CN109521965A - A kind of method of solid state hard disk encrypted partition - Google Patents

A kind of method of solid state hard disk encrypted partition Download PDF

Info

Publication number
CN109521965A
CN109521965A CN201811357452.XA CN201811357452A CN109521965A CN 109521965 A CN109521965 A CN 109521965A CN 201811357452 A CN201811357452 A CN 201811357452A CN 109521965 A CN109521965 A CN 109521965A
Authority
CN
China
Prior art keywords
hard disk
state hard
solid state
user
encryption storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811357452.XA
Other languages
Chinese (zh)
Inventor
不公告发明人
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Focus Information Technology Co Ltd
Original Assignee
Suzhou Focus Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Focus Information Technology Co Ltd filed Critical Suzhou Focus Information Technology Co Ltd
Priority to CN201811357452.XA priority Critical patent/CN109521965A/en
Publication of CN109521965A publication Critical patent/CN109521965A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0638Organizing or formatting or addressing of data
    • G06F3/0644Management of space entities, e.g. partitions, extents, pools
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention proposes a kind of methods of solid state hard disk encrypted partition, by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk, realize the storage of the encryption to user's specific data and corresponding access authority management, to ensure that the confidentiality and safety of user's specific data, the personalization and characteristics, the applications for being SSD such as multi-functional, flexibility for extending SSD open new space.Simultaneously, since the management of the security permission of use is based on LBA address mapping table, i.e. the verifying of encrypted ones and the acquisition of security permission is bottom hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition strategy have higher safety.

Description

A kind of method of solid state hard disk encrypted partition
Technical field
The present invention relates to field of communication technology more particularly to a kind of methods of solid state hard disk encrypted partition.
Background technique
Solid state hard disk (SolidStateDrive abbreviation SSD) is by control unit and storage unit (FLASH chip) group At being briefly exactly manufactured hard disk, the interface specification of solid state hard disk and definition, function with solid-state electronic storage chip array It is identical with common hard disc on energy and application method, it is also consistent with common hard disc in product shape and size.The work of its chip It is very wide (- 40~85 DEG C) to make temperature range.It is now widely used for military, vehicle-mounted, industry control, video monitoring, network monitoring, network The fields such as terminal, electric power, medical treatment, aviation, navigation equipment.
SSD is abandoning tradition magnetic medium, and a kind of technology of data storage and reading is carried out using electronic storage medium, is deposited Storage module be mainly have can reading and writing, erasing function NANDFlash flash chip, breach the performance of traditional mechanical hard disk Bottleneck possesses high storage performance.The completely inegrated circuit of solid state hard disk, the revolutionary character without any mechanical moving element are set Meter, fundamentally solves under mobile office environment, for the demand of reading and writing data stability.Completely inegrated circuitization design can To allow solid state hard disk to be made into any shape.Compared with conventional hard, SSD solid-state electronic disk is had the advantage that
First, SSD do not need mechanical structure, and data search time, delay time and magnetic is not present in complete semiconductor transformation Disk seeks the time, and data access speed is fast, reads the ability of data in 230M/s or more, highest reachable 1700M/s.
Second, SSD all use flash chip, durable, shockproof drop resistant, even if occurring to collide with hard object, data are lost A possibility that mistake, can also be minimized.
Third has benefited from no mechanical part and FLASH flash chip, and SSD does not have any noise, low in energy consumption.
4th, light weight is 20-30 grams more light-weight than conventional 1.8 inch hards so that portable equipment carry muti-piece SSD at It is possible.Simultaneously because of its complete semiconductor transformation, no structure limitation can be designed to various distinct interfaces, shape according to the actual situation Special electronic hard disc.
5th, operating temperature range is bigger, and typical hard disk drive can only work within the scope of 5 to 55 DEG C.And it is most Number solid state hard disks can work at -10~70 DEG C, and the solid state hard disk of some technical grades can also be at -40~85 DEG C, even greater temperature Work (military project grade product temperature is -55~135 DEG C) under degree range.
But for the significant data of user, its not hope is viewed by other people, even allows other people that can not accomplish The data exist.But current solid state hard disk is incomplete to the security performance of data, it is difficult to realize the above-mentioned secrecy of user Demand.
In summary, the encrypted partition technology of existing solid state hard disk is in actual use, it is clear that there is inconvenient and defect, institute With it is necessary to be improved.
Summary of the invention
For above-mentioned defect, the purpose of the present invention is to provide the methods and its solid-state of a kind of solid state hard disk encrypted partition Hard disk, to improve the security performance of solid state hard disk.
To achieve the goals above, the present invention provides a kind of method of solid state hard disk encrypted partition, and the method includes such as Lower step:
A, according to the logical blocks mapping table of solid state hard disk, encryption storage is marked off in the storage region of the solid state hard disk Region;
B, the authentication secret of the encryption storage area access and/or storing data is set;
C, the user identity that the encryption storage area access and/or storing data are verified according to the authentication secret, It is described be verified after in the encryption storage area access and/or storing data.
According to the method, in the step A, using preset logical block addresses as boundary, by the solid state hard disk Storage region be divided into normal storage region and encryption storage region.
According to the method, the step B includes:
Password and/or the identification of the identification of the encryption storage area access and/or storing data are set ID card and/or the fingerprint of identification.
According to the method, the step C includes:
Receive the key of request and input of the user to the encryption storage area access and/or storing data;
In the bottom of the solid state hard disk, the password that user inputs is verified according to the authentication secret;
After described be verified, the user is to the encryption storage area access and/or storing data;
When the verifying does not pass through, the user cannot be to the encryption storage area access and/or storing data.
According to method described in any of the above embodiments, when not by the subscriber authentication, the encryption storage region Invisible, the user can only operate the storage region other than the encryption storage region;And passing through user's body When part verifying, the encryption storage region is as it can be seen that the user can operate all storage regions of the solid state hard disk.
In order to realize another goal of the invention of the invention, the present invention also provides a kind of solid state hard disks, comprising: divides mould Block marks off encryption memory block in the storage region of the solid state hard disk for the logical blocks mapping table according to solid state hard disk Domain;Setup module, for the authentication secret of the encryption storage area access and/or storing data to be arranged;Verifying and operation mould Block, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret, described In the encryption storage area access and/or storing data after being verified.
According to the solid state hard disk, the division module is hard by the solid-state using preset logical block addresses as boundary The storage region of disk is divided into normal storage region and encryption storage region.
According to the solid state hard disk, the setup module includes: the first setting submodule, is deposited for the encryption to be arranged The password of storage area domain browsing and/or the identification of storing data;And/or second setting submodule, for the encryption to be arranged The ID card of the identification of storage area access and/or storing data;And/or submodule is arranged in third, for described add to be arranged The fingerprint of the identification of close storage area access and/or storing data.
According to the solid state hard disk, the verifying and operation module include: receiving submodule, for receiving user to institute State the key of request and the input of encryption storage area access and/or storing data;Submodule is verified, the solid-state is set to The bottom of hard disk, for being verified according to the authentication secret to the password that user inputs;
First operation submodule, for after described be verified, the user to the encryption storage area access with/
Or storing data;
Second operation submodule, for when the verifying does not pass through, the encryption cannot to be stored by controlling the user Region access and/or storing data.
According to the solid state hard disk, when not by the subscriber authentication, the encryption storage region is invisible,
The user can only operate the storage region other than the encryption storage region;And it is tested by the user identity When card, the encryption storage region is as it can be seen that the user can operate all storage regions of the solid state hard disk.
The present invention is realized by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk to user's certain number According to encryption storage and corresponding access authority management extend to ensure that the confidentiality and safety of user's specific data The characteristics such as the personalization of SSD and multi-functional, flexibility open new space for the application of SSD.Simultaneously as use The management of security permission is based on LBA address mapping table, i.e. the verifying of encrypted ones and the acquisition of security permission is bottom Hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition strategy have more High safety.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of solid state hard disk provided in an embodiment of the present invention;
Fig. 2 is that user provided in an embodiment of the present invention and operating system illustrate the access of solid state hard disk system encrypted partition Figure;
Fig. 3 is to illustrate inside solid state hard disk system provided in an embodiment of the present invention to the safety verification management of encrypted partition Figure;
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
Referring to Fig. 1, in the first embodiment of the present invention, a kind of solid state hard disk 100 is provided, comprising: division module 10, For the logical blocks mapping table according to solid state hard disk 100, encryption memory block is marked off in the storage region of solid state hard disk 100 Domain;Setup module 20, for the authentication secret of the encryption storage area access and/or storing data, verifying and operation to be arranged Module 30, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret, It is described be verified after in the encryption storage area access and/or storing data.
In this embodiment, division module 10, can be in solid state hard disk according to the logical blocks mapping table of solid state hard disk 100 00 storage region divides a block encryption storage region, after which needs user to pass through subscriber authentication, It is able to carry out the operation such as the data access in the region and the storage of data.And for subscriber authentication, then setup module 20 will Preset authentication secret;When user requests access to either data storage operations to the encryption section, by verifying and operating Module 30 is verified according to the key information that authentication secret and user input, and passes through the open encryption storage of verifying rear line Region.It is preferred, therefore, that the encryption storage region is invisible, and the user is only when not by the subscriber authentication The storage region other than the encryption storage region can be operated;It is not unauthorized by other to can protect encryption storage region in this way User views, and then influences when through the subscriber authentication, and the encryption storage region is as it can be seen that the user All storage regions of solid state hard disk 100 can be operated.
In conclusion the present invention is realized pair by the way that the encrypted partition based on address mapping table is arranged in solid state hard disk The encryption of user's specific data stores and corresponding access authority management, to ensure that the confidentiality and peace of user's specific data Quan Xing, the personalization and characteristics, the applications for being SSD such as multi-functional, flexibility for extending SSD open new space.Meanwhile by In the management of the security permission of use be based on LBA address mapping table, the i.e. verifying of encrypted ones and the acquisition of security permission Be bottom hard-disk system, rather than the application software on upper layer, be not easy it is artificial crack by force so that this encrypted partition plan Somewhat there is higher safety.
Certainly, the present invention can also have other various embodiments, without deviating from the spirit and substance of the present invention, ripe It knows those skilled in the art and makes various corresponding changes and modifications, but these corresponding changes and change in accordance with the present invention Shape all should fall within the scope of protection of the appended claims of the present invention.

Claims (10)

1. a kind of method of solid state hard disk encrypted partition, which is characterized in that described method includes following steps:
A, according to the logical blocks mapping table of solid state hard disk, encryption memory block is marked off in the storage region of the solid state hard disk Domain;
B, the authentication secret of the encryption storage area access and/or storing data is set;
C, the user identity that the encryption storage area access and/or storing data are verified according to the authentication secret, described In the encryption storage area access and/or storing data after being verified.
2. the method according to claim 1, wherein being with preset logical block addresses in the step A The storage region of the solid state hard disk is divided into normal storage region and encryption storage region by boundary.
3. the method according to claim 1, wherein the step B includes:
The password of the identification of the encryption storage area access and/or storing data and/or the ID card of identification are set And/or the fingerprint of identification.
4. the method according to claim 1, wherein the step C includes:
Receive the key of request and input of the user to the encryption storage area access and/or storing data;Described solid The bottom of state hard disk verifies the password that user inputs according to the authentication secret;After described be verified, institute User is stated to the encryption storage area access and/or storing data;When the verifying does not pass through, the user cannot be to institute State encryption storage area access and/or storing data.
5. method according to any one of claims 1 to 4, which is characterized in that when not by the subscriber authentication, The encryption storage region is invisible, and the user can only operate the storage region other than the encryption storage region;And When through the subscriber authentication, the encryption storage region is as it can be seen that the user can operate the solid state hard disk institute Some storage regions.
6. a kind of solid state hard disk characterized by comprising division module, for the logical blocks mapping table according to solid state hard disk, Encryption storage region is marked off in the storage region of the solid state hard disk;
Setup module, for the authentication secret of the encryption storage area access and/or storing data to be arranged;Verifying and operation mould Block, for verifying the user identity of the encryption storage area access and/or storing data according to the authentication secret, described In the encryption storage area access and/or storing data after being verified.
7. solid state hard disk according to claim 6, which is characterized in that the division module is with preset logical block addresses For boundary, the storage region of the solid state hard disk is divided into normal storage region and encryption storage region.
8. solid state hard disk according to claim 6, which is characterized in that the setup module includes: the first setting submodule, For the password of the identification of the encryption storage area access and/or storing data to be arranged;And/or second setting submodule Block, the ID card of the identification for the encryption storage area access and/or storing data to be arranged;And/or third setting Module, the fingerprint of the identification for the encryption storage area access and/or storing data to be arranged.
9. solid state hard disk according to claim 6, which is characterized in that the verifying and operation module include:
Receiving submodule, for receiving request and input of the user to the encryption storage area access and/or storing data Key;
Submodule is verified, the bottom of the solid state hard disk is set to, described in being inputted according to the authentication secret to user Password is verified;
First operation submodule, for after described be verified, the user to be to the encryption storage area access and/or deposits Store up data;
Second operation submodule, for when the verifying does not pass through, controlling the user cannot be to the encryption storage region Access and/or storing data.
10. according to the described in any item solid state hard disks of claim 6~9, which is characterized in that do not tested by the user identity When card, the encryption storage region is invisible, and the user can only operate the storage region other than the encryption storage region; And when through the subscriber authentication, the encryption storage region as it can be seen that the user can to operate the solid-state hard All storage regions of disk.
CN201811357452.XA 2018-11-15 2018-11-15 A kind of method of solid state hard disk encrypted partition Pending CN109521965A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811357452.XA CN109521965A (en) 2018-11-15 2018-11-15 A kind of method of solid state hard disk encrypted partition

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811357452.XA CN109521965A (en) 2018-11-15 2018-11-15 A kind of method of solid state hard disk encrypted partition

Publications (1)

Publication Number Publication Date
CN109521965A true CN109521965A (en) 2019-03-26

Family

ID=65777912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811357452.XA Pending CN109521965A (en) 2018-11-15 2018-11-15 A kind of method of solid state hard disk encrypted partition

Country Status (1)

Country Link
CN (1) CN109521965A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111079106A (en) * 2019-12-20 2020-04-28 山东方寸微电子科技有限公司 SSD multi-partition login method based on BIOS security mechanism and storage medium
CN111079170A (en) * 2019-11-04 2020-04-28 湖南源科创新科技有限公司 Control method and control device of solid state disk
CN111797441A (en) * 2020-07-06 2020-10-20 深圳市安信达存储技术有限公司 Partition authority encryption management solid state disk based on fingerprint unlocking and method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103558994A (en) * 2013-09-29 2014-02-05 记忆科技(深圳)有限公司 Method for encrypting solid state disk partitions and solid state disk
CN104090853A (en) * 2014-07-03 2014-10-08 武汉迅存科技有限公司 Solid-state disc encryption method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103558994A (en) * 2013-09-29 2014-02-05 记忆科技(深圳)有限公司 Method for encrypting solid state disk partitions and solid state disk
CN104090853A (en) * 2014-07-03 2014-10-08 武汉迅存科技有限公司 Solid-state disc encryption method and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111079170A (en) * 2019-11-04 2020-04-28 湖南源科创新科技有限公司 Control method and control device of solid state disk
CN111079170B (en) * 2019-11-04 2021-11-23 湖南源科创新科技有限公司 Control method and control device of solid state disk
CN111079106A (en) * 2019-12-20 2020-04-28 山东方寸微电子科技有限公司 SSD multi-partition login method based on BIOS security mechanism and storage medium
CN111797441A (en) * 2020-07-06 2020-10-20 深圳市安信达存储技术有限公司 Partition authority encryption management solid state disk based on fingerprint unlocking and method

Similar Documents

Publication Publication Date Title
CN103558994A (en) Method for encrypting solid state disk partitions and solid state disk
CN108023894B (en) Visa information system based on block chain and processing method thereof
KR101238848B1 (en) Versatile Content Control With Partitioning
US9104618B2 (en) Managing access to an address range in a storage device
EP2189922A2 (en) Memory system with versatile content control
TWI388985B (en) A method for controlling access to data in a storage device and a storage device
US20100023777A1 (en) System and method for secure firmware update of a secure token having a flash memory controller and a smart card
CN105975878B (en) Method for secure storing and system based on Nand Flash flash memory
CN109521965A (en) A kind of method of solid state hard disk encrypted partition
CN104090853A (en) Solid-state disc encryption method and system
CN103366797A (en) Design method of security U disk by employing wireless authentication terminal for authorizing authentication, encryption and decryption
CN101788959A (en) Solid state hard disk secure encryption system
JP6393375B2 (en) Electronic device network, electronic device and inspection process thereof
US20100023650A1 (en) System and method for using a smart card in conjunction with a flash memory controller to detect logon authentication
CN103310169A (en) SD (Secure Digital) card data protection method and protection system thereof
US20090086965A1 (en) Secure, two-stage storage system
CN103390125A (en) Design method for safe and mobile storage controller authorized and encrypted/decrypted by wireless terminal
CN109388974A (en) With the non-volatile memory device read safely
CN101595488A (en) Be used for content is tied to the method and apparatus of independent storage arrangement
EP1836642A2 (en) Control structure for versatile content control and method using structure
US7596702B2 (en) Network storage devices
CN105740733A (en) Encrypted mobile hard disk and realization method thereof
CN103473512B (en) A kind of mobile memory medium management method and device
CN206515828U (en) The data storage device of safety encryption
US20210133344A1 (en) Enhanced Securing and Secured Processing of Data at Rest

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination