CN101183341A - Computer data security method - Google Patents
Computer data security method Download PDFInfo
- Publication number
- CN101183341A CN101183341A CNA2007101720048A CN200710172004A CN101183341A CN 101183341 A CN101183341 A CN 101183341A CN A2007101720048 A CNA2007101720048 A CN A2007101720048A CN 200710172004 A CN200710172004 A CN 200710172004A CN 101183341 A CN101183341 A CN 101183341A
- Authority
- CN
- China
- Prior art keywords
- hpa
- user
- subregion
- partition
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a security method for computer data, comprising the following steps: (1) the system hard disk is divided into a common disk partition, a system hidden partition and an HPA partition; wherein an independent security data space is specified in the HPA partition. A monitor procedure is arranged in the operating system, which operates as the operating system is started and is used to monitor the access request of the HPA partition; (2) the user access request to the HPA partition is identified by the monitor procedure; the access to the security data space is controlled by verifying whether the user has access right to the HPA partition. With the invention, on the one hand, the security data is stored in the HPA partition, which can not be accessed by uses under normal operating system, and on the other hand, the access right to the HPA partition is limited; thus the invention has the advantages of better security, time and labor saving.
Description
Technical field:
The present invention relates to a kind of time slot scrambling of new computer data, and be particularly related to a kind ofly,, realize data confidentiality by control of authority at the HPA regional addressing based on disk HPA partitioning technique.
Technical background:
In existing computer, no matter be notebook or desktop computer, a lot of functions that all possessed data confidentiality, yet in known method, data encryption mainly realizes in the following manner: the data file is provided with password or carries out the data recompile by certain algorithm, or by data hidden is realized in certain system partitioning.The defective of its existence is, can be at the data that password is set by cracking after some password cracking software computings, and the method for carrying out data encryption by algorithm need expend long time at big file; In the method that certain subregion is maintained secrecy, the subregion of data hidden can be viewed under other operating systems with data hidden in employing.Therefore, for the user, existing data encryption method is not only dangerous but also waste time and energy.
Summary of the invention:
Defective in view of the prior art existence, the purpose of this invention is to provide a kind of new computer data security method, this method is by being provided with a special private data storage space in hard disk, and control is to the visit and the read-write in this space, thereby realizes purpose that data are maintained secrecy.
Technical scheme of the present invention is as follows:
A kind of computer data security method may further comprise the steps:
1. system disk is divided into HPA subregion and ordinary magnetic disc subregion two parts, the HPA subregion belongs to system's hidden partition, and (as Windows, Dos, Linux) user can't have access under the normal operations system; In the HPA subregion, for the user keep one independently data space be used for the access of data.A monitoring process that moves with os starting is installed in operating system, is used to monitor the request of access of HPA subregion.
2. the user asks to visit HPA subregion and monitored process and discerns, and verifies at first whether the user has the access rights of HPA subregion, if the user has access rights, then loads the HPA subregion and allows the user to conduct interviews and access in described private data space; If the user does not have access rights, then refusal loads the HPA subregion.
In the above-mentioned data guard method, in the described step 2 user to ask to visit the HPA partitioned method as follows:
2.1 the user starts module by one and starts a trigger pip, this trigger pip is discerned back specific code of formation produces this trigger pip with the expression user purpose through reception and parsing module.Described startup module can be arranged on a button on the computer front panel, and a perhaps shortcut on the keyboard receives and parsing module can be a circuit board or one section program.
2.2 the code that is produced by trigger pip is passed in the operating system, is installed in the specific monitoring process identification that moves with system start-up in the system.
In the above-mentioned data guard method; loading the HPA partitioned method in the described step 2 is: adopt the Mount instruction with virtual mode the HPA subregion to be articulated on the operating system; this HPA subregion embodies in a new disk partition mode, and the Mount instruction adds that trailing parameter is to control the reading and writing authority of this HPA subregion.
Advantage of the present invention and good effect:
Computer data security method of the present invention, by set system's hidden partition in system disk is the HPA subregion, in this HPA subregion, the user can't have access at all under the normal operations system with the data storage of need to be keep secret, therefore has higher security.When needs carry out read-write operation to private data, verify at first whether the user has the access rights of HPA subregion, only allow the user who has the right to visit in the HPA subregion, to read and store data.Therefore, the relative prior art of computer data security method of the present invention, not only safe but also time saving and energy saving.
Description of drawings:
Fig. 1 is the schematic flow sheet of data encryption method embodiment of the present invention.
Embodiment:
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail.
A kind of new data encryption method may further comprise the steps:
1. system disk is divided into HPA subregion and ordinary magnetic disc subregion two parts.The HPA subregion belongs to system's hidden partition, and the user can't have access under the Windows of normal operations system, in the HPA subregion for the user keep one independently data space be used for the access of data.HPA (Hidden Protected Area) is after the ATA-5 agreement is established; introduced " main protection zone " notion; realize by directly a zone at hard disk rear portion being protected with ata command; not only operating system can't be seen this zone, even mainboard BIOS all can't read " the main protection zone " that is under the guard mode.
2. the Control Software with HPA regional addressing ability is installed in Windows operating system, and this software is realized two functions:
A. has a monitoring process that moves with os starting.This process is moved with system start-up, and its task is exactly constantly to check the request of whether visiting the HPA subregion.
B. the function that the HPA subregion is loaded and reads.The mode that adopts is the HPA subregion to be articulated on the operating system with virtual mode with the Mount instruction, and this HPA subregion embodies in a new disk partition mode, and new drive is arranged, and the Mount instruction adds that trailing parameter can control the reading and writing authority of this subregion.
3. the user starts module by one and starts a trigger pip, and it is to visit the HPA subregion with the purpose that the expression user produces this trigger pip that this trigger pip process reception and parsing module are discerned specific code of back formation.Described startup module can be arranged on a button on the computer front panel, and a perhaps shortcut on the keyboard receives and parsing module can be a circuit board or one section program.
4. the code that is produced by trigger pip is passed in the operating system, is installed in the specific monitoring process identification that moves with system start-up in the system, thereby accesses the software module that this has HPA regional addressing ability.
5. behind the software startup, at first the user is carried out authentication, the user need import login password.If by password authentification, software will be opened the HPA subregion, and allow the data in the user capture HPA subregion, or by open, move, mode such as copy realizes visit and read-write operation to the secret data of quilt.If can not be by password authentification, software be opened the HPA subregion with refusal, and then the user can't realize visit and the read-write operation to the secret data of quilt.
Under off-mode, the user need visit the private data in the HPA subregion is conducted interviews and when reading and writing, at first press the system start-up key, in the time of system start-up the monitoring process with system start-up in the Control Software is started, then, it (can be the shortcut on the keyboard that the user presses function triggering key, the button on cabinet surface, perhaps other enabling signal devices that can trigger), after receiving and parsing module receive the relative trigger signal, resolve to code and send to monitoring process, after monitoring process is discerned this code, start software module with HPA regional addressing ability.
Claims (5)
1. computer data security method is characterized in that may further comprise the steps:
(1) system disk is divided into ordinary magnetic disc subregion and the hidden partition HPA of system subregion two parts, in the HPA subregion, for the user keep one independently the private data space be used for the access of private data; A monitoring process that moves with os starting is installed in operating system, is used to monitor the request of access of HPA subregion;
(2) user asks to visit the HPA subregion and is discerned by described monitoring process, verifies at first whether the user has the access rights of HPA subregion, if the user has access rights, then loads the HPA subregion and allows the user to conduct interviews and access in described private data space; If the user does not have access rights, then refusal loads the HPA subregion.
2. computer data security method as claimed in claim 1 is characterized in that, in the described step (2) user to ask to visit the HPA partitioned method as follows:
(2.1) user starts module by one and starts a trigger pip, and this trigger pip is discerned back specific code of formation produces this trigger pip with the expression user purpose through a reception and parsing module;
(2.2) code that is produced by trigger pip is passed in the operating system, monitored process identification.
3. computer data security method as claimed in claim 2 is characterized in that, described startup module is arranged on a button on the computer front panel, perhaps a shortcut on the keyboard.
4. computer data security method as claimed in claim 2 is characterized in that, described reception and parsing module are a circuit board or one section program.
5. computer data security method as claimed in claim 1, it is characterized in that, loading the HPA partitioned method in the described step (2) is: adopt the Mount instruction with virtual mode the HPA subregion to be articulated on the operating system, this HPA subregion embodies in a new disk partition mode, and the Mount instruction adds that trailing parameter is to control the reading and writing authority of this HPA subregion.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101720048A CN101183341A (en) | 2007-12-10 | 2007-12-10 | Computer data security method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101720048A CN101183341A (en) | 2007-12-10 | 2007-12-10 | Computer data security method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101183341A true CN101183341A (en) | 2008-05-21 |
Family
ID=39448627
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101720048A Pending CN101183341A (en) | 2007-12-10 | 2007-12-10 | Computer data security method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101183341A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049223A (en) * | 2012-12-28 | 2013-04-17 | 厦门市美亚柏科信息股份有限公司 | System, device and method for relieving hidden partition of hard disk |
-
2007
- 2007-12-10 CN CNA2007101720048A patent/CN101183341A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049223A (en) * | 2012-12-28 | 2013-04-17 | 厦门市美亚柏科信息股份有限公司 | System, device and method for relieving hidden partition of hard disk |
| CN103049223B (en) * | 2012-12-28 | 2016-01-20 | 厦门市美亚柏科信息股份有限公司 | A kind of release method of hard disc hidden area, device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10909249B2 (en) | Protecting computing devices from unauthorized access | |
| CN101324912B (en) | Credible safety computer | |
| US9047486B2 (en) | Method for virtualizing a personal working environment and device for the same | |
| KR101289581B1 (en) | Method and apparatus for secure scan of data storage device from remote server | |
| JP5724118B2 (en) | Protection device management | |
| RU2321055C2 (en) | Device for protecting information from unsanctioned access for computers of informational and computing systems | |
| CN101373437B (en) | Accessing safety memory by embedded controller to increase system safety | |
| JP5094365B2 (en) | Hard disk drive | |
| JP2008159059A5 (en) | ||
| JP2007034875A (en) | Use management method for peripheral, electronic system and constituent device therefor | |
| CN112083879B (en) | Physical partition isolation and hiding method for storage space of solid state disk | |
| CN109190389A (en) | A kind of solid state hard disk data guard method based on USB flash disk authentication | |
| CN102792308B (en) | For method and the process of the personal identity number input in the consistance software stack in Automatic Teller Machine | |
| CN103823692B (en) | A kind of computer operating system starting method | |
| KR100966236B1 (en) | Computer with authentication type ssd and operating method of it | |
| CN102346716B (en) | Encryption method and decryption method of hard disk storage device and encryption and decryption system used for hard disk storage device | |
| US20220147634A1 (en) | Client authentication and data management system | |
| CN1234130C (en) | System guiding device base on core and method for realizing said guide | |
| CN105279453A (en) | Separate storage management-supporting file partition hiding system and method thereof | |
| CN110807186B (en) | Method, device, equipment and storage medium for safe storage of storage equipment | |
| CN109190365A (en) | A kind of solid state hard disk data protection system based on USB flash disk authentication | |
| CN101183341A (en) | Computer data security method | |
| CN109190364A (en) | A kind of safe U disc for solid state hard disk authentication | |
| CN115390765A (en) | Storage device capable of being internally provided with independent data | |
| KR20110023685A (en) | Solid state disk with authentication function and driving method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: HU NAN QIU ZEYOU PATENT STRATEGIC PLANNING CO., LT Free format text: FORMER OWNER: QIU ZEYOU Effective date: 20101101 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 410011 28/F, SHUNTIANCHENG, NO.59, SECTION 2 OF FURONG MIDDLE ROAD, CHANGSHA CITY, HU NAN PROVINCE TO: 410205 JUXING INDUSTRY BASE, NO.8, LUJING ROAD, CHANGSHA HIGH-TECH. DEVELOPMENT ZONE, YUELU DISTRICT, CHANGSHA CITY, HU NAN PROVINCE |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20101108 Address after: 3, No. 168 middle Tibet Road, No. 200001, Shanghai, Huangpu District Applicant after: Acer Computer (Shanghai) Co., Ltd. Address before: 200120, 36 building, International Building, 360 South Road, Pudong New Area, Pudong, Shanghai, Shanghai Applicant before: Beida Fangzheng Science & Technology Computer System Co., Ltd., Shanghai |
|
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080521 |