CN101236534A - Hard disk encryption method based on PCI card under Window environment - Google Patents
Hard disk encryption method based on PCI card under Window environment Download PDFInfo
- Publication number
- CN101236534A CN101236534A CNA2007101198151A CN200710119815A CN101236534A CN 101236534 A CN101236534 A CN 101236534A CN A2007101198151 A CNA2007101198151 A CN A2007101198151A CN 200710119815 A CN200710119815 A CN 200710119815A CN 101236534 A CN101236534 A CN 101236534A
- Authority
- CN
- China
- Prior art keywords
- hard disk
- pci card
- encryption
- target hard
- hard disc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to the computer safety field, in particular to a method for preventing hard disc data leakage. The invention comprises a PCI card, a section of loading program which is stored in an extensive ROM image of the PCI card, and a section of hard disc enciphering and deciphering program which is stored in a non-extensive ROM of the PCI card, wherein, a loading program monitors the Windows operating system to interrupt read-write of a target hard disc through an INT13H and finishes encryption and decipherment of target hard disc data, and simultaneously the hard disc enciphering and deciphering program is embedded into the Windows operating system when a computer is started; a hard disc enciphering and deciphering program monitors the Windows operating system to read and write the target hard disc through a driver and finishes encryption and decipherment of the target hard disc data. The method for preventing hard disc data leakage is novel in design, and no additional hardware device is needed to be arranged between a mainboard and the hard disc of the computer; the use cost is low, and only the PCI card is needed; the use is convenient, and a hardware sequence number of the PCI card and a hardware sequence number of the target hard disc generate a cryptographic key required by encryption and decipherment; the cryptographic key binds the PCI card and the target hard disc into the relationship of a key and a lock; a user only needs to insert the cryptographic key into a matched PCI card and does not need to input user name and code.
Description
Technical field
The present invention relates to computer safety field, provided a kind of method that prevents that hard disc data from revealing specifically.
Background technology
Along with the level of informatization is more and more higher, it is especially important that information security seems.The data of computing machine generally are stored on the local hard drive, undelegated copying data even directly steal hard disk and can bring serious loss to the computer user.In the scheme that hard disc data reveals hard disc data is encrypted a kind of effective ways of can yet be regarded as numerous preventing.
The HD encryption scheme that exists generally needs in conjunction with complicated hardware equipment at present, and as increase extra hardware device between computer motherboard and hard disk, use cost is higher.In addition, since tightr with combination of hardware, there is compatible problem.
Summary of the invention
The object of the present invention is to provide a kind of cheaply based on the hard disk encryption method of pci card.
Technical scheme of the present invention is:
Comprise a pci card, one section loading procedure that leaves in the pci card expansion ROM reflection, one section HD encryption decrypted program that leaves in the non-expansion ROM of pci card; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the hardware sequence number PID of pci card and the hardware sequence number HID of target hard disk, and (PID HID) calculates the key that the target hard disk encryption and decryption need by function f.
Loading procedure leaves in the reflection of pci card expansion ROM; The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory COOOOH~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
The HD encryption decrypted program leaves in the non-expansion ROM of pci card; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory COOOOH~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing.Loading procedure comes the read-write of supervisory control comuter to target hard disk by the interrupt service routine of revising INT13H.After loading procedure is finished modification, the content of hard disk 0 sector is read in internal memory 0000:7C00 and execution, start Windows operating system from hard disk.In start-up course subsequently, the Windows boot (Osloader.exe) on the hard disk reads registry information and filesystem information by INT13H.Loading procedure monitors the read-write of boot to registration table, call original INT13H interrupt service routine and read registration table on the hard disk to internal memory, and in internal memory, revise the content read, allow on hard disk of boot program loads and non-existent Kernel Driver.When boot read this Kernel Driver by INT13H, loading procedure was redirected to pci card to read operation, read the HD encryption decrypted program that leaves the non-expansion ROM of pci card in.So far, boot has obtained the content of HD encryption decrypted program, and according to the indication of registration table with its Windows operating system of packing into.After boot was finished system initialization work, Windows operating system began to start.This begins constantly, and Windows operating system will abandon using INT13H to interrupt using instead memory devices such as driver access hard disk.Be embedded into the monitoring of the HD encryption decrypted program adapter of Windows operating system nucleus to the target hard disk read-write operation, the data that the deciphering read operation is obtained, the data of encrypting write operation as the disk filter drive program.
The invention has the beneficial effects as follows:
1) modern design.Need between computer motherboard and hard disk, not increase extra hardware device.
2) use cost is low.Only need a pci card.
3) easy to use.The hardware sequence number of pci card and the hardware sequence number of target hard disk produce the key that encrypting and decrypting needs.This key is bound the relation of key and lock with pci card and target hard disk, and the pci card that inserts coupling gets final product, and does not need to import username and password.
Description of drawings
Fig. 1-disk storage driver level synoptic diagram.
The use synoptic diagram of Fig. 2-pci card storage space.
The workflow diagram of Fig. 3-start from pci card.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is described in further detail.The present invention is not limited only to following examples, everyly utilizes mentality of designing of the present invention, and the design of doing some simple change all should enter within protection scope of the present invention.
Pci card is as the carrier of loading procedure and HD encryption decrypted program.Loading procedure leaves in the reflection of pci card expansion ROM, and the HD encryption decrypted program leaves in the non-expansion ROM of pci card, as Fig. 2.
HD encryption decrypted program (DiskSecure.sys) is operated in the Windows operating system nucleus, is positioned between disk driver (Disk.sys) and the subregion driver (PartMgr.sys), as Fig. 1.Behind the Windows os starting, computing machine is finished by input and output request package (IRP) the read-write operation of hard disk.When Windows operating system needs access hard disk, construct corresponding IRP and following layer by layer the biography.The HD encryption decrypted program is analyzed the IRP that the subregion driver hands down: if IRP is read operation, the HD encryption decrypted program sends to disk driver with this IRP earlier, and disk driver returns to the HD encryption decrypted program with this IRP after finishing read operation.The HD encryption decrypted program uses the data among the secret key decryption IRP; After finishing deciphering IRP is returned to Windows operating system.If IRP is a write operation, the HD encryption decrypted program is created a new IRP again according to this IRP, and uses the data among the new IRP that creates of secret key encryption; After finishing encryption, the IRP that newly creates is sent to disk driver.
Need a lot of initialization datas during the Windwos os starting, these data are kept in the registration table.During system start-up, boot reads registration table and finishes initialization operation.Loading procedure monitoring boot is revised the data that boot reads to the read operation of registration table and file system in internal memory.
HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control Class the { hierarchical sequence of UpperFilters key indication disk storage driver among the 4D36E967-E325-11CE-BFC1-08002BE10318}: PartMgr.sys, Diskperf.sys.Wherein Diskperf.sys is that Windows 2000 is exclusive.Here we need make amendment the UpperFilters key assignments in the internal memory, and hierarchical sequence becomes: DiskSecure.sys, PartMgr.sys, Diskperf.sys.In addition, we also need be in internal memory HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet increase the DiskSecure key below the Services key, and HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services increase Start under the DiskSecure key, key assignments such as Group and give corresponding value.Wherein Start=0 represents that DiskSecure.sys packs into when computer starting.After the modification of registry data in the internal memory come into force, boot need be obtained the information of DiskSecure.sys file from file system.Loading procedure intercept and capture boot to SYSTEM32 the visit of DRIVERS directory information, in internal memory, increase the information of DiskSecure.sys, as file size, document location or the like.When boot reads DiskSecure.sys when (DiskSecure.sys does not exist) according to these information on hard disk, loading procedure is read operation and be redirected to pci card, reads the DiskSecure.sys that is placed on the non-expansion ROM of pci card.So far, boot has obtained the content of DiskSecure.sys, and according to the indication of registration table with the DiskSecure.sys Windows operating system of packing into, as shown in Figure 3.
Claims (3)
- Under the Windows environment based on the hard disk encryption method of pci card, it is characterized in that: comprise a pci card, one section loading procedure that leaves in the pci card expansion ROM reflection, one section HD encryption decrypted program that leaves in the non-expansion ROM of pci card; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the hardware sequence number PID of pci card and the hardware sequence number HID of target hard disk, and (PID HID) calculates the key that the target hard disk encryption and decryption need by function f.
- 2. based on the hard disk encryption method of pci card, it is characterized in that under the Windows environment as claimed in claim 1: described loading procedure leaves in the reflection of pci card expansion ROM; The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory C0000H~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
- 3. based on the hard disk encryption method of pci card, it is characterized in that under the Windows environment as claimed in claim 1: described HD encryption decrypted program leaves in the non-expansion ROM of pci card; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101198151A CN101236534A (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on PCI card under Window environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101198151A CN101236534A (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on PCI card under Window environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101236534A true CN101236534A (en) | 2008-08-06 |
Family
ID=39920164
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101198151A Pending CN101236534A (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on PCI card under Window environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101236534A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401928A (en) * | 2013-08-05 | 2013-11-20 | 苏州鼎富软件科技有限公司 | Remote computer monitoring method |
| CN112632515A (en) * | 2020-12-18 | 2021-04-09 | 三未信安科技股份有限公司 | Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on) |
-
2007
- 2007-07-31 CN CNA2007101198151A patent/CN101236534A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401928A (en) * | 2013-08-05 | 2013-11-20 | 苏州鼎富软件科技有限公司 | Remote computer monitoring method |
| CN103401928B (en) * | 2013-08-05 | 2016-07-06 | 国家电网公司 | Remote computer monitors method |
| CN112632515A (en) * | 2020-12-18 | 2021-04-09 | 三未信安科技股份有限公司 | Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on) |
| CN112632515B (en) * | 2020-12-18 | 2022-12-13 | 三未信安科技股份有限公司 | Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on) |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4822646B2 (en) | Generating a key hierarchy for use in an isolated execution environment | |
| KR101081118B1 (en) | System and method for securely restoring a program context from a shared memory | |
| KR101397637B1 (en) | Method and apparatus including architecture for protecting multi-user sensitive code and data | |
| US8838950B2 (en) | Security architecture for system on chip | |
| JP5175856B2 (en) | Protection and method of flash memory block in secure device system | |
| US20090240953A1 (en) | On-disk software image encryption | |
| WO2011114655A1 (en) | Information processing device, virtual machine generation method, and application software distribution system | |
| US20080082447A1 (en) | Portable Mass Storage Device With Virtual Machine Activation | |
| KR101054981B1 (en) | Computer-implemented methods, information processing systems, and computer-readable recording media for securely storing the context of a program | |
| EP2264640B1 (en) | Feature specific keys for executable code | |
| WO2009107330A1 (en) | Information processor and method for controlling the same | |
| WO1992014209A1 (en) | Encryption apparatus for computer device | |
| KR20140051350A (en) | Digital signing authority dependent platform secret | |
| CN101334827A (en) | Magnetic disc encryption method and magnetic disc encryption system for implementing the method | |
| CN101236532B (en) | Hard disk encryption method based on USB equipment under Window environment | |
| US8108905B2 (en) | System and method for an isolated process to control address translation | |
| CN103823692A (en) | Computer operating system starting method | |
| KR20090048581A (en) | Portable mass storage with virtual machine activation | |
| CN102073597A (en) | Full disk encryption method of operating system disk based on user identity authentication | |
| EP3785149B1 (en) | Memory assignment for guest operating systems | |
| US8086873B2 (en) | Method for controlling file access on computer systems | |
| CN101236535B (en) | Hard disk encryption method based on optical disk under Window environment | |
| CN101236534A (en) | Hard disk encryption method based on PCI card under Window environment | |
| CN101236533B (en) | Method for realizing hard disk write-protecting lock based on PCI card under Windows environment | |
| CN116842529B (en) | Computer program product, software running method and related device thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080806 |