Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, long-range secrecy system and the long-range time slot scrambling of solid state hard disc of the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
Embodiment one
The long-range secrecy system of a kind of solid state hard disc of the present invention comprises the control platform and carries out platform; Described control platform is used for generating control command;
Described execution platform comprises communication unit, control module, the first storage unit and the second storage unit; Described communication unit is used for the radio communication between realization control platform and the control module; Described control module is controlled the first storage unit and/or the second storage unit according to control command;
The first storage unit comprises the first power module, the first storage array and the first storage array controllers; Described the first power module provides power supply for the first storage array and the first storage array controllers; The first power module and the first storage array controllers communicate to connect with control module respectively;
The second storage unit comprises the second source module, the second storage array and the second storage array controllers; Described second source module provides power supply for the second storage array and the second storage array controllers; Second source module and the second storage array controllers communicate to connect with control module respectively.
Preferably, described control command comprises lock command;
Described control module is carried out lock command: generate the first power control signal and second source control signal according to lock command;
Described the first power control signal is controlled the first power cut-off; The first storage array and the first storage array controllers are quit work, and the first storage array canned data is invisible;
The energising of described second source control signal control second source; Make the second storage array and the second storage array controllers maintenance work, the second storage array canned data as seen.
Preferably, described control command also comprises activation command;
Described control module is carried out activation command: generate the first power control signal and second source control signal according to activation command;
Described the first power control signal is controlled the energising of the first power supply; Make the first storage array and the first storage array controllers maintenance work, the first storage array canned data as seen;
The outage of described second source control signal control second source; The second storage array and the second storage array controllers are quit work, and the second storage array canned data is invisible.
Preferably, described control command comprises erase command;
Described control module is carried out erase command: generate the first power control signal and the first storage array controllers control signal according to erase command;
Described the first power control signal is controlled the energising of the first power supply, and the first storage array controllers control signal is controlled the first storage array controllers the first storage array is carried out erase operation, wipes the first storage array canned data.
Preferably, described control command comprises and wipes again lock command;
Described control module is carried out and is wiped again lock command: generate the first power control signal and the first storage array controllers control signal and second source control signal according to wiping lock command again;
Described the first power control signal is controlled the energising of the first power supply, and the first storage array controllers control signal is controlled the first storage array controllers the first storage array is carried out erase operation, wipes the first storage array canned data;
Wipe finish after:
Described the first power control signal is controlled the first power cut-off; The first storage array and the first storage array controllers are quit work, and the first storage array canned data is invisible;
The energising of described second source control signal control second source; Make the second storage array and the second storage array controllers maintenance work, the second storage array canned data as seen.
Preferably, receive after the control command, described control module judges whether the control platform that sends control command has the authority that sends control command;
When having the authority that sends described control command, described control module is carried out corresponding control command;
When not having the authority that sends described control command, described control module sends a warning message, and finishes.
Preferably, described control platform comprises control platform SIM card, and described control platform SIM card stores the first authorization information and the first bound secret; Described control module stores initial authentication information and initial bound secret; Described execution platform comprises carries out the platform SIM card; Wherein, SIM card is identification card; The number of IMSI (International Mobile Subscriber Identity, international mobile subscriber identity) for distributing for mobile subscriber of unique identification in the world.That is: each SIM card has unique IMSI information.
Insert first when carrying out the platform SIM card, the first authorization information that the control platform sends and the initial authentication information content matching of control module, then control module realizes the flash memory of the IMSI information write control unit of execution platform SIM card in place with execution platform SIM card in place and the binding of execution platform; Execution platform SIM card in place with carry out the execution platform SIM card that is called after the platform binding after the binding;
After the platform SIM card is carried out in binding, the information of the platform SIM card card number to be controlled such as control module transmission and the first bound secret; The first bound secret that the control platform sends is consistent with the initial bound secret of control module, and then control module will be controlled the flash memory of platform SIM card card number write control unit; Become after the control platform is bound with the execution platform control of authority platform is arranged.
Preferably, when whether the control platform that judge to send control command has the authority that sends control command, control module will send the control platform SIM card card number that authority is arranged of storing in the control platform SIM card card number of control command and the control module and contrast:
Unanimously, the control platform that then sends control command has the authority that sends control command;
Inconsistent, the control platform that then sends control command does not have the authority that sends control command.
Preferably, described control platform SIM card stores changes the card authorization information, and described control module stores and initially changes the card authorization information;
When change carrying out the platform SIM card, the control platform sends change card authorization information and control module initially change card authorization information content matching, then control module is bound new execution platform SIM card in place and execution platform.
Preferably, when control command is erase command and the control platform that sends erase command when having the authority that sends erase command, described control module will judge also whether the first storage unit is in the lock state:
Be in the lock state:
Control module will activate the first storage unit in the first setting-up time:
In the first setting-up time, do not activate the first storage unit: finish, do not carry out erase command;
Activate the first storage unit in the first setting-up time: control module is confirmed whether to carry out erase command with the control platform;
The control platform is confirmed to carry out erase command at the second setting-up time, carries out erase command;
The control platform is not confirmed to carry out erase command at the second setting-up time, does not carry out erase command;
Be not in the lock state: control module is confirmed whether to carry out erase command with the control platform;
The control platform is confirmed to carry out erase command at the second setting-up time, carries out erase command;
The control platform is not confirmed to carry out erase command at the second setting-up time, does not carry out erase command.
Embodiment two
The long-range secrecy system of the solid state hard disc among the embodiment one, when the control platform adopts user mobile phone, carry out platform as shown in Figure 1, comprise Anneta module 101, gsm module 102, MCU module 103, PCIE interface 104, PCIE/SATA protocol converter 105, power module A106, SATA controller A107, Flash array A108, power module B109, SATA controller B110 and Flash array B111.
Wherein, Anneta module 101 and gsm module 102 (both integral body are communication unit), the function of described Anneta module 101 is to receive user mobile phone by the short message signal of wireless base station transmission and the short message signal of emission gsm module 102 transmissions; Gsm module 102 is responsible for receiving and sending short message; GSM: i.e. Global System of Mobile communication, global system for mobile communications.As everyone knows, CDMA2000 module, TD-CDMA module, WCDMA module are equally applicable to the present invention, can finish equally reception and the sending function of information.Carrying out the platform SIM card can be installed in the gsm module 102.
Wherein, MCU module 103 (being control module); MCU: i.e. Micro Control Unit, micro-control unit;
Wherein, power module A106 (i.e. the first power module), SATA controller A107 (i.e. the first storage array controllers), Flash array A108 (i.e. the first storage array), whole i.e. the first storage unit of three;
Power module B109 (being the second source module), SATA controller B110 (i.e. the second storage array controllers) and Flash array B111 (i.e. the second storage array), whole i.e. the second storage unit of three;
Wherein, PCIE interface 104 is responsible for being connected with various types of other computer motherboard, to realize the connection of each signal wire.
Wherein, PCIE/SATA protocol converter 105 is responsible for PCIE signals with mainboard and is converted the SATA signal that SATA controller A107 and SATA controller B110 can identify and can process to, cooperates simultaneously the selection of power module, realizes the bridge joint of signal.
When the user sent lock command (being that control command is lock command), MCU module 103 (being control module) read lock command and the execution that the user sends from gsm module 102:
MCU module 103 (being control module) is set to enabled state with locking signal A (i.e. the first power control signal), simultaneously locking signal B (being the second source control signal) is set to enabled state.
At this moment, SATA controller A107 and the Flash array A108 by power module A106 power supply is in off-position; For the user, the data of the upper storage of Flash array A108 are sightless; On the contrary, SATA controller B110 and the Flash array B111 by power module B109 power supply is in power supply state; For the user, pre-stored data on Flash array B111 are visible, have guaranteed like this security of confidential data.Be that Flash array A108 (or saying the first storage unit) is in the lock state.
When the user sent erase command (being that control command is erase command), MCU module 103 (being control module) read erase command and the execution that the user sends from gsm module 102:
It is constant that MCU module 103 (being control module) is kept former enabled state with locking signal A (i.e. the first power control signal), erase signal A (i.e. the first storage array controllers control signal) is set to effectively, trigger the erase feature of SATA controller A107, SATA controller A107 will carry out Flash array A108 irrecoverable to erase operation; Guarantee the security of data with this, this wiping is irrecoverable arriving certainly, even the user fetches this dish again, also can't recover data.
When lock command (being that control command is to wipe again lock command) was wiped in user's transmission again, MCU module 103 (being control module) was also carried out from the lock command of wiping again that gsm module 102 reads user's transmission:
It is constant that MCU module 103 (being control module) is kept former enabled state with locking signal A (i.e. the first power control signal), erase signal A (i.e. the first storage array controllers control signal) is set to effectively, trigger the erase feature of SATA controller A107, SATA controller A107 will carry out Flash array 108 irrecoverable to erase operation;
Then MCU module 103 (being control module) is set to enabled state with locking signal A (i.e. the first power control signal), simultaneously locking signal B (being the second source control signal) is set to enabled state.
At this moment, SATA controller A107 and the Flash array A108 by power module A106 power supply is in off-position; For the user, the data of storage are sightless on the Flash array 108;
On the contrary, SATA controller B110 and the Flash array B111 by power module A109 power supply is in power supply state; For the user, pre-stored data on Flash array B111 are visible.
Dual operation can better guarantee the security of user data.Preferably, SATA controller of the present invention can be selected the Barefoot ECO controller of INDILINX company.
Embodiment three
The long-range time slot scrambling of solid state hard disc of the present invention may further comprise the steps:
Step S10: the control platform sends control command to carrying out platform;
Step S20: carry out platform according to control command, the first storage unit and/or the second storage unit are controlled; Wherein, the first storage unit comprises the first power module, the first storage array and the first storage array controllers; Described the first power module provides power supply for the first storage array and the first storage array controllers; The second storage unit comprises the second source module, the second storage array and the second storage array controllers; Described second source module provides power supply for the second storage array and the second storage array controllers;
When control command is lock command:
Control the first power cut-off; The first storage array and the first storage array controllers are quit work, and the first storage array canned data is invisible;
The energising of control second source; Make the second storage array and the second storage array controllers maintenance work, the second storage array canned data as seen.
Preferably, when control command be activation command;
Control the energising of the first power supply; Make the first storage array and the first storage array controllers maintenance work, the first storage array canned data as seen;
The outage of control second source; The second storage array and the second storage array controllers are quit work, and the second storage array canned data is invisible.
Preferably, when control command is erase command:
Control the energising of the first power supply, control the first storage array controllers the first storage array is carried out erase operation, wipe the first storage array canned data.
Preferably, when control command be to wipe when locking again:
Control the energising of the first power supply, control the first storage array controllers the first storage array is carried out erase operation, wipe the first storage array canned data;
Wipe finish after:
Control the first power cut-off; The first storage array and the first storage array controllers are quit work, and the first storage array canned data is invisible;
The energising of control second source; Make the second storage array and the second storage array controllers maintenance work, the second storage array canned data as seen.
Preferably, after receiving control command, judge whether the control platform that sends control command has the authority that sends control command;
When having the authority that sends described control command, carry out corresponding control command;
When not having the authority that sends described control command, send a warning message, finish.
Preferably, before step S10, also comprise and carry out the platform SIM card, control platform SIM card respectively with the step S00 that carries out the platform binding, as shown in Figure 2, step S00 following steps:
Step 201: the platform SIM card is carried out in queued for log-on or replacing;
Whether step 202: it is in place to detect execution platform SIM card:
Carry out the platform SIM card when not in place detecting: operating procedure 203;
Carry out the platform SIM card when in place detecting: operating procedure 204;
Step 203: described control module is carried out lock command;
Step 204: read the IMSI information of carrying out the platform SIM card;
Step 205: control module reads the IMSI information of its flash memory;
Step 206: control module will be carried out the IMSI information contrast of platform SIM card IMSI information and control unit flash memory;
When the IMSI of control module flash memory information is sky, is judged as to insert first and carries out the platform SIM card; Operating procedure 207;
When not mating when the IMSI of control module flash memory information non-NULL and with execution land identification card IMSI information in place, be judged as to change and carry out the platform SIM card; Operating procedure 215:
Inserting first execution platform SIM card may further comprise the steps:
Step 207: the control platform sends the first authorization information; Wherein said the first authorization information is used for judging whether that with carrying out platform be corresponding;
Step 208: control module judge the first authorization information that the control platform sends whether with the initial authentication information content matching that is stored in its flash memory:
If coupling, then controlling platform is corresponding with carrying out platform, enters step 210:
If do not mate, enter step 209;
Step 209: whether control module statistical testing of business cycles number of times reaches 3 times:
If reach 3 times, then enter step 203;
If do not have 3 times, then reenter step 207;
Step 210: in the IMSI information write control unit flash memory of control module with execution platform SIM card in place, realize execution platform SIM card in place and the binding of execution platform; Execution platform SIM card in place with carry out the execution platform SIM card that is called after the platform binding after the binding;
Step 211: notice control platform sends SIM card card number and first bound secret of the control platform of waiting for binding, and wherein, the first bound secret is used for judging whether that the control platform SIM card with waiting for binding is tied to the execution platform;
Step 212: the control platform sends SIM card card number and first bound secret of the control platform of waiting for binding;
Step 213: control module judge to wait for whether the initial bound secret of preserving in the flash memory of the first bound secret and control module of control platform of binding is consistent:
Unanimously: then enter step 214;
Inconsistent: as then to reenter step 211;
Step 214: control module will be waited in the flash memory of SIM card card number write control unit of control platform of binding; Being called after waiting for the control platform SIM card of binding and carrying out the platform binding has the control of authority platform SIM card, and becoming after waiting for the control platform of binding and carrying out the platform binding has the control of authority platform; Operating procedure 219;
Changing execution platform SIM card may further comprise the steps:
Step 215: notice has the control platform transmission of authority to change the card authorization information, and notifies simultaneously the card number of the execution platform SIM card of the control new platform that authority is arranged; Wherein, change the card authorization information and be used for judging whether to change card;
Step 216: have the control platform of authority to change the card authorization information to the card number transmission of new execution platform SIM card, verify;
If have that the control platform of authority sends change card authorization information and control module flash memory initially to change the card authorization information consistent, then enter step 218;
If have that the control platform of authority sends change card authorization information and control module flash memory initially to change the card authorization information consistent, enter step 217;
Step 217: whether control module statistical testing of business cycles number of times reaches 3 times:
If reach 3 times, then enter step 203;
If do not reach 3 times, then enter step 215;
Step 218: in the flash memory of control module with the IMSI information updating write control unit inside of new execution platform SIM card, bind new execution platform SIM card;
Step 219: finish.
Preferably, after receiving control command, judge whether the control platform that sends control command has the authority that sends control command;
When having the authority that sends described control command, carry out corresponding control command;
When not having the authority that sends described control command, send a warning message, finish.
Preferably, when whether the control platform that judge to send control command has the authority that sends control command, control module will send the control platform SIM card card number that authority is arranged of storing in the control platform SIM card card number of control command and the control module and contrast:
Unanimously, the control platform that then sends control command has the authority that sends control command;
Inconsistent, the control platform that then sends control command does not have the authority that sends control command.
Preferably, when control command is erase command and the control platform that sends erase command when having the authority that sends erase command, described control module will judge also whether the first storage unit is in the lock state:
Be in the lock state:
Control module will activate the first storage unit in the first setting-up time:
In the first setting-up time, do not activate the first storage unit: finish, do not carry out erase command;
Activate the first storage unit in the first setting-up time: control module is confirmed whether to carry out erase command with the control platform;
The control platform is confirmed to carry out erase command at the second setting-up time, carries out erase command;
The control platform is not confirmed to carry out erase command at the second setting-up time, does not carry out erase command;
Be not in the lock state: control module is confirmed whether to carry out erase command with the control platform;
The control platform is confirmed to carry out erase command at the second setting-up time, carries out erase command;
The control platform is not confirmed to carry out erase command at the second setting-up time, does not carry out erase command.
Embodiment four
The flow process of the long-range time slot scrambling of the solid state hard disc among the long-range secrecy system realization embodiment three of the solid state hard disc among the embodiment two is as follows.
As shown in Figure 3, locking flow comprises the steps:
Step 301:GSM module receives the lock command that the user sends, and the MCU module reads lock command;
User's SIM card (namely controlling the platform SIM card) card number that step 302:MCU module will send lock command compares with user's SIM card (the control platform SIM card that the authority is namely arranged) card number that is kept in the MCU inside modules flash memory (flash);
Step 303:MCU module judges whether the user's SIM card card number that sends lock command has the authority that sends lock command: the user's SIM card card number that sends lock command is consistent with the user's SIM card card number in the MCU inside modules flash memory (flash), and the authority that sends lock command is then arranged; Inconsistent, then do not send the authority of lock command;
If do not send the authority of lock command, then enter step 304;
If the authority that sends lock command is arranged, then enters step 305;
Step 304: the execution platform SIM card of binding sends a warning message to user's SIM card that authority is arranged; Operating procedure 307;
Step 305: carry out lock command: MCU module 103 reads the lock command that the user sends from gsm module 102: MCU module 103 is set to enabled state with locking signal A, simultaneously locking signal B is set to enabled state; At this moment, SATA controller A107 and the Flash array A108 by power module A106 power supply is in off-position; For the user, the data of the upper storage of Flash array A108 are sightless; On the contrary, SATA controller B110 and the Flash array B111 by power module B109 power supply is in power supply state; For the user, pre-stored data on Flash array B111 are visible;
After step 306:MCU module is finished lock command, send confirmation to user's SIM card card number that authority is arranged, inform that the user has finished lock command;
Step 307: finish locking flow.
As shown in Figure 4, activation process comprises the steps:
Step 401:GSM module receives the activation command that the user sends, and the MCU module reads activation command;
User's SIM card (namely controlling the platform SIM card) card number that step 402:MCU module will send activation command compares with user's SIM card (the control platform SIM card that the authority is namely arranged) card number that is kept in the MCU inside modules flash memory (flash);
Step 403:MCU module judges whether the user's SIM card card number that sends activation command has the authority that sends activation command: the user's SIM card card number that sends activation command is consistent with the user's SIM card card number in the MCU inside modules flash memory (flash), and the authority that sends activation command is then arranged; Inconsistent, then do not send the authority of activation command;
If do not send the authority of activation command, then enter step 404;
If the authority that sends activation command is arranged, then enters step 405;
Step 404: the execution platform SIM card of binding sends a warning message to user's SIM card that authority is arranged; Operating procedure 407;
Step 405: carry out activation command: MCU module 103 reads the activation command that the user sends from gsm module 102: MCU module 103 is set to enabled state with locking signal A, simultaneously locking signal B is set to enabled state; At this moment, SATA controller A107 and the Flash array A108 by power module A106 power supply is in power supply state; SATA controller B110 and the Flash array B111 of power module B109 power supply are in off-position; For the user, the data of the upper storage of Flash array A108 are visible; On the contrary, the data on the Flash array B111 are sightless;
After step 406:MCU module is finished activation command, send confirmation to user's SIM card card number that authority is arranged, inform that the user has finished activation command;
Step 407: finish activation process.
As shown in Figure 5, wiping flow process comprises the steps:
Step 501:GSM module receives the erase command that the user sends, and the MCU module reads erase command;
User's SIM card (namely controlling the platform SIM card) card number that step 502:MCU module will send erase command compares with user's SIM card (the control platform SIM card that the authority is namely arranged) card number that is kept in the MCU inside modules flash memory (flash);
Step 503:MCU module judges whether the user's SIM card card number that sends activation command has the authority that sends erase command: the user's SIM card card number that sends erase command is consistent with the user's SIM card card number in the MCU inside modules flash memory (flash), and the authority that sends erase command is then arranged; Inconsistent, then do not send the authority of erase command;
If do not send the authority of erase command: then enter step 504;
If the authority that sends erase command is arranged: then enter step 505;
Step 504: the execution platform SIM card of binding sends a warning message to user's SIM card that authority is arranged; Operating procedure 513;
Step 505: whether decision data dish (being Flash array A108) is in the lock state:
If be in the lock state, enter step 506;
If be not in the lock state, enter step 509;
Step 506: the execution platform SIM card of binding sends a warning message to user's SIM card that authority is arranged, and informs that user data dish (being Flash array A108) is in the lock state, and can't finish erase operation, needs the user to send activation command;
Step 507: wait for that the user sends the order of activation data dish (being Flash array A108);
Step 508: judge whether data disks (being Flash array A108) is activated in official hour T1:
If data disks (being Flash array A108) is activated, then enter step 509;
If data disks (being Flash array A108) is not activated, then enter step 513;
Step 509: the execution platform SIM card of binding sends confirmation to user's SIM card that authority is arranged, and confirms whether the user determines to want obliterated data dish (being Flash array A108) data;
Step 510: have user's SIM card of authority whether to confirm in the T2 at the appointed time:
If confirm in the stipulated time T2, then enter step 511;
If do not confirm in the stipulated time T2, then enter step 513;
Step 511: carry out erase command: MCU module 103 reads the erase command that the user sends from gsm module 102: it is constant that MCU module 103 is kept former enabled state with locking signal A, and erase signal A is set to effectively, triggers the erase feature of SATA controller A107; SATA controller A107 will carry out Flash array A108 irrecoverable to erase operation, guarantee the security of data with this;
After SATA controller A107 finishes erase operation, will wipe settling signal A and be set to effectively, the MCU module detects that to wipe settling signal A effective, and expression SATA controller A107 has finished erase operation;
Step 512: when the MCU module detect SATA controller A107 finish erase signal effectively after, be sent completely erase command information to user's SIM card that authority is arranged, inform that the user has finished erase command;
Step 513: finish to wipe flow process.
As shown in Figure 6, wiping again, locking flow comprises the steps:
Step 601:GSM module receives the again lock command of wiping of user's transmission, and the MCU module reads wipes again lock command;
User's SIM card (namely controlling the platform SIM card) card number that step 602:MCU module is wiped transmission again lock command compares with user's SIM card (the control platform SIM card that the authority is namely arranged) card number that is kept in the MCU inside modules flash memory (flash);
The judgement of step 603:MCU module sends the authority whether user's SIM card card number of wiping again lock command has transmission to wipe lock command again: it is consistent with the user's SIM card card number in the MCU inside modules flash memory (flash) to send user's SIM card card number of wiping again lock command, then has to send the authority of wiping again lock command; Inconsistent, then there is not to send the authority of wiping again lock command;
If do not have to send the authority of wiping again lock command, then enter step 604;
Send the authority of wiping again lock command if having, then enter step 605;
Step 604: the execution platform SIM card of binding sends a warning message to user's SIM card that authority is arranged; Operating procedure 608;
Step 605: carry out erase command;
Step 606: carry out lock command;
After step 607:MCU module is finished and wiped lock command again, send confirmation to user's SIM card card number that authority is arranged, inform that the user has finished to wipe again lock command;
Step 608: finish to wipe again locking flow.
The long-range secrecy system of solid state hard disc of the present invention and long-range time slot scrambling, after the solid state hard disc that stores significant data is lost, can pass through the GSM network, selection according to the user locks, wipes, wipes lock operation to the data of storing in the solid state hard disc, guarantees that effectively the user is stored in the security of confidential data on the solid state hard disc; Prevent that the significant data on the solid state hard disc from divulging a secret, cause damage to the end user.
Should be noted that at last that obviously those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these revise and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification.