CN108197483A - Data guard method, solid state disk - Google Patents
Data guard method, solid state disk Download PDFInfo
- Publication number
- CN108197483A CN108197483A CN201711483377.7A CN201711483377A CN108197483A CN 108197483 A CN108197483 A CN 108197483A CN 201711483377 A CN201711483377 A CN 201711483377A CN 108197483 A CN108197483 A CN 108197483A
- Authority
- CN
- China
- Prior art keywords
- encryption key
- encrypted
- host
- identity information
- state disk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
Abstract
The present invention provides a kind of data guard method, solid state disk.This method includes:Original mappings table is obtained, the original mappings table is used to record the logical address of user data and the correspondence of physical address, and the user data can be read by the correspondence;The original mappings table is encrypted using encryption key, obtains encrypted mapping table;The original mappings table is replaced using the encrypted mapping table.Such scheme while user data is protected, can also improve enciphering rate on the basis of equipment cost is not increased.
Description
Technical field
The present invention relates to data processing fields, and in particular, to a kind of data guard method, solid state disk.
Background technology
Relative to common hard disc, SSD (Solid State Disk, solid state disk) is with read or write speed is fast, light-weight, energy consumption
The advantages that low and small, gradually it is able to extensive use.
For being written for the user data of SSD, data protection can be carried out in the following manner:
Mode one carries out data protection by hardware mode.It specifically, can be by the encryption chip that is built in SSD
Encryption and decryption processing is carried out to user data, i.e. SED encrypts hard disk certainly.The encryption/decryption speed of this mode is fast, but needs hardware branch
It holds, causes cost higher.
Mode two carries out data protection by software mode.Specifically, it is installed in operating system or operating system soft
Part, it would be desirable to which encrypted user data and encryption key from SSD read DDR (Double Data Rate, Double Data Rate are same
Walk dynamic RAM) in, it is encrypted, then encrypted user data is written in SSD and is preserved.This mode
Enciphering rate is slow, can influence user experience to a certain extent.
Invention content
The main object of the present invention is to provide a kind of data guard method, solid state disk and storage medium, can not increase
On the basis of oil (gas) filling device cost, enciphering rate is improved.
To achieve these goals, first aspect present invention provides a kind of data guard method, including:
Original mappings table is obtained, the original mappings table is used to record the logical address of user data and pair of physical address
It should be related to, the user data can be read by the correspondence;
The original mappings table is encrypted using encryption key, obtains encrypted mapping table;
The original mappings table is replaced using the encrypted mapping table.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, if the encryption key is the subscriber identity information by encryption,
The encryption key be stored in solid state disk and/or in the host of communication of solid-state disk.
Second aspect of the present invention provides a kind of data guard method, including:
Obtain encryption key and encrypted mapping table;
Using the encryption key, the encrypted mapping table is decrypted, obtains original mappings table, it is described
Original mappings table is used to record the logical address of user data and the correspondence of physical address, can by the correspondence
Read the user data.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
The then acquisition encryption key, including:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is subscriber identity information by encryption, and be stored in solid state disk and/or
With in the host of communication of solid-state disk, then the acquisition encryption key, including:
The encryption key is read from the solid state disk or the host.
Optionally, it if the encryption key is stored in the host, further includes:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, it if the encryption key is stored in the solid state disk, further includes:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Third aspect present invention provides a kind of solid state disk, and the solid state disk includes:Control unit and storage unit;
The storage unit is used for, and stores original mappings table or encrypted mapping table, the original mappings table are used for
The logical address of user data and the correspondence of physical address are recorded, the number of users can be read by the correspondence
According to;
Described control unit is used for, and obtains the original mappings table, and the original mappings table is carried out using encryption key
Encryption obtains the encrypted mapping table, and replaces the original mappings table using the encrypted mapping table.
Optionally, if the encryption key is the subscriber identity information by encryption, the storage unit is also
For storing the encryption key.
Fourth aspect present invention provides a kind of solid state disk, and the solid state disk includes:Control unit and storage unit;
The storage unit is used for, and stores original mappings table or encrypted mapping table, the original mappings table are used for
The logical address of user data and the correspondence of physical address are recorded, the number of users can be read by the correspondence
According to;
Described control unit is used for, and obtains encryption key and the encrypted mapping table;Using the encryption key,
The encrypted mapping table is decrypted, obtains the original mappings table.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
Then described control unit obtains the encryption key, specifically includes:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is the subscriber identity information by encryption, and is stored in the solid state disk
And/or in the host of the communication of solid-state disk, then described control unit obtains the encryption key, specifically includes:
The encryption key is read from the solid state disk or the host.
Optionally, if the encryption key is stored in the host, described control unit is additionally operable to:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, if the encryption key is stored in the storage unit of the solid state disk, described control unit is also used
In:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Fifth aspect present invention provides a kind of computer readable storage medium, is stored thereon with computer program, the program
The step of first aspect present invention the method is realized when being executed by processor.
Sixth aspect present invention provides a kind of computer readable storage medium, is stored thereon with computer program, the program
The step of second aspect of the present invention the method is realized when being executed by processor.
Following technique effect can at least be reached using above-mentioned technical proposal:By the way that place is encrypted to original mappings table
It manages, and the mode of original mappings table is replaced with encrypted mapping table, help original mappings table to be prevented to be cracked, and then be based on
The correspondence recorded in table reads user data, achievees the purpose that protect user data.It is needed relative to the prior art to every
A user data is encrypted respectively, and the embodiment of the present disclosure can significantly improve and add on the basis of equipment cost is not increased
Close speed.
Other features and advantages of the present invention will be described in detail in subsequent specific embodiment part.
Description of the drawings
Attached drawing is to be used to provide further understanding of the present invention, and a part for constitution instruction, with following tool
Body embodiment is used to explain the present invention, but be not construed as limiting the invention together.In the accompanying drawings:
Fig. 1 is the flow diagram of a kind of data guard method that the embodiment of the present disclosure provides;
Fig. 2 is the flow diagram of another data guard method that the embodiment of the present disclosure provides;
Fig. 3 is the structure diagram of a kind of solid state disk that the embodiment of the present disclosure provides;
Fig. 4 is the structure diagram of another solid state disk that the embodiment of the present disclosure provides.
Specific embodiment
The specific embodiment of the present invention is described in detail below in conjunction with attached drawing.It should be understood that this place is retouched
The specific embodiment stated is merely to illustrate and explain the present invention, and is not intended to restrict the invention.
The technical solution of embodiment of the present disclosure offer is easier to understand for the ease of those skilled in the art, below to existing
The relevant technologies are briefly described.
Fig. 1 is according to a kind of flow chart of data guard method shown in an exemplary embodiment, can include following step
Suddenly:
Step 101, original mappings table is obtained, the original mappings table is used to record the logical address and physics of user data
The correspondence of address can read the user data by the correspondence.
In general, user data is stored in physical memory, and virtual memory is used in program and is passed through virtual
Memory address accesses user data, corresponding to this, can mark employ the logical address and object of user data by original mappings
The correspondence of address is managed, and when needed, user data is read from physical memory according to the correspondence.
For available data encipherment scheme there are the problem of, the embodiment of the present disclosure provides a kind of new Data Encryption Scheme,
It is used to implement data protection.Specifically, preservation original mappings table can be encrypted, that is to say, that prevent original mappings table
It is cracked, so that it may user data be effectively prevent to be read, achieve the purpose that protect user data.Relative to prior art needs pair
Each user data is encrypted respectively, and the embodiment of the present disclosure can significantly improve on the basis of equipment cost is not increased
Enciphering rate.
Step 102, the original mappings table is encrypted using encryption key, obtains encrypted mapping table.
As a kind of example, encryption secret key can be subscriber identity information;Alternatively, can be the user by encryption
Identity information, the embodiment of the present disclosure can be not specifically limited this.It is to be appreciated that subscriber identity information is encrypted
After obtain encryption key, help to further improve the safety of the embodiment of the present disclosure, for example, the mode of encryption can
To be presented as Hash operation, CRC (English:Cyclic Redundancy Check, Chinese:Cyclic redundancy check) etc., the disclosure
Embodiment can be not specifically limited this.
For example, subscriber identity information can be user-defined information, such as login password;Alternatively, can be
The biological information of user, such as user fingerprints, etc., the embodiment of the present disclosure can be not specifically limited this.
As a kind of example, if encryption key is the subscriber identity information by encryption, at least can by with
Lower two ways obtains encryption key:Can encryption key be generated using subscriber identity information in real time when needed;Alternatively, it is
The enciphering rate of the embodiment of the present disclosure is further improved, subscriber identity information generation encryption key can be advanced with, and will
Encryption key is stored in SSD and/or the host to communicate with SSD, is directly therefrom read when needed.The embodiment of the present disclosure is to obtaining
Obtaining the mode of encryption key can be not specifically limited.
Step 103, the original mappings table is replaced using the encrypted mapping table.
In the embodiment of the present disclosure, after obtaining encrypted mapping table, it can be replaced with encrypted mapping table original
Mapping table in this way, in the case where obtaining less than encryption key, just can not crack encrypted mapping table, and then can not pass through
The correspondence recorded in table reads user data, while reaching protection user data purpose, can also not increase equipment
On the basis of cost, enciphering rate is improved.
Encipherment scheme shown in corresponding diagram 1, in order to ensure the normal use of mapping table, the embodiment of the present disclosure also provides a kind of solution
Close scheme, is explained below explanation.
Fig. 2 is according to the flow chart of another data guard method shown in an exemplary embodiment, can be included following
Step:
Step 201, encryption key and encrypted mapping table are obtained.
As a kind of example, encryption key can be subscriber identity information, can be directly by leading to SSD corresponding to this
The host of letter receives encryption key input by user, i.e. subscriber identity information, retransmits to SSD.
As a kind of example, encryption key can be the subscriber identity information by encryption, corresponding to this, at least may be used
To obtain encryption key in the following manner:
1. generation encryption key in real time, i.e., do not pre-save encryption key
Such as introduction made above, host can be first passed through and receive subscriber identity information input by user, then by user identity
Information is sent to SSD, it is encrypted by SSD to obtain encryption key.
Alternatively, after host receives subscriber identity information input by user, directly subscriber identity information can be added
Close processing obtains encryption key, then encryption key is sent to SSD.
2. encryption key is pre-saved
If encryption key is stored in advance in SSD and/or the host to communicate with SSD, can when needed directly from
Middle reading.
As a kind of example, in order to further improve the safety of the embodiment of the present disclosure, also provide close based on encrypting as follows
Key carries out the scheme of user identity legitimate verification, can specifically include:
If encryption key is pre-stored in the host to communicate with SSD, host can be to identity information input by user
It is encrypted to obtain key to be verified, then judges whether key to be verified and the encryption key pre-saved are identical, such as
Both fruits are identical, then illustrate that user identity is legal, and SSD can read encryption key from host;Otherwise illustrate that user identity is non-
Method forbids SSD to read encryption key from host.
It, can after SSD obtains identity information input by user with main-machine communication if encryption key is pre-stored in SSD
Identity information input by user to be encrypted to obtain key to be verified, then judge key to be verified with pre-saving
Encryption key it is whether identical, if the two is identical, illustrate that user identity is legal, SSD can utilize encryption key to encryption
Mapping table afterwards is decrypted;Otherwise illustrate that user identity is illegal, forbid SSD using encryption key to encrypted mapping
Table is decrypted.
Step 202, using the encryption key, the encrypted mapping table is decrypted, obtains original reflect
Firing table, the original mappings table is used to record the logical address of user data and the correspondence of physical address, by described right
Should be related to can read the user data.
To sum up, after SSD obtains encryption key, encrypted mapping table can be decrypted using encryption key,
Original mappings table is obtained, in this way, user data can be read by the correspondence recorded in table, is realized normal through mapping table
Read the purpose of user data.
As a kind of example, after decryption obtains original mappings table, encrypted reflect can be replaced using original mappings table
Firing table, and after completing user data and reading, be encrypted according still further to scheme shown in Fig. 1.Alternatively, original reflect can not had to
Firing table replaces encrypted mapping table, that is, when reading user data, original mappings table, encrypted mapping table can be simultaneously
In the presence of;After completing user data and reading, original mappings table can be deleted.The embodiment of the present disclosure can not limit this, specifically
It can be determined with reference to practical application request.
The embodiment of the present disclosure also provides a kind of solid state disk, and the solid state disk provides for implementing Fig. 1 embodiments of the method
Data guard method.As shown in figure 3, the solid state disk includes:Control unit 301 and storage unit 302.
The storage unit 302 is used for, and stores original mappings table or encrypted mapping table, and the original mappings table is used
In the logical address of record user data and the correspondence of physical address, the user can be read by the correspondence
Data;
Described control unit 301 is used for, and obtains the original mappings table, using encryption key to the original mappings table into
Row encryption obtains the encrypted mapping table, and replaces the original mappings table using the encrypted mapping table.
Optionally, if the encryption key is the subscriber identity information by encryption, the storage unit 302
It is additionally operable to store the encryption key.
About the solid state disk in above-described embodiment, wherein each unit performs the concrete mode operated and is somebody's turn to do related
It is described in detail in the embodiment of method, explanation will be not set forth in detail herein.
The embodiment of the present disclosure also provides a kind of solid state disk, and the solid state disk provides for implementing Fig. 2 embodiments of the method
Data guard method.As shown in figure 4, the solid state disk includes:Control unit 401 and storage unit 402.
The storage unit 402 is used for, and stores original mappings table or encrypted mapping table, and the original mappings table is used
In the logical address of record user data and the correspondence of physical address, the user can be read by the correspondence
Data;
Described control unit 401 is used for, and obtains encryption key and the encrypted mapping table;It is close using the encryption
The encrypted mapping table is decrypted in key, obtains the original mappings table.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
Then described control unit 401 obtains the encryption key, specifically includes:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is the subscriber identity information by encryption, and is stored in the solid state disk
And/or in the host of the communication of solid-state disk, then described control unit 401 obtains the encryption key, specifically includes:
The encryption key is read from the solid state disk or the host.
Optionally, if the encryption key is stored in the host, described control unit 401 is additionally operable to:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, if the encryption key is stored in the storage unit 402 of the solid state disk, described control unit
401 are additionally operable to:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
About the solid state disk in above-described embodiment, wherein each unit performs the concrete mode operated and is somebody's turn to do related
It is described in detail in the embodiment of method, explanation will be not set forth in detail herein.
It is affiliated that it will be apparent to those skilled in the art ground to recognize, for convenience and simplicity of description, foregoing description it is each
The specific work process of device can refer to corresponding process in preceding method embodiment, and details are not described herein again.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program
Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention
Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention
The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention is with reference to the flow according to the method for the embodiment of the present disclosure, equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real
The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or
The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Specifically, corresponding computer program instructions of data guard method in the embodiment of the present disclosure shown in Fig. 1 can be with
It is stored on the storage mediums such as CD, hard disk, USB flash disk, when computer journey corresponding with data guard method in storage medium
Sequence instruction is read or is performed by an electronic equipment, includes the following steps:
Original mappings table is obtained, the original mappings table is used to record the logical address of user data and pair of physical address
It should be related to, the user data can be read by the correspondence;
The original mappings table is encrypted using encryption key, obtains encrypted mapping table;
The original mappings table is replaced using the encrypted mapping table.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, if the encryption key is the subscriber identity information by encryption,
The encryption key be stored in solid state disk and/or in the host of communication of solid-state disk.
Specifically, corresponding computer program instructions of data guard method in the embodiment of the present disclosure shown in Fig. 2 can be with
It is stored on the storage mediums such as CD, hard disk, USB flash disk, when computer journey corresponding with data guard method in storage medium
Sequence instruction is read or is performed by an electronic equipment, includes the following steps:
Obtain encryption key and encrypted mapping table;
Using the encryption key, the encrypted mapping table is decrypted, obtains original mappings table, it is described
Original mappings table is used to record the logical address of user data and the correspondence of physical address, can by the correspondence
Read the user data.
Optionally, the encryption key is subscriber identity information;Alternatively, the encryption key is the use by encryption
Family identity information.
Optionally, the encryption key is the subscriber identity information by encryption, and does not preserve the encryption key,
The then acquisition encryption key, including:
The subscriber identity information is obtained from the host with communication of solid-state disk, the subscriber identity information is added
Close processing obtains the encryption key;
Alternatively,
The encryption key is obtained from the host with communication of solid-state disk, the host is used to believe the user identity
Breath is encrypted to obtain the encryption key.
Optionally, the encryption key is subscriber identity information by encryption, and be stored in solid state disk and/or
With in the host of communication of solid-state disk, then the acquisition encryption key, including:
The encryption key is read from the solid state disk or the host.
Optionally, it if the encryption key is stored in the host, further includes:
It is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of taking the encryption key, the key to be verified are encrypted identity information input by user by the host
It obtains.
Optionally, it if the encryption key is stored in the solid state disk, further includes:
Identity information input by user is obtained by the host, place is encrypted to the identity information input by user
Reason obtains key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then perform described in the utilization
Encryption key, the step of the encrypted mapping table is decrypted.
Although preferred embodiments of the present invention have been described, but one of ordinary skilled in the art once knows substantially
Creative concept, then additional changes and modifications may be made to these embodiments.So appended claims are intended to be construed to wrap
It includes preferred embodiment and falls into all change and modification of the application range.
Obviously, those skilled in the art various changes and modifications can be made to the invention without departing from the application essence
God and range.In this way, if these modifications and changes of the present invention belongs to the range of the application claim and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (10)
1. a kind of data guard method, which is characterized in that including:
Original mappings table is obtained, the original mappings table is used to record the logical address pass corresponding with physical address of user data
System, the user data can be read by the correspondence;
The original mappings table is encrypted using encryption key, obtains encrypted mapping table;
The original mappings table is replaced using the encrypted mapping table.
2. according to the method described in claim 1, it is characterized in that, the encryption key is subscriber identity information;It is alternatively, described
Encryption key is the subscriber identity information by encryption.
3. if according to the method described in claim 2, it is characterized in that, the encryption key is the user by encryption
Identity information, then
The encryption key be stored in solid state disk and/or in the host of communication of solid-state disk.
4. a kind of data guard method, which is characterized in that including:
Obtain encryption key and encrypted mapping table;
Using the encryption key, the encrypted mapping table is decrypted, obtains original mappings table, it is described original
Mapping table is used to record the logical address of user data and the correspondence of physical address, can be read by the correspondence
The user data.
5. according to the method described in claim 4, it is characterized in that, the encryption key is subscriber identity information;It is alternatively, described
Encryption key is the subscriber identity information by encryption.
6. according to the method described in claim 5, it is characterized in that, the encryption key is the user identity by encryption
Information, and do not preserve the encryption key, then the acquisition encryption key, including:
The subscriber identity information is obtained from the host with communication of solid-state disk, place is encrypted to the subscriber identity information
Reason obtains the encryption key;
Alternatively,
Obtain the encryption key from the host with communication of solid-state disk, the host be used for the subscriber identity information into
Row encryption obtains the encryption key.
7. according to the method described in claim 5, it is characterized in that, the encryption key is the user identity by encryption
Information, and be stored in solid state disk and/or in the host of communication of solid-state disk, then the acquisition encryption key, including:
The encryption key is read from the solid state disk or the host.
8. if the method according to the description of claim 7 is characterized in that the encryption key is stored in the host, also wrap
It includes:
Institute is read from the host when the host judges that key to be verified is identical with the encryption key, then described in performing
The step of stating encryption key, the key to be verified are encrypted identity information input by user by the host
It arrives.
If 9. the method according to the description of claim 7 is characterized in that the encryption key is stored in the solid state disk,
It further includes:
Identity information input by user is obtained by the host, the identity information input by user is encrypted
To key to be verified;
Judge whether the key to be verified and the encryption key are identical, if it is identical, then would perform the utilization encryption
Key, the step of the encrypted mapping table is decrypted.
10. a kind of solid state disk, which is characterized in that the solid state disk includes:Control unit and storage unit;
The storage unit is used for, and stores original mappings table or encrypted mapping table, and the original mappings table is used to record
The logical address of user data and the correspondence of physical address can read the user data by the correspondence;
Described control unit is used for, and obtains the original mappings table, and the original mappings table is encrypted using encryption key
Processing obtains the encrypted mapping table, and replaces the original mappings table using the encrypted mapping table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711483377.7A CN108197483A (en) | 2017-12-29 | 2017-12-29 | Data guard method, solid state disk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711483377.7A CN108197483A (en) | 2017-12-29 | 2017-12-29 | Data guard method, solid state disk |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108197483A true CN108197483A (en) | 2018-06-22 |
Family
ID=62587039
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711483377.7A Pending CN108197483A (en) | 2017-12-29 | 2017-12-29 | Data guard method, solid state disk |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108197483A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109408403A (en) * | 2018-10-12 | 2019-03-01 | 深圳市硅格半导体有限公司 | Mapping method, device, system and storage medium based on storage equipment bottom |
| CN116560571A (en) * | 2023-05-10 | 2023-08-08 | 上海威固信息技术股份有限公司 | Method and system for reading safety data of solid state disk |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103558994A (en) * | 2013-09-29 | 2014-02-05 | 记忆科技(深圳)有限公司 | Method for encrypting solid state disk partitions and solid state disk |
| CN105577661A (en) * | 2015-12-23 | 2016-05-11 | 浪潮集团有限公司 | Step-by-step type encrypted storage system and method |
| CN106599701A (en) * | 2016-12-06 | 2017-04-26 | 华为技术有限公司 | Hard disk encryption method, hard disk and hard disk encryption equipment |
-
2017
- 2017-12-29 CN CN201711483377.7A patent/CN108197483A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103558994A (en) * | 2013-09-29 | 2014-02-05 | 记忆科技(深圳)有限公司 | Method for encrypting solid state disk partitions and solid state disk |
| CN105577661A (en) * | 2015-12-23 | 2016-05-11 | 浪潮集团有限公司 | Step-by-step type encrypted storage system and method |
| CN106599701A (en) * | 2016-12-06 | 2017-04-26 | 华为技术有限公司 | Hard disk encryption method, hard disk and hard disk encryption equipment |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109408403A (en) * | 2018-10-12 | 2019-03-01 | 深圳市硅格半导体有限公司 | Mapping method, device, system and storage medium based on storage equipment bottom |
| CN116560571A (en) * | 2023-05-10 | 2023-08-08 | 上海威固信息技术股份有限公司 | Method and system for reading safety data of solid state disk |
| CN116560571B (en) * | 2023-05-10 | 2024-05-07 | 上海威固信息技术股份有限公司 | Method and system for reading safety data of solid state disk |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107438850B (en) | Use the address validation of signature | |
| KR101577886B1 (en) | Method and apparatus for memory encryption with integrity check and protection against replay attacks | |
| CN103427984B (en) | For generating the device of safe key using device id and user authentication information | |
| CN106063185B (en) | Method and apparatus for safely shared data | |
| US9811478B2 (en) | Self-encrypting flash drive | |
| US7631195B1 (en) | System and method for providing security to a portable storage device | |
| CN111723383B (en) | Data storage and verification method and device | |
| US9071581B2 (en) | Secure storage with SCSI storage devices | |
| US20130117633A1 (en) | Recording apparatus, writing apparatus, and reading apparatus | |
| CN101582109A (en) | Data encryption method and device, data decryption method and device and solid state disk | |
| CN107908574A (en) | The method for security protection of solid-state disk data storage | |
| GB2459662A (en) | Securely caching electronic passport data for verification purposes | |
| CN105468940B (en) | Method for protecting software and device | |
| CN112560058B (en) | SSD partition encryption storage system based on intelligent password key and implementation method thereof | |
| EP2425369B1 (en) | Memory device and method for adaptive protection of content | |
| CN102693399A (en) | System and method for on-line separation and recovery of electronic documents | |
| US10691813B2 (en) | Techniques for enclave confidentiality management | |
| CN108197483A (en) | Data guard method, solid state disk | |
| CN106529271A (en) | Terminal and binding check method thereof | |
| US9003201B2 (en) | Hardware protection for encrypted strings and protection of security parameters | |
| CN104504309A (en) | Data encryption method and terminal for application program | |
| WO2014158197A1 (en) | Securing user credentials | |
| CN110210259B (en) | Data protection method and system for solid state disk | |
| CN111159760A (en) | Large-capacity storage data hiding and protecting device based on security chip | |
| CN105516763B (en) | Encipher-decipher method, device and the digital program system of certificate granting card identification information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190812 Address after: 518067 Dongjiaotou Workshop D24/F-02, Houhai Avenue, Shekou Street, Nanshan District, Shenzhen City, Guangdong Province Applicant after: Shenzhen Yi Lian Information System Co., Ltd. Address before: 100176 Beijing City, Daxing District branch of Beijing economic and Technological Development Zone, fourteen Street No. 99 building 33 building D No. 2226 Applicant before: Beijing legend core technology Co., Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180622 |