touched
Touch screen top predetermined space distance in, such as between 0.1 to 0.25 inch or between 0.25 to 0.5 inch or 0.5 to
Between 0.75 inch or between 0.75 to 1 inch or between 1 to 1.5 inch etc..
For illustrative purposes, touch screen 1432 is considered as including control interface 1492.Control interface 1492 is configured to control
Make content associated with the virtual element being shown on touch screen 1432.In an example embodiment, 1492 quilt of control interface
It is configured to control the content provided by one or more application program 1414.For example, being answered when the user of mobile device 1400 utilizes
Used time, control interface 1492 can be presented to the control that user allows the user to this content of access control on touch screen 1432
Part.The presentation of control interface 1492 can based on the detection of (such as triggering in) away from the movement in 1432 distance to a declared goal of touch screen or
Person is without this type games.For making control interface (such as control interface 1492) be presented on touch screen based on movement or without movement
Example embodiment on (such as touch screen 1432) is describing in further detail below.
Other possible output equipment (not shown) may include piezoelectricity or other haptic output devices.Some equipment can provide
More than one input/output function.It is set for example, touch screen 1432 and display 1454 can be combined in single input/output
In standby.Input equipment 1430 may include natural user interface (NUI).NUI is to allow users in a manner of " nature " and equipment
Interaction is without any interfacing by the artificial restraint forced by input equipments such as mouse, keyboard, remote controlers.The side NUI
The example of method includes dependent on gesture recognition, the aerial appearance in speech recognition, touch and stylus identification, screen and near screen
Gesture, head and those of eyes tracking, voice and voice, vision, touch, posture and machine intelligence method.NUI's is other
Example includes using accelerometer/gyroscope, face recognition, 3D display, head, eye and to stare tracking, enhancing on the spot in person existing
Real and imaginary intend reality system movement posture detect (all these that more natural interface is all provided), and for by using
The technology of electrode field sensing electrode (EEG and correlation technique) sensing brain activity.As a result, in a particular example, operating system
1412 or application program 1414 may include as the voice control interface for allowing user to operate via voice command equipment 1400
A part speech recognition software.In addition, equipment 1400 may include allowing to carry out user's interaction via the spatial attitude of user
The input equipment and software of (such as detecting and explain posture to provide input to game application).
Radio modem 1460 can be coupled to antenna (not shown), and can support processor circuit 1410 and outer
The two-way communication of portion's equipment room, as fully understood in this field.Modem 1460 is shown generally, and
May include for mobile communications network 1404 and/or it is other based on radio modem (for example, bluetooth 1464 or/
Or Wi-Fi 1462) cellular modem 1466 that is communicated.Cellular modem 1466 can be configured to basis and appoint
What communication standard appropriate or technology (such as GSM, 3G, 4G, 5G etc.) realize call (and optionally transmitting data).
At least one of radio modem 1460 is typically configured to one or more cellular networks (such as, in list
In a cellular network, between cellular network or data and voice between mobile device and Public Switched Telephone Network (PSTN)
The GSM network of communication) it is communicated.
Mobile device 1400 may also include at least one input/output end port 1480, power supply 1482, such as global positioning system
The receiver of satellite navigation system 1484, accelerometer 1486, and/or physical connector 1490 of system (GPS) receiver etc, the object
Reason connector 1490 can be USB port, (firewire) port IEEE 1394, and/or the port RS-232.Shown in component 1402
Be not must or cover it is whole because as understood by those skilled in the art, any component may not be present and add
The other components in ground may be present.
In addition, Figure 15 shows the exemplary realization that can wherein realize the calculating equipment 1500 of each embodiment.It is set for example, calculating
It can be at one or more similar with the calculating equipment 1500 in stationary computers embodiment for 102 and/or server 104 (Fig. 1)
It is realized in a calculating equipment, one or more features and/or alternative features including calculating equipment 1500.Pair mentioned herein
The description of computer 1500 simply to illustrate that, be not restrictive.Embodiment can also be in those skilled in the relevant art
It is realized in known other types of computer system.
As shown in figure 15, equipment 1500 is calculated to include one or more processors (referred to as processor route 1502), be
System memory 1504, and will include that the various system components of system storage 1504 be coupled to the bus of processor circuit 1502
1506.Processor circuit 1502 is in one or more physical hardware electronic circuit apparatus elements and/or as central processing list
IDE (the semiconductor material of first (CPU), microcontroller, microprocessor, and/or other physical hardware processing circuits
Chip or tube core) in realize electronics and/or optical circuit.Processor circuit 1502 is executable to be stored in computer-readable medium
In program code, program code, application program 1532, other programs 1534 of operating system 1530 etc..Bus 1506
If indicating the one or more of any one of the bus structures of dry type bus structures, including memory bus or memory
Controller, peripheral bus, accelerated graphics port and processor or office using any one of various bus architectures
Portion's bus.System storage 1504 includes read-only memory (ROM) 1508 and random access memory (RAM) 1510.Substantially defeated
Enter/output system 1512 (BIOS) is stored in ROM 1508.
Computer system 1500 also has one or more following drivers: the hard disk drive for reading writing harddisk
1514, for reading or writing the disc driver 1516 of moveable magnetic disc 1518 and for reading or writing such as CD ROM, DVD
The CD drive 1520 of the removable CD 1522 of ROM or other optical mediums etc.Hard disk drive 1514, disc driver
1516 and CD-ROM driver 1520 driven respectively by hard disk drive interface 1524, disk drive interface 1526 and optics
Dynamic device interface 1528 is connected to bus 1506.Driver and their associated computer-readable mediums provide for computer
To the nonvolatile storage of computer readable instructions, data structure, program module and other data.Although describing hard disk, can
Mobile disk and removable CD, but it is also possible to using such as flash card, digital video disc, RAM, ROM etc. its
The hardware based computer readable storage medium of his type stores data.
Several program modules can be stored on hard disk, disk, CD, ROM or RAM.These programs include operating system
1530, one or more application program 1532, other programs 1534 and program data 1536.Application program 1532 or other journeys
Sequence 1534 may include for example, for realizing computer program logic below (for example, computer program code or instruction): user
Interface module 108, context trigger monitor 110, data protection actuator 112, DS selector 116, DPR selector 118, CT
Selector 120, subscriber interface module 128, DS selector 130, DPR selector 132, CT selector 134, data protection system
136, system 800, security module 802, main OS 814, flow chart 200, step 302, flow chart 400, flow chart 500, step
602, step 702, step 902, flow chart 1000, and/or flow chart 1100 (including flow chart 200,400,500,1000,
1100 any appropriate step) and/or other embodiments herein described.
User can be by the input equipment of such as keyboard 1538 and pointing device 1540 etc into calculating equipment 1500
Input order and information.Other input equipment (not shown) may include microphone, control-rod, game paddle, satellite antenna, scanning
Instrument, touch screen and/or touch plate, the speech recognition system for receiving voice input, the gesture for receiving gesture input
It is identifying system, such.These and other input equipments are often coupled to the serial port interface 1542 of bus 1506
It is connected to process circuit 1502, but it is also possible to by other interfaces, such as parallel port, game port, universal serial bus
(USB) port, to be attached.
Display screen 1544 is connected to bus 1506 also by the interface of such as video adapter 1546 etc.Display screen 1544
It can be outside calculating equipment 1500 or included.Display screen 1544 can show information, and as receiving user command
And/or the user interface of other information (for example, passing through touch, finger gesture, dummy keyboard etc.).In addition to display screen 1544 it
Outside, calculating equipment 1500 may also include other peripheral output devices (not shown), such as loudspeaker and printer.
Computer 1500 is by adapter or network interface 1550, modem 1552 or for being established by network
Other means of communication are connected to network 1548 (for example, internet).It can be built-in or external modem 1552
It can be connected to bus 1506 via serial port interface 1542, as shown in figure 15, or can be used including parallel interface
Another interface type is connected to bus 1506.
As used herein, term " computer program medium ", " computer-readable medium " and " computer-readable storage
Medium " be used to refer to physical hardware medium, hard disk such as associated with hard disk drive 1514, moveable magnetic disc 1518,
Removable CD 1522, the physical hardware medium of other such as RAM, ROM etc, flash card, digital video disc, zip disk, MEM,
(the memories including Figure 14 such as storage equipment and other types of physics/tangible media based on nanotechnology
1420).These computer readable storage mediums distinguish and not be overlapped with communication media (not including communication media).Communication media
Load capacity calculation machine readable instruction, data structure, program module or other usually in the modulated message signals such as carrier wave
Data.Term " modulated message signal " refer to so that be set or changed in a manner of encoded information in the signal one or
The signal of multiple characteristics.As an example, not a limit, communication media include such as acoustics, RF, infrared ray wireless medium and its
Its wireless medium and wired medium.Embodiment is also for these communication medias.
As indicated above, computer program and module (including application program 1532 and other programs 1534) can be stored up
There are on hard disk, disk, CD, ROM, RAM or other hardware store media.Such computer program can also pass through network
Interface 1550, serial port interface 1542 or any other interface type receive.These computer programs are by application program
It executes or makes computer 1500 can be realized features of embodiments discussed herein when loading.Therefore, these computer journeys
The controller of sequence expression computer system 1500.
Each embodiment further relate to include the computer code or instruction being stored on any computer-readable medium calculating
Machine program product.Such computer program product includes hard drive, disc drives, memory devices packet, portable memory
Stick, memory card and other types of physical store hardware.
V. example embodiment
In one embodiment, the data of calculating equipment storage described in the system protection in equipment are calculated.The calculating is set
Standby includes the master operating system executed in the processor hardware for calculating equipment.The system comprises be configured to detection pair
Described at least one sensor distorted for calculating equipment, and be configured to what operating system separated in the calculating equipment
In continuously perform (including be configured to it is described calculating equipment shutdown when execution) security module.The security module with it is described
At least one sensor is communicatively coupled.Security module includes being configured to receive to detected to the calculating equipment
The context for the instruction distorted triggers monitor, and is configured in response to the detected reception execution distorted and institute
State the data protection actuator of the associated data protection response of data.
In one embodiment of the system, the data protection response is the hard deletion of the data.
In an embodiment of the system, the security module is implemented as circuit.
In an embodiment of the system, the security module is implemented in system on chip (SOC) equipment.
In an embodiment of the system, the system can further comprise the second operating system, including described
Security module.
In an embodiment of the system, the system can further comprise execute second operating system and with
The separated processor circuit of the processor hardware of the master operating system is executed, the processor circuit is configured in the meter
With poweron mode operation when calculating equipment shutdown.
In an embodiment of the system, at least one described sensor is configured to execute at least one operated below
A: one or more screws of the monitoring fastening shell for calculating equipment and/or fastening storing framework monitor the shell
Each section becomes to be separated from each other, monitor destruction to shell or encirclement that the monitoring shell is formed in light.
In an embodiment of the system, the system can further comprise subscriber interface module, make data quick
Perceptual rank, data protection response and context triggering can be associated with the data of the calculating equipment storage.
In one embodiment, the data that the method in equipment protects the calculating equipment to store are calculated.The calculating is set
Standby includes the master operating system executed in the processor hardware for calculating equipment.The described method includes: executing and the meter
Calculate the security module that the operating system in equipment is separated and is communicatively coupled at least one sensor.Execute the safety
Module executes the security module, receives from least one sensor in relation to setting to the calculating when being included in equipment shutdown
The standby instruction the distorted and instruction in response to distorting described in received is protected to execute data associated with the data
Shield response.
In an embodiment of the method, the security module is implemented as circuit, and executes the security module packet
Include the operation circuit.
In an embodiment of the method, the security module is implemented in system on chip (SOC) equipment, and is executed
The security module includes operating the SOC device.
In one embodiment of the method, executing the security module includes executing including the security module
The second operating system.
In an embodiment of the method, execute the security module further comprise with execute the main operation system
The separated processor circuit of the processor hardware of system executes second operating system, and the processor circuit is configured to
With poweron mode operation when the calculating equipment is shut down.
In an embodiment of the method, at least one described sensor is configured to carry out following one: monitoring is tight
Gu the shell for calculating equipment and/or each section change for fastening one or more screws of storing framework, the monitoring shell
It must be separated from each other, monitor light in destruction to shell or the encirclement that the monitoring shell is formed.
In another embodiment, the data that the method in equipment protects the calculating equipment to store are calculated.The calculating
Equipment includes the master operating system executed in the processor hardware for calculating equipment.The method includes providing user circle
Face, which, which allows to respond data protection, is assigned to the data, and the data protection response assigned includes data
It is hard to delete, and execute peace that is separating with the operating system in the calculating equipment and being communicatively coupled at least one sensor
Full module.It executes when the security module is included in equipment shutdown and executes the security module, from least one sensor
The related instruction distorted to the calculating equipment and the instruction in response to distorting described in received are received to execute and institute
State the associated data protection response of data.
In an embodiment of the method, the security module is implemented as circuit, and executes the security module packet
It includes and executes the circuit.
In an embodiment of the method, the security module is implemented in system on chip (SOC) equipment, and is executed
The security module includes executing the SOC device.
In one embodiment of the method, executing the security module includes executing including the security module
The second operating system.
In an embodiment of the method, execute the security module further comprise with execute the main operation system
The separated processor circuit of the processor hardware of system executes second operating system, and the processor circuit is configured to
With poweron mode operation when the calculating equipment is shut down.
In an embodiment of the method, at least one described sensor is configured to carry out following one: monitoring is tight
Gu each section of one or more screws of the shell for calculating equipment and/or fastening storage framework, the monitoring shell becomes
It must be separated from each other, monitor light in destruction to shell or the encirclement that the monitoring shell is formed.
VI. it concludes the speech
Although described above is various embodiments of the present invention, however, it is to be understood that they are intended only as example to present
, and without limitation.Those, which are proficient in the personnel in relation to technology, will be understood that, without departing from as defined in the appended claims
In the case where the spirit and scope of the present invention, it can be carry out various modifications in terms of form and details.Therefore, the scope of the present invention
It should not be limited by either one or two of the above exemplary embodiments, and only should be equivalent with theirs according to following claim
Content is defined.
Claims (19)
1. a kind of in the system for protecting the data by the calculating equipment storage calculated in equipment, the calculating equipment packet
The master operating system executed in the first processor hardware for calculating equipment is included, it is described for protecting by the calculating equipment
The system of the data of storage includes:
It is configured to detect to described at least one sensor distorted for calculating equipment;And
The security module that continuously carries out in the second operating system in the second processor hardware for calculating equipment, described the
Two operating systems are to separate with the master operating system, and the security module and second operating system are configured in institute
It states and receives power when calculating equipment shutdown to remain powered on state, the security module and at least one described sensor are communicatedly
Coupling, the security module include:
It is configured to receive the detected context triggering monitor to the instruction distorted for calculating equipment, and
It is configured to execute the detected reception distorted data protection response associated with the data
Data protection actuator;
The wherein system for protecting the data by the calculating equipment storage further include: user circle of user interface is provided
Face mould block, the user interface, which allows to respond data protection, to be assigned to by the data of the calculating equipment storage.
2. the system as claimed in claim 1, which is characterized in that the data protection response is the hard deletion to the data.
3. the system as claimed in claim 1, which is characterized in that the security module is implemented as circuit.
4. system as claimed in claim 3, which is characterized in that the security module is implemented in system on chip SOC device.
5. the system as claimed in claim 1, which is characterized in that the second processor hardware further comprises:
The processor circuit for executing second operating system and being separated with the first processor hardware, the processor electricity
Road is configured to when the calculating equipment is shut down with poweron mode operation.
6. the system as claimed in claim 1, which is characterized in that at least one described sensor is configured to execute following operation
At least one:
The monitoring fastening shell for calculating equipment and/or the one or more screws for fastening storing framework;
Monitor that each section of the shell becomes to be separated from each other;
Monitor the destruction to the shell;Or
Monitor the light in the encirclement of the shell formation.
7. the system as claimed in claim 1, which is characterized in that
Wherein the subscriber interface module enable data sensitive rank, data protection response and context trigger with
The data for calculating equipment storage are associated.
8. a kind of in the method for protecting the data by the calculating equipment storage calculated in equipment, the calculating equipment packet
Include the master operating system executed in the first processor hardware for calculating equipment, which comprises
User interface is provided, the user interface, which allows to respond data protection, to be assigned to as described in calculating equipment storage
Data;
Security module is continuously carried out in the second operating system in the second processor hardware for calculating equipment, described second
Operating system is to separate and be communicatively coupled at least one sensor with the master operating system, described to execute the safety
Module includes:
Power is received to remain powered in the security module and second operating system in calculating equipment shutdown
State,
Receive from least one sensor about to it is described calculate equipment the instruction distorted, and
In response to received to the instruction distorted, data protection response associated with the data is executed.
9. method according to claim 8, which is characterized in that the security module is implemented as circuit, and execution institute
Stating security module includes:
Operate the circuit.
10. method as claimed in claim 9, which is characterized in that the security module is implemented in system on chip SOC device
In, and the execution security module includes:
Operate the system on chip SOC device.
11. method according to claim 8, which is characterized in that described to execute the security module further include:
Second operating system, the processor circuit are executed with the processor circuit separated with the first processor hardware
It is configured to when the calculating equipment is shut down with poweron mode operation.
12. method according to claim 8, which is characterized in that at least one described sensor be configured to execute with down toward
It is one few:
The monitoring fastening shell for calculating equipment and/or the one or more screws for fastening storing framework;
Monitor that each section of the shell becomes to be separated from each other;
Monitor the destruction to the shell;Or
Monitor the light in the encirclement of shell formation.
13. a kind of in the method for protecting the data by the calculating equipment storage calculated in equipment, the calculating equipment
Including the master operating system executed in the first processor hardware for calculating equipment, which comprises
User interface is provided, the user interface, which allows to respond data protection, is assigned to the data, and the data assigned are protected
Shield response includes the hard deletion to the data;
Security module is continuously carried out in the second operating system in the second processor hardware for calculating equipment, described second
Operating system is to separate and be communicatively coupled at least one sensor, the execution security module with the master operating system
Include:
The calculating equipment shutdown when in the security module and the second operating system receive power to remain powered on state,
Receive from least one sensor about to it is described calculate equipment the instruction distorted, and
In response to the instruction distorted described in received, executes data protection associated with the data and respond.
14. method as claimed in claim 13, which is characterized in that the security module is implemented as circuit, and the execution
The security module includes:
Execute the circuit.
15. method as claimed in claim 14, which is characterized in that the security module is implemented in system on chip SOC device
In, and the execution security module includes:
Execute the system on chip SOC device.
16. method as claimed in claim 13, which is characterized in that described to execute the security module further include:
Second operating system, the processor circuit are executed with the processor circuit separated with the first processor hardware
It is configured to when the calculating equipment is shut down with poweron mode operation.
17. method as claimed in claim 13, which is characterized in that at least one described sensor be configured to execute with down toward
It is one few:
The monitoring fastening shell for calculating equipment and/or the one or more screws for fastening storing framework;
Monitor that each section of the shell becomes to be separated from each other;
Monitor the destruction to the shell;Or
Monitor the light in the encirclement of shell formation.
18. a kind of computer readable storage medium with instruction makes machine execute such as right when executed
It is required that method described in any claim in 8-17.
19. a kind of computer system, including the dress for executing the method as described in any claim in claim 8-17
It sets.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2014/080947 WO2015196450A1 (en) | 2014-06-27 | 2014-06-27 | System for data protection in power off mode |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105518700A CN105518700A (en) | 2016-04-20 |
CN105518700B true CN105518700B (en) | 2019-07-16 |
Family
ID=
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2187855A1 (en) * | 1995-12-12 | 1997-06-13 | Albert Joseph Marcel Bissonnette | Method and device for securing computers |
CN1729539B (en) * | 2002-12-18 | 2011-06-08 | Nxp股份有限公司 | Method and device for protection of an MRAM device against tampering |
CN202841292U (en) * | 2011-07-27 | 2013-03-27 | 耀光联有限公司 | Fingerprint sensing and charging system |
CN103049284A (en) * | 2012-12-06 | 2013-04-17 | 深圳市金立通信设备有限公司 | Electronic device, electronic terminal and method for protecting electronic terminal memory card |
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2187855A1 (en) * | 1995-12-12 | 1997-06-13 | Albert Joseph Marcel Bissonnette | Method and device for securing computers |
CN1729539B (en) * | 2002-12-18 | 2011-06-08 | Nxp股份有限公司 | Method and device for protection of an MRAM device against tampering |
CN202841292U (en) * | 2011-07-27 | 2013-03-27 | 耀光联有限公司 | Fingerprint sensing and charging system |
CN103049284A (en) * | 2012-12-06 | 2013-04-17 | 深圳市金立通信设备有限公司 | Electronic device, electronic terminal and method for protecting electronic terminal memory card |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105683989B (en) | System for the data protection based on context | |
US10474849B2 (en) | System for data protection in power off mode | |
US9734352B2 (en) | Data protection based on user and gesture recognition | |
US10846425B2 (en) | Data protection based on user input during device boot-up, user login, and device shut-down states | |
CN105493054B (en) | It is protected using the rapid data of double file system | |
EP3161701B1 (en) | Data protection system based on user input patterns on device | |
US11556631B2 (en) | User interfaces for managing user account passwords | |
CN106709383A (en) | Communication message protection method and device and mobile terminal | |
CN105518700B (en) | System for the data protection in shutdown mode | |
WO2018053988A1 (en) | Secure input system and method, intelligent terminal, and storage medium | |
CN108010519A (en) | A kind of information search method and system | |
CN109815727A (en) | A kind of method for secret protection and terminal device | |
CN106682541A (en) | Private information protection method and terminal in split screen state |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |