Invention content
The main object of the present invention is to provide a kind of data guard method, solid state disk and storage medium, can not increase
On the basis of oil (gas) filling device cost, enciphering rate is improved.
To achieve these goals, first aspect present invention provides a kind of data guard method, including:
Original mappings table is obtained, the original mappings table is used to record the logical address of user data and pair of physical address
It should be related to, the user data can be read by the correspondence;
The original mappings table is encrypted using encryption key, obtains encrypted mapping table;
The original mappings table is replaced using the encrypted mapping table.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, if the encryption key is the subscriber identity information by encryption,
The encryption key be stored in solid state disk and/or in the host of communication of solid-state disk.
Second aspect of the present invention provides a kind of data guard method, including:
Obtain encryption key and encrypted mapping table;
Using the encryption key, the encrypted mapping table is decrypted, obtains original mappings table, it is described
Original mappings table is used to record the logical address of user data and the correspondence of physical address, can by the correspondence
Read the user data.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
The then acquisition encryption key, including:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is subscriber identity information by encryption, and be stored in solid state disk and/or
With in the host of communication of solid-state disk, then the acquisition encryption key, including:
The encryption key is read from the solid state disk or the host.
Optionally, it if the encryption key is stored in the host, further includes:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, it if the encryption key is stored in the solid state disk, further includes:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Third aspect present invention provides a kind of solid state disk, and the solid state disk includes:Control unit and storage unit;
The storage unit is used for, and stores original mappings table or encrypted mapping table, the original mappings table are used for
The logical address of user data and the correspondence of physical address are recorded, the number of users can be read by the correspondence
According to;
Described control unit is used for, and obtains the original mappings table, and the original mappings table is carried out using encryption key
Encryption obtains the encrypted mapping table, and replaces the original mappings table using the encrypted mapping table.
Optionally, if the encryption key is the subscriber identity information by encryption, the storage unit is also
For storing the encryption key.
Fourth aspect present invention provides a kind of solid state disk, and the solid state disk includes:Control unit and storage unit;
The storage unit is used for, and stores original mappings table or encrypted mapping table, the original mappings table are used for
The logical address of user data and the correspondence of physical address are recorded, the number of users can be read by the correspondence
According to;
Described control unit is used for, and obtains encryption key and the encrypted mapping table;Using the encryption key,
The encrypted mapping table is decrypted, obtains the original mappings table.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
Then described control unit obtains the encryption key, specifically includes:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is the subscriber identity information by encryption, and is stored in the solid state disk
And/or in the host of the communication of solid-state disk, then described control unit obtains the encryption key, specifically includes:
The encryption key is read from the solid state disk or the host.
Optionally, if the encryption key is stored in the host, described control unit is additionally operable to:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, if the encryption key is stored in the storage unit of the solid state disk, described control unit is also used
In:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Fifth aspect present invention provides a kind of computer readable storage medium, is stored thereon with computer program, the program
The step of first aspect present invention the method is realized when being executed by processor.
Sixth aspect present invention provides a kind of computer readable storage medium, is stored thereon with computer program, the program
The step of second aspect of the present invention the method is realized when being executed by processor.
Following technique effect can at least be reached using above-mentioned technical proposal:By the way that place is encrypted to original mappings table
It manages, and the mode of original mappings table is replaced with encrypted mapping table, help original mappings table to be prevented to be cracked, and then be based on
The correspondence recorded in table reads user data, achievees the purpose that protect user data.It is needed relative to the prior art to every
A user data is encrypted respectively, and the embodiment of the present disclosure can significantly improve and add on the basis of equipment cost is not increased
Close speed.
Other features and advantages of the present invention will be described in detail in subsequent specific embodiment part.
Specific embodiment
The specific embodiment of the present invention is described in detail below in conjunction with attached drawing.It should be understood that this place is retouched
The specific embodiment stated is merely to illustrate and explain the present invention, and is not intended to restrict the invention.
The technical solution of embodiment of the present disclosure offer is easier to understand for the ease of those skilled in the art, below to existing
The relevant technologies are briefly described.
Fig. 1 is according to a kind of flow chart of data guard method shown in an exemplary embodiment, can include following step
Suddenly:
Step 101, original mappings table is obtained, the original mappings table is used to record the logical address and physics of user data
The correspondence of address can read the user data by the correspondence.
In general, user data is stored in physical memory, and virtual memory is used in program and is passed through virtual
Memory address accesses user data, corresponding to this, can mark employ the logical address and object of user data by original mappings
The correspondence of address is managed, and when needed, user data is read from physical memory according to the correspondence.
For available data encipherment scheme there are the problem of, the embodiment of the present disclosure provides a kind of new Data Encryption Scheme,
It is used to implement data protection.Specifically, preservation original mappings table can be encrypted, that is to say, that prevent original mappings table
It is cracked, so that it may user data be effectively prevent to be read, achieve the purpose that protect user data.Relative to prior art needs pair
Each user data is encrypted respectively, and the embodiment of the present disclosure can significantly improve on the basis of equipment cost is not increased
Enciphering rate.
Step 102, the original mappings table is encrypted using encryption key, obtains encrypted mapping table.
As a kind of example, encryption secret key can be subscriber identity information;Alternatively, can be the user by encryption
Identity information, the embodiment of the present disclosure can be not specifically limited this.It is to be appreciated that subscriber identity information is encrypted
After obtain encryption key, help to further improve the safety of the embodiment of the present disclosure, for example, the mode of encryption can
To be presented as Hash operation, CRC (English:Cyclic Redundancy Check, Chinese:Cyclic redundancy check) etc., the disclosure
Embodiment can be not specifically limited this.
For example, subscriber identity information can be user-defined information, such as login password;Alternatively, can be
The biological information of user, such as user fingerprints, etc., the embodiment of the present disclosure can be not specifically limited this.
As a kind of example, if encryption key is the subscriber identity information by encryption, at least can by with
Lower two ways obtains encryption key:Can encryption key be generated using subscriber identity information in real time when needed;Alternatively, it is
The enciphering rate of the embodiment of the present disclosure is further improved, subscriber identity information generation encryption key can be advanced with, and will
Encryption key is stored in SSD and/or the host to communicate with SSD, is directly therefrom read when needed.The embodiment of the present disclosure is to obtaining
Obtaining the mode of encryption key can be not specifically limited.
Step 103, the original mappings table is replaced using the encrypted mapping table.
In the embodiment of the present disclosure, after obtaining encrypted mapping table, it can be replaced with encrypted mapping table original
Mapping table in this way, in the case where obtaining less than encryption key, just can not crack encrypted mapping table, and then can not pass through
The correspondence recorded in table reads user data, while reaching protection user data purpose, can also not increase equipment
On the basis of cost, enciphering rate is improved.
Encipherment scheme shown in corresponding diagram 1, in order to ensure the normal use of mapping table, the embodiment of the present disclosure also provides a kind of solution
Close scheme, is explained below explanation.
Fig. 2 is according to the flow chart of another data guard method shown in an exemplary embodiment, can be included following
Step:
Step 201, encryption key and encrypted mapping table are obtained.
As a kind of example, encryption key can be subscriber identity information, can be directly by leading to SSD corresponding to this
The host of letter receives encryption key input by user, i.e. subscriber identity information, retransmits to SSD.
As a kind of example, encryption key can be the subscriber identity information by encryption, corresponding to this, at least may be used
To obtain encryption key in the following manner:
1. generation encryption key in real time, i.e., do not pre-save encryption key
Such as introduction made above, host can be first passed through and receive subscriber identity information input by user, then by user identity
Information is sent to SSD, it is encrypted by SSD to obtain encryption key.
Alternatively, after host receives subscriber identity information input by user, directly subscriber identity information can be added
Close processing obtains encryption key, then encryption key is sent to SSD.
2. encryption key is pre-saved
If encryption key is stored in advance in SSD and/or the host to communicate with SSD, can when needed directly from
Middle reading.
As a kind of example, in order to further improve the safety of the embodiment of the present disclosure, also provide close based on encrypting as follows
Key carries out the scheme of user identity legitimate verification, can specifically include:
If encryption key is pre-stored in the host to communicate with SSD, host can be to identity information input by user
It is encrypted to obtain key to be verified, then judges whether key to be verified and the encryption key pre-saved are identical, such as
Both fruits are identical, then illustrate that user identity is legal, and SSD can read encryption key from host;Otherwise illustrate that user identity is non-
Method forbids SSD to read encryption key from host.
It, can after SSD obtains identity information input by user with main-machine communication if encryption key is pre-stored in SSD
Identity information input by user to be encrypted to obtain key to be verified, then judge key to be verified with pre-saving
Encryption key it is whether identical, if the two is identical, illustrate that user identity is legal, SSD can utilize encryption key to encryption
Mapping table afterwards is decrypted;Otherwise illustrate that user identity is illegal, forbid SSD using encryption key to encrypted mapping
Table is decrypted.
Step 202, using the encryption key, the encrypted mapping table is decrypted, obtains original reflect
Firing table, the original mappings table is used to record the logical address of user data and the correspondence of physical address, by described right
Should be related to can read the user data.
To sum up, after SSD obtains encryption key, encrypted mapping table can be decrypted using encryption key,
Original mappings table is obtained, in this way, user data can be read by the correspondence recorded in table, is realized normal through mapping table
Read the purpose of user data.
As a kind of example, after decryption obtains original mappings table, encrypted reflect can be replaced using original mappings table
Firing table, and after completing user data and reading, be encrypted according still further to scheme shown in Fig. 1.Alternatively, original reflect can not had to
Firing table replaces encrypted mapping table, that is, when reading user data, original mappings table, encrypted mapping table can be simultaneously
In the presence of;After completing user data and reading, original mappings table can be deleted.The embodiment of the present disclosure can not limit this, specifically
It can be determined with reference to practical application request.
The embodiment of the present disclosure also provides a kind of solid state disk, and the solid state disk provides for implementing Fig. 1 embodiments of the method
Data guard method.As shown in figure 3, the solid state disk includes:Control unit 301 and storage unit 302.
The storage unit 302 is used for, and stores original mappings table or encrypted mapping table, and the original mappings table is used
In the logical address of record user data and the correspondence of physical address, the user can be read by the correspondence
Data;
Described control unit 301 is used for, and obtains the original mappings table, using encryption key to the original mappings table into
Row encryption obtains the encrypted mapping table, and replaces the original mappings table using the encrypted mapping table.
Optionally, if the encryption key is the subscriber identity information by encryption, the storage unit 302
It is additionally operable to store the encryption key.
About the solid state disk in above-described embodiment, wherein each unit performs the concrete mode operated and is somebody's turn to do related
It is described in detail in the embodiment of method, explanation will be not set forth in detail herein.
The embodiment of the present disclosure also provides a kind of solid state disk, and the solid state disk provides for implementing Fig. 2 embodiments of the method
Data guard method.As shown in figure 4, the solid state disk includes:Control unit 401 and storage unit 402.
The storage unit 402 is used for, and stores original mappings table or encrypted mapping table, and the original mappings table is used
In the logical address of record user data and the correspondence of physical address, the user can be read by the correspondence
Data;
Described control unit 401 is used for, and obtains encryption key and the encrypted mapping table;It is close using the encryption
The encrypted mapping table is decrypted in key, obtains the original mappings table.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
Then described control unit 401 obtains the encryption key, specifically includes:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is the subscriber identity information by encryption, and is stored in the solid state disk
And/or in the host of the communication of solid-state disk, then described control unit 401 obtains the encryption key, specifically includes:
The encryption key is read from the solid state disk or the host.
Optionally, if the encryption key is stored in the host, described control unit 401 is additionally operable to:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, if the encryption key is stored in the storage unit 402 of the solid state disk, described control unit
401 are additionally operable to:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
About the solid state disk in above-described embodiment, wherein each unit performs the concrete mode operated and is somebody's turn to do related
It is described in detail in the embodiment of method, explanation will be not set forth in detail herein.
It is affiliated that it will be apparent to those skilled in the art ground to recognize, for convenience and simplicity of description, foregoing description it is each
The specific work process of device can refer to corresponding process in preceding method embodiment, and details are not described herein again.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program
Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention
Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention
The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention is with reference to the flow according to the method for the embodiment of the present disclosure, equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real
The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or
The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Specifically, corresponding computer program instructions of data guard method in the embodiment of the present disclosure shown in Fig. 1 can be with
It is stored on the storage mediums such as CD, hard disk, USB flash disk, when computer journey corresponding with data guard method in storage medium
Sequence instruction is read or is performed by an electronic equipment, includes the following steps:
Original mappings table is obtained, the original mappings table is used to record the logical address of user data and pair of physical address
It should be related to, the user data can be read by the correspondence;
The original mappings table is encrypted using encryption key, obtains encrypted mapping table;
The original mappings table is replaced using the encrypted mapping table.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, if the encryption key is the subscriber identity information by encryption,
The encryption key be stored in solid state disk and/or in the host of communication of solid-state disk.
Specifically, corresponding computer program instructions of data guard method in the embodiment of the present disclosure shown in Fig. 2 can be with
It is stored on the storage mediums such as CD, hard disk, USB flash disk, when computer journey corresponding with data guard method in storage medium
Sequence instruction is read or is performed by an electronic equipment, includes the following steps:
Obtain encryption key and encrypted mapping table;
Using the encryption key, the encrypted mapping table is decrypted, obtains original mappings table, it is described
Original mappings table is used to record the logical address of user data and the correspondence of physical address, can by the correspondence
Read the user data.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
The then acquisition encryption key, including:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is subscriber identity information by encryption, and be stored in solid state disk and/or
With in the host of communication of solid-state disk, then the acquisition encryption key, including:
The encryption key is read from the solid state disk or the host.
Optionally, it if the encryption key is stored in the host, further includes:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, it if the encryption key is stored in the solid state disk, further includes:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Although preferred embodiments of the present invention have been described, but one of ordinary skilled in the art once knows substantially
Creative concept, then additional changes and modifications may be made to these embodiments.So appended claims are intended to be construed to wrap
It includes preferred embodiment and falls into all change and modification of the application range.
Obviously, those skilled in the art various changes and modifications can be made to the invention without departing from the application essence
God and range.In this way, if these modifications and changes of the present invention belongs to the range of the application claim and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.