CN102831080A - Data security protection method for mobile storage equipment - Google Patents
Data security protection method for mobile storage equipment Download PDFInfo
- Publication number
- CN102831080A CN102831080A CN2012103094868A CN201210309486A CN102831080A CN 102831080 A CN102831080 A CN 102831080A CN 2012103094868 A CN2012103094868 A CN 2012103094868A CN 201210309486 A CN201210309486 A CN 201210309486A CN 102831080 A CN102831080 A CN 102831080A
- Authority
- CN
- China
- Prior art keywords
- data
- operating platform
- storage unit
- encryption
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Disclosed is a data security protection method for mobile storage equipment. The mobile storage equipment comprises an operating platform, a storage unit and an encryption/decryption unit. The operating platform is used for judging read-write modes and controlling reading and write-in of data of the storage unit according to a judged result when data in the storage unit are required to be processed, and the data read-write modes include a standard mode and a private mode. Since the read-write modes including the standard mode and the private mode can be switched to each other, the problem that a database is read or wrote by other users by methods such as acquiring system highest authority through application of a third party is avoided, private files are encrypted into encrypted data incapable of being read and wrote in the standard mode, users can read all content of the database by inputting passwords in the private mode, private data of the users are not easy to disclose, and a reliable data security protection system is formed.
Description
Technical field
The present invention relates to the data security field, relate in particular to a kind of data security protection method of movable storage device.
Background technology
Fast development along with modern communications technology; Treatment capacity to data in communication apparatus is also increasing; Often store a large amount of personal information in the communication apparatus, these communication apparatus comprise microcomputer (PC), notebook computer, mobile phone, USB flash disk, MP3, MP4 etc.Especially for this type of mobile phone portable mobile communication equipment, be convenient to storage data, also lose easily.Along with the popularization of 3G technology and popularizing of smart mobile phone, the function of mobile phone is increasing, no longer only is used for personal consumption, drafts public affairs such as business document, transmitting-receiving Company Mail and be used for processing more and more.Its safety problem also no longer is confined to the individual privacy category, but relates to the information security of tissue more and more.How can various data be carried out security protection, can read and write easily again, this is to need the urgent problem that solves.
Usually, for the safety of data in storage, the user of communication apparatus tends to utilize some encryption methods that the data in the equipment of being stored in are encrypted.In known systems, generally be that selected file or folder is encrypted.Though the technology that has some file or folders to encrypt uses very inconvenience, need select encrypted file or folder during encryption, need decipher file or folder again when in use.Also have some memory devices in addition through file or the file that needs in the database to encrypt is provided with encrypted fields, make it invisible in the ordinary course of things, can only read the data that this encrypted fields is not set, and reach user's private data management.But when being to use this encryption method, other users can not pass through password, but through obtaining system's highest weight limit, method such as third party's program is installed comes reading database, can not effectively guarantee data security.
Summary of the invention
In order to overcome the weak point of the prior art of above-mentioned indication; The present invention provides a kind of data security protection method of movable storage device; To avoid other users, guarantee that user's private data can not revealed easily through utilizing the third party to use to obtain the read and write data problem in storehouse of methods such as system's highest weight limit.
The present invention realizes through following technical scheme:
A kind of data security protection method of movable storage device; Said movable storage device comprises operating platform, storage unit and encryption/decryption element; When needs are handled the data in the storage unit; Operating platform judgment data read-write mode and the data of controlling in view of the above storage unit read or write, and said reading and writing data pattern comprises mode standard and privacy mode:
Under mode standard; When memory device is write data; The original plaintext data that the obtain storage unit of writing direct will be intercepted and captured, resolved to said operating platform; And the data security field is set is non-secret, and during to the memory device reading of data, said operating platform only intercepted data secure fields is the clear data of non-secret;
Under privacy mode; When memory device is write data; Said operating platform will be intercepted and captured, resolve after the original plaintext data encryption that obtains becomes encrypt data, write storage unit, and the data security field is set is secret; During to the memory device reading of data, said operating platform intercept and capture total data and carry out data are directly read or decipher according to the data security field after read.
Further, under privacy mode, when storage unit was write data, said operating platform was intercepted and captured these data and resolve, and through encryption/decryption element data encryption is become encrypt data, by former transformat encrypt data is packed write storage unit then.
Further; Under privacy mode, during to the memory device reading of data, said operating platform is intercepted and captured these data and resolve; Through encryption/decryption element is the encrypt data deciphering of secret to the data secure fields; Obtain the unencrypted clear data, by former transformat clear data is packed then, transfer to operating platform.
In the present invention, the encryption and decryption process of said data adopts des encryption algorithm or 3DES AES.
The operating platform of said movable storage device comprises software platform and hardware platform.Said movable storage device can be computing machine or mobile phone.Said software platform as far as computing machine, comprises Windows, Mac OS operating system; As far as mobile phone, comprise Android, iOS, Symbian operating system.
Compared with prior art, the present invention has overcome the too simple shortcoming of general data guard method, and it is good to have security performance, easy to operate advantage.Through two kinds of reading and writing data patterns can switching each other are set: mode standard and privacy mode; To avoid other users through utilizing the third party to use to obtain the read and write data problem in storehouse of methods such as system's highest weight limit; The secret file encryption is become encrypt data not read-write under mode standard; The user only under privacy mode input can see during password and the full content of database guarantee that user's private data can not revealed easily, form reliable data security protecting system.
Description of drawings
Accompanying drawing 1 is the realization flow synoptic diagram of the data security protection method of movable storage device of the present invention;
Accompanying drawing 2 is for writing the realization flow synoptic diagram of data under the privacy mode of the present invention;
Accompanying drawing 3 is the realization flow synoptic diagram of reading of data under the privacy mode of the present invention.
Embodiment
For the ease of those skilled in the art's understanding, the present invention is done further description below in conjunction with accompanying drawing.
A kind of data security protection method of movable storage device; Said movable storage device comprises operating platform, storage unit and encryption/decryption element; When needs are handled the data in the storage unit; Operating platform judgment data read-write mode and the data of controlling in view of the above storage unit read or write, and said reading and writing data pattern comprises mode standard and the privacy mode that can switch each other:
Under mode standard; When memory device is write data; The original plaintext data that the obtain storage unit of writing direct will be intercepted and captured, resolved to said operating platform; And the data security field is set is non-secret, and during to the memory device reading of data, said operating platform only intercepted data secure fields is the clear data of non-secret;
Under privacy mode; When memory device is write data; Said operating platform will be intercepted and captured, resolve after the original plaintext data encryption that obtains becomes encrypt data, write storage unit, and the data security field is set is secret; During to the memory device reading of data, said operating platform intercept and capture total data and carry out data are directly read or decipher according to the data security field after read.
Said encryption/decryption element is used to read and stores close spoon, utilizes the AES of setting, and the data of reading and writing between operating platform and the storage unit are carried out encryption and decryption.When AES was the DES algorithm, in the encryption and decryption process, this encryption/decryption element read 8 byte passwords of user's input, and was translated into 64 close spoons of scale-of-two, carried out encryption and decryption to reading and writing data.When the close spoon of decrypting process and ciphering process input does not match, then eject dialog box reminder-data deciphering failure.
In one embodiment of this invention, the mutual switching of said mode standard and privacy mode is specified and required the user to check password, and is inconsistent with preset password if the user enters password, and then through ejecting prompting frame prompt modes handoff failure, withdraws from handoff procedure simultaneously.
Shown in accompanying drawing 1, realization flow of the present invention may further comprise the steps:
Steps A 1, operating platform detect the data read/write operation of user to storage unit;
Steps A 2 is judged reading and writing data pattern at this moment, and the data of controlling in view of the above storage unit read or write; When being judged as mode standard and user when implementing data write operation, execution in step A3 is when being judged as mode standard and user when implementing data read operation; Execution in step A4 is when being judged as privacy mode and user when implementing data write operation, execution in step A5; When being judged as privacy mode and user when implementing data read operation, execution in step A6;
Steps A 3 is intercepted and captured and also to be resolved the original plaintext data, and with the data storage unit of writing direct, and the data security field is set is non-secret;
Steps A 4, only the intercepted data secure fields is the clear data of non-secret, and clear data is directly transferred to operating platform;
Steps A 5 is intercepted and captured and also to be resolved the original plaintext data, and data encryption is become write storage unit behind the encrypt data, and the data security field is set is secret;
Steps A 6, whether the judgment data secure fields is secret, if, execution in step A7, otherwise, execution in step A8;
Steps A 7 is with transferring to operating platform after the encrypt data deciphering;
Steps A 8 directly transfers to operating platform with clear data.
Wherein, particularly, shown in accompanying drawing 2, the performing step that writes data under the privacy mode of the present invention comprises:
Step B1, operating platform detect the operation that writes data to storage unit;
Step B2, judgment data read-write mode are privacy mode;
Step B3 intercepts and captures and resolves the original plaintext data;
Step B4, encryption/decryption element read close spoon, utilize the AES of setting that clear data is encrypted to encrypt data;
Step B5 packs encrypt data by former transformat write storage unit;
Step B6, it is secret that the data security field is set.
Wherein, particularly, shown in accompanying drawing 3, the performing step of reading of data comprises under the privacy mode of the present invention:
Step C1, operating platform detect the operation to the storage unit reading of data;
Step C2, judgment data read-write mode are privacy mode;
Step C3 intercepts and captures total data that comprises secret and/or non-private data secure fields and parsing that user's request is read to storage unit;
Step C4, whether the judgment data secure fields is secret, if secret, execution in step C6 then, otherwise, execution in step C5;
Step C5 transfers to operating platform with clear data;
Step C6 reads close spoon, utilizes the decipherment algorithm of setting that encrypt data is decrypted into clear data;
Step C7 presses the clear data packing after former transformat will be deciphered, and transfers to operating platform.
In the present embodiment, the encryption and decryption process of said data adopts des encryption algorithm or 3DES AES.The DES algorithm is the DSE arithmetic in the cipher system, and the Data Encryption Standard that is otherwise known as is the DSE arithmetic AES of American I BM company development in 1972.Data are expressly divided into groups by 64; Long 64 of key; Key in fact is that 56 key step-by-steps of participating in plaintext group and 56 after DES computings (the 8th, 16,24,32,40,48,56,64 is check bit, makes each key that odd number 1 all arranged) are divided into groups substitute or the method for exchange forms the encryption method of ciphertext group.Its suction parameter has three: key, data, mode.Key is the key that encrypting and decrypting uses, and data is the data of encrypting and decrypting, and mode is its mode of operation.When pattern is encryption mode, expressly divide into groups according to 64, form expressly group, key is used for data are encrypted, and when pattern was decryption mode, key was used for data are deciphered.In the practice, during key has only been used 64 56 so just have high security.3DES (or being called Triple DES) uses 3 56 key that data are carried out three times and encrypts, and is the equal of that each data block is used three des encryption algorithms.Because the enhancing of Computing ability, the key length of master DES password becomes easily by Brute Force; 3DES promptly is that design is used to provide a kind of simple relatively method, promptly avoids similar attack through the key length that increases DES.In other embodiments of the invention, said enciphering and deciphering algorithm can also be a kind of in IDEA algorithm, aes algorithm, ECC algorithm and other algorithms or more than one combination.
The operating platform of said movable storage device comprises software platform and hardware platform.Said movable storage device can be computing machine, mobile phone, PDA or possesses other communication apparatus of storage unit.As far as computing machine; This operating platform had both comprised handles prerequisite hardware platform to data; Be central processing unit, control bus, input-output device and other peripherals; Also be included in the software platform that moves on the hardware platform, i.e. operating system, device driver, application software etc.Said operating system as far as computing machine, comprises Windows, Mac OS or other operating system.As far as mobile phone or other mobile communication terminals, said operating platform comprises other hardware in mobile phone and the communication network, also comprises software platform, i.e. mobile phone operating system, application software etc.Said mobile phone operating system comprises Android, iOS, Symbian or other common operating system.
The present invention is through being provided with two kinds of reading and writing data patterns can switching each other: mode standard and privacy mode, and to avoid other users through utilizing the third party to use to obtain the read and write data problem in storehouse of methods such as system's highest weight limit.Under mode standard, the user can free write data to memory device, but can only read the data of the data security field that non-secret is set, and private data is shown as unreadable ciphertext, reaches user's private data management; Under privacy mode; The secret file encryption is become encrypt data not read-write under mode standard; The user can see the full content of database when only under privacy mode, importing password, guarantee that user's private data can not revealed easily, and user-friendly.
Above content is to combine concrete optimal way to the further explain that the present invention did, and should not assert that practical implementation of the present invention is confined to above explanation.For the technician in present technique field, under the prerequisite that does not break away from the present invention's design, can also make some simple deduction or replace, within the protection domain that the claim that all should be regarded as being submitted to by the present invention is confirmed.
Claims (7)
1. the data security protection method of a movable storage device, said movable storage device comprises operating platform, storage unit and encryption/decryption element, it is characterized in that,
When needs were handled the data in the storage unit, operating platform judgment data read-write mode was also controlled the reading and writing data to storage unit in view of the above, and said reading and writing data pattern comprises mode standard and privacy mode:
Under mode standard; When memory device is write data; The original plaintext data that the obtain storage unit of writing direct will be intercepted and captured, resolved to said operating platform; And the data security field is set is non-secret, and during to the memory device reading of data, said operating platform only intercepted data secure fields is the clear data of non-secret;
Under privacy mode; When memory device is write data; Said operating platform will be intercepted and captured, resolve the original plaintext data encryption that obtains and become write storage unit behind the encrypt data; And the data security field is set is secret, during to the memory device reading of data, said operating platform intercept and capture total data and carry out data are directly read or decipher according to the data security field after read.
2. the data security protection method of movable storage device according to claim 1 is characterized in that, under privacy mode, storage unit is write data and may further comprise the steps:
A, said operating platform are intercepted and captured these data and resolve;
B, data encryption is become encrypt data through encryption/decryption element;
C, encrypt data is packed write storage unit by former transformat.
3. the data security protection method of movable storage device according to claim 2 is characterized in that, under privacy mode, the memory device reading of data is comprised following steps:
D, said operating platform are intercepted and captured these data and resolve;
E, if the data security field be non-secret, data are directly transferred to operating platform;
F, if the data security field be secret, through encryption/decryption element encrypt data is deciphered, obtain the unencrypted clear data, by former transformat clear data is packed, transfer to operating platform.
4. according to the data security protection method of each described movable storage device among the claim 1-3, it is characterized in that: the encryption and decryption process of said data adopts des encryption algorithm or 3DES AES.
5. according to the data security protection method of each described movable storage device among the claim 1-3, its step is following: the operating platform of said movable storage device comprises software platform and hardware platform.
6. the data security protection method of movable storage device according to claim 5, its step is following: said software platform comprises Windows, Mac OS operating system to computing machine.
7. the data security protection method of movable storage device according to claim 5, its step is following: said software platform as far as mobile phone, comprises Android, iOS, Symbian operating system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103094868A CN102831080A (en) | 2012-08-28 | 2012-08-28 | Data security protection method for mobile storage equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103094868A CN102831080A (en) | 2012-08-28 | 2012-08-28 | Data security protection method for mobile storage equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102831080A true CN102831080A (en) | 2012-12-19 |
Family
ID=47334226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012103094868A Pending CN102831080A (en) | 2012-08-28 | 2012-08-28 | Data security protection method for mobile storage equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102831080A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105574424A (en) * | 2014-10-16 | 2016-05-11 | 中国移动通信集团广东有限公司 | Big data encryption and decryption processing method and system |
| CN105610845A (en) * | 2016-01-05 | 2016-05-25 | 深圳云安宝科技有限公司 | Data routing method and device based on cloud service and system |
| CN110650191A (en) * | 2019-09-20 | 2020-01-03 | 浪潮电子信息产业股份有限公司 | Data read-write method of distributed storage system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050268116A1 (en) * | 2004-05-14 | 2005-12-01 | Jeffries James R | Electronic encryption system for mobile data (EESMD) |
| CN101308475A (en) * | 2008-07-15 | 2008-11-19 | 中兴通讯股份有限公司 | Safe mobile storage system and method of use thereof |
-
2012
- 2012-08-28 CN CN2012103094868A patent/CN102831080A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050268116A1 (en) * | 2004-05-14 | 2005-12-01 | Jeffries James R | Electronic encryption system for mobile data (EESMD) |
| CN101308475A (en) * | 2008-07-15 | 2008-11-19 | 中兴通讯股份有限公司 | Safe mobile storage system and method of use thereof |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105574424A (en) * | 2014-10-16 | 2016-05-11 | 中国移动通信集团广东有限公司 | Big data encryption and decryption processing method and system |
| CN105574424B (en) * | 2014-10-16 | 2018-10-16 | 中国移动通信集团广东有限公司 | A kind of big data encrypting and deciphering processing method and system |
| CN105610845A (en) * | 2016-01-05 | 2016-05-25 | 深圳云安宝科技有限公司 | Data routing method and device based on cloud service and system |
| CN110650191A (en) * | 2019-09-20 | 2020-01-03 | 浪潮电子信息产业股份有限公司 | Data read-write method of distributed storage system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| CN204595860U (en) | A kind of memory device encryption bridge | |
| CN101551784B (en) | Method and device for encrypting data in ATA memory device with USB interface | |
| US20150242332A1 (en) | Self-encrypting flash drive | |
| CN105656621A (en) | Safety management method for cryptographic device | |
| CN110298186B (en) | Non-key data encryption and decryption method based on dynamic reconfigurable cipher chip | |
| WO2017166362A1 (en) | Esim number writing method, security system, esim number server, and terminal | |
| CN104901810A (en) | Data encryption storage method based on domestic cryptographic algorithm | |
| US20140108818A1 (en) | Method of encrypting and decrypting session state information | |
| CN102831346A (en) | Method and system for file protection | |
| CN105117658A (en) | Password security management method and equipment based on fingerprint authentication | |
| CN101751531A (en) | File encryption device with USB electronic key | |
| CN201716734U (en) | Usb safe storage encryption device | |
| CN102945339A (en) | Data protection system for computer | |
| CN102831080A (en) | Data security protection method for mobile storage equipment | |
| CN102768646A (en) | Serial port hard disk encryption and decryption device | |
| CN103207976A (en) | Mobile storage file leakage-preventing method and confidential U-disk based on same | |
| CN102761559B (en) | Network security based on private data shares method and communication terminal | |
| CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
| CN202600714U (en) | Embedded terminal based on SD (Secure Digital) trusted computing module | |
| CN104346556A (en) | Hard disk security protection system based on wireless security certification | |
| CN201408416Y (en) | Mobile storage device with key splitting and storing mechanism | |
| CN103491384A (en) | Encrypting method and device of video and decrypting method and device of video | |
| CN106911467A (en) | A kind of data confidentiality storage and the method for transmission | |
| CN111159783A (en) | Portable high-speed stream encryption hardware device and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121219 |