CN109521965A - A kind of method of solid state hard disk encrypted partition - Google Patents
A kind of method of solid state hard disk encrypted partition Download PDFInfo
- Publication number
- CN109521965A CN109521965A CN201811357452.XA CN201811357452A CN109521965A CN 109521965 A CN109521965 A CN 109521965A CN 201811357452 A CN201811357452 A CN 201811357452A CN 109521965 A CN109521965 A CN 109521965A
- Authority
- CN
- China
- Prior art keywords
- hard disk
- state hard
- solid state
- user
- encryption storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0638—Organizing or formatting or addressing of data
- G06F3/0644—Management of space entities, e.g. partitions, extents, pools
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/0671—In-line storage system
- G06F3/0673—Single storage device
- G06F3/0679—Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention proposes a kind of methods of solid state hard disk encrypted partition, by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk, realize the storage of the encryption to user's specific data and corresponding access authority management, to ensure that the confidentiality and safety of user's specific data, the personalization and characteristics, the applications for being SSD such as multi-functional, flexibility for extending SSD open new space.Simultaneously, since the management of the security permission of use is based on LBA address mapping table, i.e. the verifying of encrypted ones and the acquisition of security permission is bottom hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition strategy have higher safety.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of methods of solid state hard disk encrypted partition.
Background technique
Solid state hard disk (SolidStateDrive abbreviation SSD) is by control unit and storage unit (FLASH chip) group
At being briefly exactly manufactured hard disk, the interface specification of solid state hard disk and definition, function with solid-state electronic storage chip array
It is identical with common hard disc on energy and application method, it is also consistent with common hard disc in product shape and size.The work of its chip
It is very wide (- 40~85 DEG C) to make temperature range.It is now widely used for military, vehicle-mounted, industry control, video monitoring, network monitoring, network
The fields such as terminal, electric power, medical treatment, aviation, navigation equipment.
SSD is abandoning tradition magnetic medium, and a kind of technology of data storage and reading is carried out using electronic storage medium, is deposited
Storage module be mainly have can reading and writing, erasing function NANDFlash flash chip, breach the performance of traditional mechanical hard disk
Bottleneck possesses high storage performance.The completely inegrated circuit of solid state hard disk, the revolutionary character without any mechanical moving element are set
Meter, fundamentally solves under mobile office environment, for the demand of reading and writing data stability.Completely inegrated circuitization design can
To allow solid state hard disk to be made into any shape.Compared with conventional hard, SSD solid-state electronic disk is had the advantage that
First, SSD do not need mechanical structure, and data search time, delay time and magnetic is not present in complete semiconductor transformation
Disk seeks the time, and data access speed is fast, reads the ability of data in 230M/s or more, highest reachable 1700M/s.
Second, SSD all use flash chip, durable, shockproof drop resistant, even if occurring to collide with hard object, data are lost
A possibility that mistake, can also be minimized.
Third has benefited from no mechanical part and FLASH flash chip, and SSD does not have any noise, low in energy consumption.
4th, light weight is 20-30 grams more light-weight than conventional 1.8 inch hards so that portable equipment carry muti-piece SSD at
It is possible.Simultaneously because of its complete semiconductor transformation, no structure limitation can be designed to various distinct interfaces, shape according to the actual situation
Special electronic hard disc.
5th, operating temperature range is bigger, and typical hard disk drive can only work within the scope of 5 to 55 DEG C.And it is most
Number solid state hard disks can work at -10~70 DEG C, and the solid state hard disk of some technical grades can also be at -40~85 DEG C, even greater temperature
Work (military project grade product temperature is -55~135 DEG C) under degree range.
But for the significant data of user, its not hope is viewed by other people, even allows other people that can not accomplish
The data exist.But current solid state hard disk is incomplete to the security performance of data, it is difficult to realize the above-mentioned secrecy of user
Demand.
In summary, the encrypted partition technology of existing solid state hard disk is in actual use, it is clear that there is inconvenient and defect, institute
With it is necessary to be improved.
Summary of the invention
For above-mentioned defect, the purpose of the present invention is to provide the methods and its solid-state of a kind of solid state hard disk encrypted partition
Hard disk, to improve the security performance of solid state hard disk.
To achieve the goals above, the present invention provides a kind of method of solid state hard disk encrypted partition, and the method includes such as
Lower step:
A, according to the logical blocks mapping table of solid state hard disk, encryption storage is marked off in the storage region of the solid state hard disk
Region;
B, the authentication secret of the encryption storage area access and/or storing data is set;
C, the user identity that the encryption storage area access and/or storing data are verified according to the authentication secret,
It is described be verified after in the encryption storage area access and/or storing data.
According to the method, in the step A, using preset logical block addresses as boundary, by the solid state hard disk
Storage region be divided into normal storage region and encryption storage region.
According to the method, the step B includes:
Password and/or the identification of the identification of the encryption storage area access and/or storing data are set
ID card and/or the fingerprint of identification.
According to the method, the step C includes:
Receive the key of request and input of the user to the encryption storage area access and/or storing data;
In the bottom of the solid state hard disk, the password that user inputs is verified according to the authentication secret;
After described be verified, the user is to the encryption storage area access and/or storing data;
When the verifying does not pass through, the user cannot be to the encryption storage area access and/or storing data.
According to method described in any of the above embodiments, when not by the subscriber authentication, the encryption storage region
Invisible, the user can only operate the storage region other than the encryption storage region;And passing through user's body
When part verifying, the encryption storage region is as it can be seen that the user can operate all storage regions of the solid state hard disk.
In order to realize another goal of the invention of the invention, the present invention also provides a kind of solid state hard disks, comprising: divides mould
Block marks off encryption memory block in the storage region of the solid state hard disk for the logical blocks mapping table according to solid state hard disk
Domain;Setup module, for the authentication secret of the encryption storage area access and/or storing data to be arranged;Verifying and operation mould
Block, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret, described
In the encryption storage area access and/or storing data after being verified.
According to the solid state hard disk, the division module is hard by the solid-state using preset logical block addresses as boundary
The storage region of disk is divided into normal storage region and encryption storage region.
According to the solid state hard disk, the setup module includes: the first setting submodule, is deposited for the encryption to be arranged
The password of storage area domain browsing and/or the identification of storing data;And/or second setting submodule, for the encryption to be arranged
The ID card of the identification of storage area access and/or storing data;And/or submodule is arranged in third, for described add to be arranged
The fingerprint of the identification of close storage area access and/or storing data.
According to the solid state hard disk, the verifying and operation module include: receiving submodule, for receiving user to institute
State the key of request and the input of encryption storage area access and/or storing data;Submodule is verified, the solid-state is set to
The bottom of hard disk, for being verified according to the authentication secret to the password that user inputs;
First operation submodule, for after described be verified, the user to the encryption storage area access with/
Or storing data;
Second operation submodule, for when the verifying does not pass through, the encryption cannot to be stored by controlling the user
Region access and/or storing data.
According to the solid state hard disk, when not by the subscriber authentication, the encryption storage region is invisible,
The user can only operate the storage region other than the encryption storage region;And it is tested by the user identity
When card, the encryption storage region is as it can be seen that the user can operate all storage regions of the solid state hard disk.
The present invention is realized by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk to user's certain number
According to encryption storage and corresponding access authority management extend to ensure that the confidentiality and safety of user's specific data
The characteristics such as the personalization of SSD and multi-functional, flexibility open new space for the application of SSD.Simultaneously as use
The management of security permission is based on LBA address mapping table, i.e. the verifying of encrypted ones and the acquisition of security permission is bottom
Hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition strategy have more
High safety.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of solid state hard disk provided in an embodiment of the present invention;
Fig. 2 is that user provided in an embodiment of the present invention and operating system illustrate the access of solid state hard disk system encrypted partition
Figure;
Fig. 3 is to illustrate inside solid state hard disk system provided in an embodiment of the present invention to the safety verification management of encrypted partition
Figure;
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Referring to Fig. 1, in the first embodiment of the present invention, a kind of solid state hard disk 100 is provided, comprising: division module 10,
For the logical blocks mapping table according to solid state hard disk 100, encryption memory block is marked off in the storage region of solid state hard disk 100
Domain;Setup module 20, for the authentication secret of the encryption storage area access and/or storing data, verifying and operation to be arranged
Module 30, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret,
It is described be verified after in the encryption storage area access and/or storing data.
In this embodiment, division module 10, can be in solid state hard disk according to the logical blocks mapping table of solid state hard disk 100
00 storage region divides a block encryption storage region, after which needs user to pass through subscriber authentication,
It is able to carry out the operation such as the data access in the region and the storage of data.And for subscriber authentication, then setup module 20 will
Preset authentication secret;When user requests access to either data storage operations to the encryption section, by verifying and operating
Module 30 is verified according to the key information that authentication secret and user input, and passes through the open encryption storage of verifying rear line
Region.It is preferred, therefore, that the encryption storage region is invisible, and the user is only when not by the subscriber authentication
The storage region other than the encryption storage region can be operated;It is not unauthorized by other to can protect encryption storage region in this way
User views, and then influences when through the subscriber authentication, and the encryption storage region is as it can be seen that the user
All storage regions of solid state hard disk 100 can be operated.
In conclusion the present invention is realized pair by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk
The encryption of user's specific data stores and corresponding access authority management, to ensure that the confidentiality and peace of user's specific data
Quan Xing, the personalization and characteristics, the applications for being SSD such as multi-functional, flexibility for extending SSD open new space.Meanwhile by
In the management of the security permission of use be based on LBA address mapping table, the i.e. verifying of encrypted ones and the acquisition of security permission
Be bottom hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition plan
Somewhat there is higher safety.
Certainly, the present invention can also have other various embodiments, without deviating from the spirit and substance of the present invention, ripe
It knows those skilled in the art and makes various corresponding changes and modifications, but these corresponding changes and change in accordance with the present invention
Shape all should fall within the scope of protection of the appended claims of the present invention.
Claims (10)
1. a kind of method of solid state hard disk encrypted partition, which is characterized in that described method includes following steps:
A, according to the logical blocks mapping table of solid state hard disk, encryption memory block is marked off in the storage region of the solid state hard disk
Domain;
B, the authentication secret of the encryption storage area access and/or storing data is set;
C, the user identity that the encryption storage area access and/or storing data are verified according to the authentication secret, described
In the encryption storage area access and/or storing data after being verified.
2. the method according to claim 1, wherein being with preset logical block addresses in the step A
The storage region of the solid state hard disk is divided into normal storage region and encryption storage region by boundary.
3. the method according to claim 1, wherein the step B includes:
The password of the identification of the encryption storage area access and/or storing data and/or the ID card of identification are set
And/or the fingerprint of identification.
4. the method according to claim 1, wherein the step C includes:
Receive the key of request and input of the user to the encryption storage area access and/or storing data;Described solid
The bottom of state hard disk verifies the password that user inputs according to the authentication secret;After described be verified, institute
User is stated to the encryption storage area access and/or storing data;When the verifying does not pass through, the user cannot be to institute
State encryption storage area access and/or storing data.
5. method according to any one of claims 1 to 4, which is characterized in that when not by the subscriber authentication,
The encryption storage region is invisible, and the user can only operate the storage region other than the encryption storage region;And
When through the subscriber authentication, the encryption storage region is as it can be seen that the user can operate the solid state hard disk institute
Some storage regions.
6. a kind of solid state hard disk characterized by comprising division module, for the logical blocks mapping table according to solid state hard disk,
Encryption storage region is marked off in the storage region of the solid state hard disk;
Setup module, for the authentication secret of the encryption storage area access and/or storing data to be arranged;Verifying and operation mould
Block, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret, described
In the encryption storage area access and/or storing data after being verified.
7. solid state hard disk according to claim 6, which is characterized in that the division module is with preset logical block addresses
For boundary, the storage region of the solid state hard disk is divided into normal storage region and encryption storage region.
8. solid state hard disk according to claim 6, which is characterized in that the setup module includes: the first setting submodule,
For the password of the identification of the encryption storage area access and/or storing data to be arranged;And/or second setting submodule
Block, the ID card of the identification for the encryption storage area access and/or storing data to be arranged;And/or third setting
Module, the fingerprint of the identification for the encryption storage area access and/or storing data to be arranged.
9. solid state hard disk according to claim 6, which is characterized in that the verifying and operation module include:
Receiving submodule, for receiving request and input of the user to the encryption storage area access and/or storing data
Key;
Submodule is verified, the bottom of the solid state hard disk is set to, described in being inputted according to the authentication secret to user
Password is verified;
First operation submodule, for after described be verified, the user to be to the encryption storage area access and/or deposits
Store up data;
Second operation submodule, for when the verifying does not pass through, controlling the user cannot be to the encryption storage region
Access and/or storing data.
10. according to the described in any item solid state hard disks of claim 6~9, which is characterized in that do not tested by the user identity
When card, the encryption storage region is invisible, and the user can only operate the storage region other than the encryption storage region;
And when through the subscriber authentication, the encryption storage region as it can be seen that the user can to operate the solid-state hard
All storage regions of disk.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811357452.XA CN109521965A (en) | 2018-11-15 | 2018-11-15 | A kind of method of solid state hard disk encrypted partition |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811357452.XA CN109521965A (en) | 2018-11-15 | 2018-11-15 | A kind of method of solid state hard disk encrypted partition |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109521965A true CN109521965A (en) | 2019-03-26 |
Family
ID=65777912
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811357452.XA Pending CN109521965A (en) | 2018-11-15 | 2018-11-15 | A kind of method of solid state hard disk encrypted partition |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109521965A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111079106A (en) * | 2019-12-20 | 2020-04-28 | 山东方寸微电子科技有限公司 | SSD multi-partition login method based on BIOS security mechanism and storage medium |
CN111079170A (en) * | 2019-11-04 | 2020-04-28 | 湖南源科创新科技有限公司 | Control method and control device of solid state disk |
CN111797441A (en) * | 2020-07-06 | 2020-10-20 | 深圳市安信达存储技术有限公司 | Partition authority encryption management solid state disk based on fingerprint unlocking and method |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103558994A (en) * | 2013-09-29 | 2014-02-05 | 记忆科技(深圳)有限公司 | Method for encrypting solid state disk partitions and solid state disk |
CN104090853A (en) * | 2014-07-03 | 2014-10-08 | 武汉迅存科技有限公司 | Solid-state disc encryption method and system |
-
2018
- 2018-11-15 CN CN201811357452.XA patent/CN109521965A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103558994A (en) * | 2013-09-29 | 2014-02-05 | 记忆科技(深圳)有限公司 | Method for encrypting solid state disk partitions and solid state disk |
CN104090853A (en) * | 2014-07-03 | 2014-10-08 | 武汉迅存科技有限公司 | Solid-state disc encryption method and system |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111079170A (en) * | 2019-11-04 | 2020-04-28 | 湖南源科创新科技有限公司 | Control method and control device of solid state disk |
CN111079170B (en) * | 2019-11-04 | 2021-11-23 | 湖南源科创新科技有限公司 | Control method and control device of solid state disk |
CN111079106A (en) * | 2019-12-20 | 2020-04-28 | 山东方寸微电子科技有限公司 | SSD multi-partition login method based on BIOS security mechanism and storage medium |
CN111797441A (en) * | 2020-07-06 | 2020-10-20 | 深圳市安信达存储技术有限公司 | Partition authority encryption management solid state disk based on fingerprint unlocking and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103558994A (en) | Method for encrypting solid state disk partitions and solid state disk | |
CN108023894B (en) | Visa information system based on block chain and processing method thereof | |
KR101238848B1 (en) | Versatile Content Control With Partitioning | |
US9104618B2 (en) | Managing access to an address range in a storage device | |
EP2189922A2 (en) | Memory system with versatile content control | |
TWI388985B (en) | A method for controlling access to data in a storage device and a storage device | |
US20100023777A1 (en) | System and method for secure firmware update of a secure token having a flash memory controller and a smart card | |
CN105975878B (en) | Method for secure storing and system based on Nand Flash flash memory | |
CN109521965A (en) | A kind of method of solid state hard disk encrypted partition | |
CN104090853A (en) | Solid-state disc encryption method and system | |
CN103366797A (en) | Design method of security U disk by employing wireless authentication terminal for authorizing authentication, encryption and decryption | |
CN101788959A (en) | Solid state hard disk secure encryption system | |
JP6393375B2 (en) | Electronic device network, electronic device and inspection process thereof | |
US20100023650A1 (en) | System and method for using a smart card in conjunction with a flash memory controller to detect logon authentication | |
CN103310169A (en) | SD (Secure Digital) card data protection method and protection system thereof | |
US20090086965A1 (en) | Secure, two-stage storage system | |
CN103390125A (en) | Design method for safe and mobile storage controller authorized and encrypted/decrypted by wireless terminal | |
CN109388974A (en) | With the non-volatile memory device read safely | |
CN101595488A (en) | Be used for content is tied to the method and apparatus of independent storage arrangement | |
EP1836642A2 (en) | Control structure for versatile content control and method using structure | |
US7596702B2 (en) | Network storage devices | |
CN105740733A (en) | Encrypted mobile hard disk and realization method thereof | |
CN103473512B (en) | A kind of mobile memory medium management method and device | |
CN206515828U (en) | The data storage device of safety encryption | |
US20210133344A1 (en) | Enhanced Securing and Secured Processing of Data at Rest |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |