CN103235905A - DUDP real-time data protection method - Google Patents
DUDP real-time data protection method Download PDFInfo
- Publication number
- CN103235905A CN103235905A CN2013101510026A CN201310151002A CN103235905A CN 103235905 A CN103235905 A CN 103235905A CN 2013101510026 A CN2013101510026 A CN 2013101510026A CN 201310151002 A CN201310151002 A CN 201310151002A CN 103235905 A CN103235905 A CN 103235905A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- clouds
- subscriber computer
- dudp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a DUDP real-time data protection method. By the aid of kernel virtual driving and cloud computing, a virtual file system is mounted on a computer, data are transmitted to a cloud end, data storage safety is ensured for a user, the data are protected in real time, the important data of the user are stored at the cloud end, and version management and disaster recovery of the important data are realized.
Description
Technical field
The present invention relates to data protection, cloud computing field, particularly design data protection Kernel Technology.
Background technology
The computer user adopts usually data and directly uses symmetric cryptographic algorithm at present, to file encryption and disc driver encipherment protection and transparent encryption.These data protection means all are to be encrypted as the basis; their common feature is that speed is fast; with strong points; and information storage is flexible; but shortcoming is the file that is protected still might be stolen; by the dictionary means certain probability Brute Force is arranged, and under the situation of system crash and disk failure, cause loss of data.
Summary of the invention
Purpose of the present invention solves the storage of subscriber data safety problem exactly, and data are carried out real-time guard, and user's significant data is carried out the high in the clouds storage, and version management and disaster recovery.
The specific implementation method: a kind of data guard method of computing machine, it is characterized in that computer data is carried out real-time guard and has data version management and the high in the clouds disaster recovery capability, may further comprise the steps:
A loads inner nuclear layer and drives on subscriber computer, carry virtual unit system module is on the subscriber computer physical equipment, make all disk operating of user be caught by virtual unit, the process that only has lawful authority simultaneously can have access to the file of virtual unit.
B virtual unit system module does not use subscriber computer physical hard disk space, but directly the read-write requests of application program is sent to high in the clouds.
C high in the clouds is after the request that writes that receives subscriber computer, be optimized according to user place network node, it converts the request of data of server this locality of the nearest node of user to, write the physical storage medium of server again, read according to user's request of reading simultaneously, read respective data transfer reuse family local computer.
The D subscriber computer is under the situation that network interrupts, and file can temporarily write local physical storage medium, carries out real-time guard according to the process feature of current accessed file, it is characterized by the SHA1 cryptographic hash.
2, a kind of DUDP data guard method according to claim 1; it is characterized in that; in the described steps A: the process of user file and access file is protected; have only the data of the correct legal process of effect cryptographic hash in can accesses virtual equipment, and concrete bottom operation is sightless for consumer process.
3, a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step B: in the digitizing environment, virtual system uses network that the data that will write local disk in the internal memory and program are read data in real time, imports high in the clouds in real time into.
4, a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step C: distributed structure/architecture is adopted in high in the clouds; user machine system can be connected to fastest network node automatically; its disk writes actual the writing that request is converted into the server physical storage medium automatically, and writes according to time sequencing.Under the needs situation, retrace automatically, disaster recovery are to some states before.High in the clouds at one's leisure between can according to the user often the network node of visit carry out data-optimizedly, guarantee that all the time user's reading speed reaches best.
5, a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step D: subscriber computer is when running into long-time or accidental network interruption; for the continuity that guarantees that subscriber computer uses; data can be by temporary in the physical hard disk space of subscriber computer, and in the legitimacy of the strict checking data visit of inner nuclear layer process, implements protection and the process that prevents is injected; in case network connection is recovered, data are understood automatically and carry out synchronously in high in the clouds.
Beneficial effect of the present invention is:
Significant data leaves high in the clouds in, even subscriber computer is stolen or hacker attacks, all is difficult to steal data, gives the user real-time guard.
Description of drawings
Fig. 1 is DUDP real time data guard method synoptic diagram.A is high in the clouds comprehensive server cluster among the figure, and B is the storage server cluster, and C is subscriber computer among the figure, and D opens file for the user is current among the figure, and E is the virtual unit system module among the figure, and F is the subscriber computer storage medium.
Embodiment
Embodiment one: comprise following step:
A. build the cloud service platform.
B. subscriber computer carry virtual unit system module.
C. virtual device modules and cloud service platform are mutual.
In the present embodiment, steps A uses the server with independent IP as master server (as the A of Fig. 1), many platform independent IP department server is deployed on the each department network node, simultaneously every station server all the deployment-specific data storage server ((as the B of Fig. 1), the service-strong Transmission Control Protocol communicates between the server.
In the present embodiment, step B uses the virtual file Driving technique, catches All Files and writes read operation, and therefrom carry out data screening (as the E of Fig. 1).Screening rule is: the process of having only filename and SHA1 cryptographic hash all to meet is hunted down, and the request of all-access file is converted into network packet, is transferred to (as the A of Fig. 1) cloud service platform.
In the present embodiment, among the step C, the Cloud Server platform receives after the packet that operation is handled and filed to All Files, and its principle is: 1. create new file operation meeting server retain unique file ID sign as: 0x00000001 writes corresponding data simultaneously and reads corresponding data.2 when change takes place in file, can create new file again, and the file ID before storing, and so just version is before arrived in retrace arbitrarily.
Claims (5)
1. the data guard method of a computing machine is characterized in that computer data is carried out real-time guard and has data version management and the high in the clouds disaster recovery capability, may further comprise the steps:
A loads inner nuclear layer and drives on subscriber computer, carry virtual unit system module is on the subscriber computer physical equipment, make all disk behaviour of user be caught by virtual unit earlier, the process that only has lawful authority simultaneously can have access to the file of virtual unit.
B virtual unit system module does not use subscriber computer physical hard disk space, but directly the read-write requests of application program is sent to high in the clouds.
C high in the clouds is after the request that writes that receives subscriber computer, be optimized according to user place network node, it converts the request of data of server this locality of the nearest node of user to, write the physical storage medium of server again, read according to user's request of reading simultaneously, read respective data transfer reuse family local computer.
The D subscriber computer is under the situation that network interrupts, and file can temporarily write local physical storage medium, carries out real-time guard according to the process feature of current accessed file, it is characterized by the SHA1 cryptographic hash.
2. a kind of DUDP data guard method according to claim 1; it is characterized in that; in the described steps A: the process of user file and access file is protected; have only the data of the correct legal process of effect cryptographic hash in can accesses virtual equipment, and concrete bottom operation is sightless for consumer process.
3. a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step B: in the digitizing environment, virtual system uses network that the data that will write local disk in the internal memory and program are read data in real time, imports high in the clouds in real time into.
4. a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step C: distributed structure/architecture is adopted in high in the clouds; user machine system can be connected to fastest network node automatically; its disk writes actual the writing that request is converted into the server physical storage medium automatically, and writes according to time sequencing.Under the needs situation, retrace automatically, disaster recovery are to some states before.High in the clouds at one's leisure between can according to the user often the network node of visit carry out data-optimizedly, guarantee that all the time user's reading speed reaches best.
5. a kind of DUDP data guard method according to claim 1; it is characterized in that; among the described step D: subscriber computer is when running into long-time or accidental network interruption; for the continuity that guarantees that subscriber computer uses; data can be by temporary in the physical hard disk space of subscriber computer, and in the legitimacy of the strict checking data visit of inner nuclear layer process, implements protection and the process that prevents is injected; in case network connection is recovered, data are understood automatically and carry out synchronously in high in the clouds.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101510026A CN103235905A (en) | 2013-04-27 | 2013-04-27 | DUDP real-time data protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101510026A CN103235905A (en) | 2013-04-27 | 2013-04-27 | DUDP real-time data protection method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103235905A true CN103235905A (en) | 2013-08-07 |
Family
ID=48883945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013101510026A Pending CN103235905A (en) | 2013-04-27 | 2013-04-27 | DUDP real-time data protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103235905A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104408086A (en) * | 2014-11-07 | 2015-03-11 | 北京奇虎科技有限公司 | System and method for overall processing of data |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| CN101986651A (en) * | 2010-08-26 | 2011-03-16 | 上海网众信息技术有限公司 | Remote storage method, remote storage system and client |
| CN102035884A (en) * | 2010-12-03 | 2011-04-27 | 华中科技大学 | Cloud storage system and data deployment method thereof |
| CN102214127A (en) * | 2010-11-15 | 2011-10-12 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| US20110264786A1 (en) * | 2010-03-17 | 2011-10-27 | Zerto Ltd. | Methods and apparatus for providing hypervisor level data services for server virtualization |
| CN102523270A (en) * | 2011-12-09 | 2012-06-27 | 成都东方盛行电子有限责任公司 | Method for realizing cloud storage |
| CN102685148A (en) * | 2012-05-31 | 2012-09-19 | 清华大学 | Method for realizing secure network backup system under cloud storage environment |
| CN102932326A (en) * | 2012-09-19 | 2013-02-13 | 无锡华御信息技术有限公司 | Safety cloud computing system |
-
2013
- 2013-04-27 CN CN2013101510026A patent/CN103235905A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763225A (en) * | 2010-01-22 | 2010-06-30 | 蓝盾信息安全技术股份有限公司 | System and method for protecting virtual disk files |
| US20110264786A1 (en) * | 2010-03-17 | 2011-10-27 | Zerto Ltd. | Methods and apparatus for providing hypervisor level data services for server virtualization |
| CN101986651A (en) * | 2010-08-26 | 2011-03-16 | 上海网众信息技术有限公司 | Remote storage method, remote storage system and client |
| CN102214127A (en) * | 2010-11-15 | 2011-10-12 | 上海安纵信息科技有限公司 | Method for intensively storing and backing up data based on operating system virtualization theory |
| CN102035884A (en) * | 2010-12-03 | 2011-04-27 | 华中科技大学 | Cloud storage system and data deployment method thereof |
| CN102523270A (en) * | 2011-12-09 | 2012-06-27 | 成都东方盛行电子有限责任公司 | Method for realizing cloud storage |
| CN102685148A (en) * | 2012-05-31 | 2012-09-19 | 清华大学 | Method for realizing secure network backup system under cloud storage environment |
| CN102932326A (en) * | 2012-09-19 | 2013-02-13 | 无锡华御信息技术有限公司 | Safety cloud computing system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104408086A (en) * | 2014-11-07 | 2015-03-11 | 北京奇虎科技有限公司 | System and method for overall processing of data |
| CN104408086B (en) * | 2014-11-07 | 2018-02-06 | 北京奇虎科技有限公司 | Data Global treatment system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10887086B1 (en) | Protecting data in a storage system | |
| US20220222184A1 (en) | Providing End-To-End Encryption For Data Stored In A Storage System | |
| US10140370B1 (en) | Systems and methods for maintaining encrypted search indexes on third-party storage systems | |
| CN110062034B (en) | Block chain large file secure storage method and system | |
| US9516016B2 (en) | Storage array password management | |
| CN103929500A (en) | Method for data fragmentation of distributed storage system | |
| CN104160407B (en) | Using storage control EBI guaranteeing the data transmission security between storage device and main frame | |
| US11139959B2 (en) | Stream ciphers for digital storage encryption | |
| US20100161926A1 (en) | Data protection by segmented storage | |
| CN102945355A (en) | Sector map-based rapid data encryption policy compliance | |
| US10089245B2 (en) | Management of encryption keys for multi-mode network storage device | |
| CN102457555A (en) | Security system and method for distributed storage | |
| US11431488B1 (en) | Protecting local key generation using a remote key management service | |
| CN102855452A (en) | Method for following quick data encryption strategy based on encryption piece | |
| CN101983379A (en) | Disk drive data encryption | |
| CN107590395B (en) | Multilayer data encryption method, device, equipment and system suitable for cloud environment | |
| US9288042B1 (en) | Securely and redundantly storing encryption credentials system and method | |
| US20230080528A1 (en) | Smart data protection | |
| US20210110055A1 (en) | Data Deletion for a Multi-Tenant Environment | |
| US10469457B1 (en) | Systems and methods for securely sharing cloud-service credentials within a network of computing devices | |
| CN103235905A (en) | DUDP real-time data protection method | |
| CN106155921B (en) | A kind of information processing method and electronic equipment | |
| Cheng et al. | A practical cross-datacenter fault-tolerance algorithm in the cloud storage system | |
| JP6107286B2 (en) | Distributed storage system, node, data management method, and program | |
| CN117234427B (en) | Data reading and writing method, device, equipment, system, storage medium and storage system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Chengdu The Fake-Product Disapperance Technology Co., Ltd. Document name: the First Notification of an Office Action |
|
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130807 |
|
| WD01 | Invention patent application deemed withdrawn after publication |