CN114153396A - Data processing method and device, data storage equipment and terminal equipment - Google Patents
Data processing method and device, data storage equipment and terminal equipment Download PDFInfo
- Publication number
- CN114153396A CN114153396A CN202111463477.XA CN202111463477A CN114153396A CN 114153396 A CN114153396 A CN 114153396A CN 202111463477 A CN202111463477 A CN 202111463477A CN 114153396 A CN114153396 A CN 114153396A
- Authority
- CN
- China
- Prior art keywords
- password
- space
- data processing
- data
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013500 data storage Methods 0.000 title claims abstract description 38
- 238000003672 processing method Methods 0.000 title claims abstract description 23
- 238000012545 processing Methods 0.000 claims abstract description 187
- 238000000034 method Methods 0.000 claims abstract description 20
- 238000013507 mapping Methods 0.000 claims description 25
- 230000007704 transition Effects 0.000 claims description 14
- 238000002955 isolation Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 10
- 238000005192 partition Methods 0.000 description 7
- 230000003993 interaction Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0638—Organizing or formatting or addressing of data
- G06F3/0644—Management of space entities, e.g. partitions, extents, pools
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Human Computer Interaction (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a data processing method, a data processing device, a data storage device and a terminal device, wherein the data storage device comprises a first space and a second space, and the second space is an encryption space; the method comprises the steps of judging the target operation type of a data processing password by receiving password information of the data processing password sent by a host; if the data processing password does not comprise the password information, accessing a first space according to the data processing password, and if the target operation type of the data processing password belongs to a first preset type, accessing the first space according to the data processing password; and if the target operation type of the data processing password belongs to a second preset type, accessing a second space according to the data processing password. The isolation of the conventional storage space and the encrypted storage space is realized through the first space and the second space, and the data contents are respectively mapped according to different types of data processing passwords, so that the safety of stored data is ensured.
Description
Technical Field
The present invention relates to the field of data storage technologies, and in particular, to a data processing method and apparatus, a data storage device, and a terminal device.
Background
In the existing hard disk data security solution, the entire Logical Block Address (LBA) Address space of the disk is usually presented to the host side. For example, the LBA range of 240G disk is: 0 (468862128-1), the host side can see this entire LBA address space. Then, in the address space, a system partition is divided from the beginning, and the subsequent partitions are used as safe partitions.
Such an approach has the following disadvantages: the concealment is not good enough, and the host side can sense the safe partition condition of the lower layer of the disk, so that certain safety risk exists. Since the user can read the data within the secure partition, there is a risk that the data may be deciphered. The existing hard disk storage scheme has the technical problem that the safety is difficult to guarantee.
Disclosure of Invention
In order to solve the above technical problem, embodiments of the present application provide a data processing method, an apparatus, a data storage device, and a terminal device, and the specific scheme is as follows:
in a first aspect, an embodiment of the present application provides a data processing method, which is applied to a data storage device, where the data storage device includes a first space and a second space, and the second space is an encrypted space; the method comprises the following steps:
receiving a data processing password;
when the data processing password does not comprise password information, accessing the first space according to the data processing password;
when the data processing password comprises password information, judging the target operation type of the data processing password according to the password information;
if the target operation type of the data processing password belongs to a first preset type, accessing the first space according to the data processing password;
and if the target operation type of the data processing password belongs to a second preset type, accessing the second space according to the data processing password.
According to a specific implementation manner of the embodiment of the present application, the step of determining the target operation type of the data processing password according to the password information includes:
searching a password matched with the password information in a preset encryption password library;
if the password matched with the password information is not found in the preset encryption password library, judging that the target operation type of the data processing password belongs to a first preset type;
and if the password matched with the password information is matched in the preset encryption password library, judging that the target operation type of the data processing password belongs to a second preset type.
According to a specific implementation manner of the embodiment of the present application, if the target operation type of the data processing password belongs to a second preset type, the step of accessing the second space according to the data processing password includes:
data encryption is carried out on the data content to be processed corresponding to the data processing password;
and mapping the encrypted data content to be processed to the second space.
According to a specific implementation manner of the embodiment of the application, when the first space is accessed according to the data processing password, the second space is in an invisible state;
if the target operation type of the data processing password belongs to a first preset type, the method further comprises the following steps:
and if the logical block address to be occupied by the data content to be processed corresponding to the data processing password is larger than the remaining address of the first space, stopping mapping the data content to be processed corresponding to the remaining data processing password after mapping all the remaining addresses of the first space.
According to a specific implementation manner of the embodiment of the present application, if the target operation type of the data processing password belongs to a second preset type, the step of accessing the second space according to the data processing password further includes:
if a target address interval in the first space stores part of data in the data content to be processed corresponding to the data processing password, selecting part of encrypted addresses in the second space and marking the encrypted addresses as transition addresses;
and accessing a target address interval in the first space through the transition address of the second space. According to a specific implementation manner of the embodiment of the present application, after the step of accessing the target address interval in the first space through the transition address of the second space, the method further includes:
and when the access from the transitional address of the second space to the target address interval of the first space is finished, restoring the transitional address to the encrypted address of the second space.
In a second aspect, an embodiment of the present application provides a data processing apparatus, which is applied to a data storage device, where the data storage device includes a first space and a second space, and the second space is an encrypted space; the device comprises:
the receiving module is used for receiving a data processing password sent by the host;
the first processing module is used for accessing a first space according to the data processing password when the data processing password does not comprise password information;
the second processing module is used for judging the target operation type of the data processing password according to the password information when the data processing password comprises the password information;
the first mapping module is used for accessing a first space according to the data processing password if the target operation type of the data processing password belongs to a first preset type;
and the second mapping module is used for accessing a second space according to the data processing password if the target operation type of the data processing password belongs to a second preset type.
According to a specific implementation manner of the embodiment of the present application, the second processing module is specifically configured to search a password matched with the password information in a preset encryption password library, determine that the target operation type of the data processing password belongs to a first preset type if the password matched with the password information is not found in the preset encryption password library, and determine that the target operation type of the data processing password belongs to a second preset type if the password matched with the password information is matched in the preset encryption password library.
In a third aspect, an embodiment of the present application further provides a data storage device, where the data storage device includes a first space, a second space, and the data processing apparatus in the second aspect, where the second space is an encrypted space.
In a fourth aspect, an embodiment of the present application further provides a terminal device, where the terminal device includes the data storage device in the third aspect.
To sum up, the embodiment of the present application provides a data processing method, a data processing apparatus, a data storage device, and a terminal device, where the data processing method is applied to a data processing device, the data processing device includes a first space and a second space, and the second space is an encrypted space; the method comprises the steps that whether a data processing password sent by a host computer comprises password information or not is received, if the data password does not comprise the password information, the first space is accessed according to the data password, and if the data processing password comprises the password information, the target operation type of the data processing password is judged according to the password information; if the target operation type of the data processing password belongs to a first preset type, accessing a first space according to the data processing password; and if the target operation type of the data processing password belongs to a second preset type, accessing a second space according to the data processing password. The isolation of the conventional storage space and the encrypted storage space is realized through the first space and the second space, and the data contents are respectively mapped according to different types of data processing passwords, so that the safety of stored data is ensured.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings required to be used in the embodiments will be briefly described below, and it should be understood that the following drawings only illustrate some embodiments of the present invention, and therefore should not be considered as limiting the scope of the present invention. Like components are numbered similarly in the various figures.
Fig. 1 is a schematic method flow diagram illustrating a data processing method according to an embodiment of the present application;
fig. 2 is a schematic view illustrating an interaction scenario applied by a data processing method provided in an embodiment of the present application;
fig. 3 is a schematic diagram illustrating another interaction scenario applied by a data processing method provided in an embodiment of the present application;
FIG. 4 is a schematic diagram illustrating interaction of some steps in a data processing method according to an embodiment of the present application;
fig. 5 shows a block diagram of a data processing apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Hereinafter, the terms "including", "having", and their derivatives, which may be used in various embodiments of the present invention, are only intended to indicate specific features, numbers, steps, operations, elements, components, or combinations of the foregoing, and should not be construed as first excluding the existence of, or adding to, one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the present invention belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in various embodiments of the present invention.
Referring to fig. 1, a schematic method flow diagram of a data processing method provided in an embodiment of the present application is shown, and fig. 2 and fig. 3 are schematic interaction scenarios applied to the provided data processing method. An embodiment of the present application provides a data processing method, which is applied to a data storage device, as shown in fig. 2 and fig. 3, where the data storage device includes a first space and a second space, and the second space is an encrypted space;
as shown in fig. 1, the data processing method includes:
step S101, receiving a data processing password;
in a specific embodiment, as shown in fig. 2, a disk layer of the data storage device in the embodiment of the present application is divided into a first space and a second space, where the first space adopts a transparent mode, none of data contents stored in the first space is encrypted, and a user may store general data contents such as a general operating system or general software storage in the first space. The first space may be a portion of a clear area (area a) as shown in fig. 2, and the logical block address range mapped by the first space is LBA0 to LBA MAX/2-1.
The second space is an encrypted space, the data content stored in the second space must be encrypted, the encryption operation can be performed by the disk side in a user-defined manner, or the data content can be mapped into the second space after being encrypted by the host side, any general encryption operation of the computer is within the protection range of the scheme, and no specific limitation is made on the encryption operation. The second space may be a dense area (area B) portion as shown in fig. 2, and the logical block address range mapped by the second space is LBA MAX/2 to LBA MXA-1.
As shown in fig. 2 and fig. 3, the size of the spatial address of the first space and the size of the spatial address of the second space may be the same or different, and are not limited herein.
The disk logical processing layer is in data communication with the corresponding host side and the corresponding disk layer, wherein the disk logical processing layer can be a control chip corresponding to the data storage device and is used for receiving a data processing password sent by the host side and controlling the logical address space of the disk side to map the physical address space of the designated area according to the data processing password.
When the data storage device accesses the first space according to the data processing password, that is, the logical address mapped by the disk logical processing layer is the spatial address of the first space, the host side can only use the spatial address in the first space, and the spatial address of the second space is invisible to the host side view and the user side view. When the logical address mapped by the disc logical processing layer is a spatial address of a second space, the address used by the host side is a spatial address in the second space, but the first spatial address is visible to the host side view and the user side view.
Specifically, when the logical address mapped by the disc logical processing layer is a spatial address of the second space, the spatial address in the first space and the spatial address in the second space can be used simultaneously.
In general, the logical processing layer of the disk controls the logical address space of the data storage device to perform address mapping to the first space. When the logical processing layer of the disc receives a data processing password from the host, the logical processing layer of the disc first determines whether the logical address space should map the address to the first space or the second space according to whether the data processing password includes the password information.
Step S102, when the data processing password does not include password information, accessing the first space according to the data processing password;
in a specific embodiment, when the disc logical processing layer receives that the data processing password sent by the host side does not include any password information, the disc logical processing layer defaults that the logical space of the data storage device maps an address to a first space, that is, data content in the data processing password is mapped to the first space.
At this time, the second space is invisible to the host side viewing angle and the user side viewing angle. When the user views the contents of the data storage device on the host side, only the contents stored in the first space can be viewed. And various data operations executed by the user are stored and mapped to the first space.
Step S103, when the data processing password comprises password information, judging the target operation type of the data processing password according to the password information;
in a specific embodiment, when the host side interacts with the disk side, the host side sends a data processing password to a disk logical processing layer of the disk side, and the data processing password received by the disk logical processing layer includes password information and data operation content. The password information is used for indicating the operation type which needs to be applied by the host side for the data operation content, and the implementation mode of the password information can be a password added by self after type judgment, and can also be a password set by a user when the user inputs the data operation content. The cryptographic information is typically used for disc side authentication for the type of operation of the host.
The data operation content comprises specific data needing to be extracted from the space address of the disc layer or specific data needing to be stored in the space address of the disc layer, such as general operating system content and special secure operating system content.
The disc logical processing layer judges whether to perform address mapping through the first space or the second space according to the data processing password sent by the host side.
In a specific embodiment, when the host side stores or extracts data to or from the disk side, a data processing password is sent to the disk logical processing layer, where the data processing password includes password information generated by the host side in a self-defined manner. Of course, the password information may also be set by the user in a self-defined manner, and is not limited in particular here.
And the disc logical processing layer judges whether to carry out address mapping to the first space or to the second space according to the password information in the data processing password.
According to a specific implementation manner of the embodiment of the present application, the step of determining the target operation type of the data processing password according to the password information includes:
searching a password matched with the password information in a preset encryption password library;
if the password matched with the password information is not found in the preset encryption password library, judging that the target operation type of the data processing password belongs to a first preset type;
and if the password matched with the password information is matched in the preset encryption password library, judging that the target operation type of the data processing password belongs to a second preset type.
In a specific embodiment, the preset encryption password library is set in advance in a Basic Input Output System (BIOS) by a user, and the password bound to the second space is stored in the preset encryption password library.
And after receiving the data processing password sent by the host side, the disk logical processing layer searches a password matched with password information of the data processing password in the preset encryption password library. And if the password information in the data processing password is not stored in the encryption password library, judging that the target address mapped by the data processing password is the address of a first space, namely judging that the target operation type of the data processing password belongs to a first preset type, and performing data interaction on conventional general data.
And if the password information in the data processing password is stored in the encryption password library, judging that the target address mapped by the data processing password is the address of a second space, namely judging that the target operation type of the data processing password belongs to a second preset type, and performing data interaction on the data to be encrypted.
Step S104, if the target operation type of the data processing password belongs to a first preset type, accessing the first space according to the data processing password;
in a specific embodiment, when the target operation type of the data processing password belongs to a first preset type, it may be determined that the data contents included in the data processing password are all general-purpose data contents, for example, installing a general-purpose operating system or installing general-purpose software. The disc logical processing layer controls the host side to map the data content to the first space, and a user can only read the space address information in the first space at the host side.
For example, when the target type of the data processing password sent by the host side belongs to a first preset type, the space address of the disk side is 240G, the space address of the first space is 130G, the space address of the second space is 110G, and the hard disk space address displayed on the host side is only 130G.
According to a specific implementation manner of the embodiment of the present application, if the target operation type of the data processing password belongs to a first preset type, the method further includes:
and if the logical block address to be occupied by the data content to be processed corresponding to the data processing password is larger than the remaining address of the first space, stopping mapping the data content to be processed corresponding to the remaining data processing password after mapping all the remaining addresses of the first space.
In an embodiment, the logical block address to be occupied by the data content to be processed may be smaller than the remaining address of the first space, and may also be larger than the remaining address of the first space.
When the host side maps the data content to be processed to the first space, if the logical block address to be occupied by the data content to be processed is smaller than or equal to the remaining address of the first space, all the data content to be processed is mapped to the space address of the first space.
If the logical block address to be occupied by the data content to be processed is larger than the remaining address of the first space, mapping the data content to be processed to the spatial address of the first space until the spatial address of the first space is completely mapped, and sending an instruction to stop mapping the remaining data content to be processed by the disk logical processing layer. Thereby avoiding the situation that the data stored in the disk slice layer is excessive and causes data loss.
Step S105, if the target operation type of the data processing password belongs to a second preset type, accessing the second space according to the data processing password.
In a specific embodiment, when the host side stores or extracts data operation content that needs to be encrypted, for example, a dedicated encryption system is installed or dedicated encryption software is installed, password information in the data processing password needs to be set in advance, so that a target operation type of the data processing password belongs to a second preset type, and the host side maps the data content to the second space.
And when the target operation type of the data processing password belongs to a second preset type, the host side can only display the space address of the second space. For example, if the space address of the disc side is 240G, the space address of the first space is 130G, the space address of the second space is 110G, and the space address displayed on the host side is 110G.
Specifically, if the target operation type of the data processing password belongs to a second preset type, the step of accessing the second space according to the data processing password includes:
data encryption is carried out on the data content to be processed corresponding to the data processing password;
and mapping the encrypted data content to be processed to the second space.
In a specific embodiment, all data to be mapped to the second space need to be encrypted in a basic input/output system, and after data encryption is performed on the data content to be processed, the encrypted data content is mapped to a space address of the second space.
As shown in fig. 4, according to a specific implementation manner of the embodiment of the present application, if the target operation type of the data processing password belongs to a second preset type, the step of accessing the second space according to the data processing password further includes:
if a target address interval in the first space stores part of data in the data content to be processed corresponding to the data processing password, selecting part of encrypted addresses in the second space and marking the encrypted addresses as transition addresses;
and accessing a target address interval in the first space through the transition address of the second space.
In a specific embodiment, when part of data in the data content to be mapped is already stored in the target address interval in the first space, the disc logical processing layer may further select a part of encrypted addresses in the second space to be marked as transition addresses, and access the target address interval in the first space through the transition addresses, so as to directly obtain the part of data to be used from the first space.
It should be noted that, when the disk logical processing layer marks the transition address in the second space, the disk logical processing layer marks a partial encrypted address in the logical address space of the second space to indicate the target address interval of the physical address space in the first space, so that the corresponding data content can be extracted from the physical address space of the first space, and the size of the space address of the second space is saved.
Specifically, after the step of accessing the target address interval in the first space through the transition address in the second space, the method further includes:
and when the access from the transitional address of the second space to the target address interval of the first space is finished, restoring the transitional address to the encrypted address of the second space.
After the partial data in the first space is used up, that is, after the mapping process from the transition address of the second space to the target address interval of the first space is completed, the transition address is restored to the encrypted address of the second space before being occupied.
Through the arrangement of the first space and the second space, the complete isolation of the transparent data and the encrypted data on the disk side is completed, and the situation that a user can directly see all the transparent data and the encrypted data from the host side is avoided. After the password information for converting the mapping object is set in the basic input and output system, the corresponding mapping switching can be carried out in real time according to the data operation password of the host side through the disk logical processing layer, so that the use and safety of data storage and communication in a computer system are guaranteed.
Referring to fig. 5, a schematic block diagram of a data processing apparatus 500 according to an embodiment of the present disclosure is shown. The data processing apparatus 400 provided in the embodiment of the present application is applied to a data storage device, as shown in fig. 2 and fig. 3, the data storage device includes a first space and a second space, where the second space is an encrypted space;
as shown in fig. 5, the data processing apparatus 500 includes:
a receiving module 501, configured to receive a data processing password;
a first processing module 502, configured to, when the data processing password does not include password information, access the first space according to the data processing password;
a second processing module 503, configured to, when the data processing password includes password information, determine a target operation type of the data processing password according to the password information;
a first mapping module 504, configured to access the first space according to the data processing password if the target operation type of the data processing password belongs to a first preset type;
a second mapping module 505, configured to access the second space according to the data processing password if the target operation type of the data processing password belongs to a second preset type.
According to a specific implementation manner of the embodiment of the present application, the second processing module 502 is specifically configured to search a password matched with the password information in a preset encryption password library, determine that a target operation type of the data processing password belongs to a first preset type if the password matched with the password information is not found in the preset encryption password library, and determine that the target operation type of the data processing password belongs to a second preset type if the password matched with the password information is matched in the preset encryption password library.
In addition, an embodiment of the present application further provides a data storage device, where the data storage device includes a first space, a second space and the data processing apparatus in the foregoing embodiment, where the second space is an encrypted space.
The embodiment of the application also provides terminal equipment, and the terminal equipment comprises the data storage equipment in the embodiment.
To sum up, the embodiments of the present disclosure provide a data processing method and apparatus, a data storage device, and a terminal device, which implement data isolation between a transparent area and an encrypted area on a disk side by setting a first space and a second space, thereby avoiding a situation that a user can directly obtain a partition of a secure partition on the disk side on a host side. And the mapping object can be switched in real time according to the type of the data operation content in the use process of the host by setting the password in the basic input and output system in advance to carry out the switching operation of the mapping object. The user can store the special safe operating system in the second space to realize the isolated use of the safe operating system and ensure the safety of system data. And through the setting of first space and second space, do not have the compatible problem of system installation, can adapt to the installation and the use of all kinds of general systems and general software. For specific implementation processes of the data processing apparatus, the data storage device, and the terminal device, reference may be made to the specific implementation processes of the foregoing method embodiments, and details are not repeated here.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part of the technical solution that contributes to the prior art in essence can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a smart phone, a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention.
Claims (10)
1. The data processing method is applied to a data storage device, wherein the data storage device comprises a first space and a second space, and the second space is an encryption space; the method comprises the following steps:
receiving a data processing password;
when the data processing password does not comprise password information, accessing the first space according to the data processing password;
when the data processing password comprises password information, judging the target operation type of the data processing password according to the password information;
if the target operation type of the data processing password belongs to a first preset type, accessing the first space according to the data processing password;
and if the target operation type of the data processing password belongs to a second preset type, accessing the second space according to the data processing password.
2. The data processing method of claim 1, wherein the step of determining the target operation type of the data processing password according to the password information comprises:
searching a password matched with the password information in a preset encryption password library;
if the password matched with the password information is not found in the preset encryption password library, judging that the target operation type of the data processing password belongs to a first preset type;
and if the password matched with the password information is matched in the preset encryption password library, judging that the target operation type of the data processing password belongs to a second preset type.
3. The data processing method of claim 1, wherein if the target operation type of the data processing password is of a second preset type, the step of accessing the second space according to the data processing password comprises:
data encryption is carried out on the data content to be processed corresponding to the data processing password;
and mapping the encrypted data content to be processed to the second space.
4. The data processing method according to claim 1, wherein when the first space is accessed according to the data processing password, the second space is in an invisible state;
if the target operation type of the data processing password belongs to a first preset type, the method further comprises the following steps:
and if the logical block address to be occupied by the data content to be processed corresponding to the data processing password is larger than the remaining address of the first space, stopping mapping the data content to be processed corresponding to the remaining data processing password after mapping all the remaining addresses of the first space.
5. The data processing method of claim 1, wherein if the target operation type of the data processing password is of a second preset type, the step of accessing the second space according to the data processing password further comprises:
if a target address interval in the first space stores part of data in the data content to be processed corresponding to the data processing password, selecting part of encrypted addresses in the second space and marking the encrypted addresses as transition addresses;
and accessing a target address interval in the first space through the transition address of the second space.
6. The data processing method of claim 5, wherein after the step of accessing the target address interval in the first space by the transition address in the second space, the method further comprises:
and when the access from the transitional address of the second space to the target address interval of the first space is finished, restoring the transitional address to the encrypted address of the second space.
7. The data processing device is applied to a data storage device, wherein the data storage device comprises a first space and a second space, and the second space is an encryption space; the device comprises:
the receiving module is used for receiving a data processing password;
the first processing module is used for accessing a first space according to the data processing password when the data processing password does not comprise password information;
the second processing module is used for judging the target operation type of the data processing password according to the password information when the data processing password comprises the password information;
the first mapping module is used for accessing a first space according to the data processing password if the target operation type of the data processing password belongs to a first preset type;
and the second mapping module is used for accessing a second space according to the data processing password if the target operation type of the data processing password belongs to a second preset type.
8. The apparatus according to claim 7, wherein the second processing module is specifically configured to search for a password matching the password information in a preset encryption password library, determine that the target operation type of the data processing password belongs to a first preset type if the password matching the password information is not found in the preset encryption password library, and determine that the target operation type of the data processing password belongs to a second preset type if the password matching the password information is matched in the preset encryption password library.
9. A data storage device, characterized in that the data storage device comprises a first space, a second space and the data processing apparatus of any of claims 7-8, wherein the second space is an encrypted space.
10. A terminal device, characterized in that it comprises a data storage device according to claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111463477.XA CN114153396B (en) | 2021-12-03 | 2021-12-03 | Data processing method and device, data storage device and terminal device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111463477.XA CN114153396B (en) | 2021-12-03 | 2021-12-03 | Data processing method and device, data storage device and terminal device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114153396A true CN114153396A (en) | 2022-03-08 |
| CN114153396B CN114153396B (en) | 2024-03-19 |
Family
ID=80456047
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111463477.XA Active CN114153396B (en) | 2021-12-03 | 2021-12-03 | Data processing method and device, data storage device and terminal device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114153396B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115994370A (en) * | 2023-01-29 | 2023-04-21 | 紫光同芯微电子有限公司 | Software encryption processing method, device, equipment and medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1534655A (en) * | 2003-03-28 | 2004-10-06 | ������������ʽ���� | Method and apparatus for encrypting input and output of data to be hidden |
| US20080046760A1 (en) * | 2006-06-30 | 2008-02-21 | Yasuaki Nakazato | Storage device for storing encrypted data and control method thereof |
| CN102542211A (en) * | 2010-12-27 | 2012-07-04 | 北京爱国者信息技术有限公司 | Multi-media file protecting system and access method thereof |
| US20130151858A1 (en) * | 2011-12-08 | 2013-06-13 | Phison Electronics Corp. | Storage device protection system and method for locking and unlocking storage device |
| KR20170092177A (en) * | 2016-02-02 | 2017-08-11 | 삼성전자주식회사 | System on chip and operation method thereof |
| US20180309744A1 (en) * | 2017-04-20 | 2018-10-25 | Hung-Chien Chou | Storage device and operation method of the same |
| CN112083879A (en) * | 2020-08-13 | 2020-12-15 | 杭州电子科技大学 | Physical partition isolation and hiding method for storage space of solid state disk |
-
2021
- 2021-12-03 CN CN202111463477.XA patent/CN114153396B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1534655A (en) * | 2003-03-28 | 2004-10-06 | ������������ʽ���� | Method and apparatus for encrypting input and output of data to be hidden |
| US20080046760A1 (en) * | 2006-06-30 | 2008-02-21 | Yasuaki Nakazato | Storage device for storing encrypted data and control method thereof |
| CN102542211A (en) * | 2010-12-27 | 2012-07-04 | 北京爱国者信息技术有限公司 | Multi-media file protecting system and access method thereof |
| US20130151858A1 (en) * | 2011-12-08 | 2013-06-13 | Phison Electronics Corp. | Storage device protection system and method for locking and unlocking storage device |
| KR20170092177A (en) * | 2016-02-02 | 2017-08-11 | 삼성전자주식회사 | System on chip and operation method thereof |
| US20180309744A1 (en) * | 2017-04-20 | 2018-10-25 | Hung-Chien Chou | Storage device and operation method of the same |
| CN112083879A (en) * | 2020-08-13 | 2020-12-15 | 杭州电子科技大学 | Physical partition isolation and hiding method for storage space of solid state disk |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115994370A (en) * | 2023-01-29 | 2023-04-21 | 紫光同芯微电子有限公司 | Software encryption processing method, device, equipment and medium |
| CN115994370B (en) * | 2023-01-29 | 2023-12-19 | 紫光同芯微电子有限公司 | Software encryption processing method, device, equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114153396B (en) | 2024-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11321452B2 (en) | Execution environment virtualization method and apparatus and virtual execution environment access method and apparatus | |
| CN111723383B (en) | Data storage and verification method and device | |
| CN105447406A (en) | Method and apparatus for accessing storage space | |
| CN103617404A (en) | Storing device of safety partitions | |
| CN106155596B (en) | Data writing method and device | |
| US20090164709A1 (en) | Secure storage devices and methods of managing secure storage devices | |
| CN105678191A (en) | Method for improving system safety by utilizing SoC Internal memory, terminal and system | |
| CN105554908A (en) | Method, master device, slave device and system for achieving code scanning automatic bluetooth connection | |
| CN109255262A (en) | Data guard method and solid state hard disk | |
| CN109408403A (en) | Mapping method, device, system and storage medium based on storage equipment bottom | |
| CN110221990B (en) | Data storage method and device, storage medium and computer equipment | |
| CN110543775B (en) | Data security protection method and system based on super-fusion concept | |
| CN114153396B (en) | Data processing method and device, data storage device and terminal device | |
| CN103473512B (en) | A kind of mobile memory medium management method and device | |
| CN114707147A (en) | Service request processing method and electronic equipment | |
| CN112597537B (en) | File processing method and device, intelligent equipment and storage medium | |
| CN104281415A (en) | Data processing method and device for air conditioner | |
| CN102301369B (en) | Data storage device access method and device | |
| CN109977692B (en) | Data processing method and device, storage medium and electronic equipment | |
| CN112182555A (en) | Weak password detection method, device, electronic apparatus, storage medium, and program | |
| CN105871840A (en) | Certificate management method and system | |
| CN103699855A (en) | Data processing method and data processing device | |
| CN107545185A (en) | Android mobile terminal administration authority detection method, device, terminal and storage medium | |
| US20090235365A1 (en) | Data access system | |
| US20200104514A1 (en) | Secure portable data apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |