CN103617127A - Memory device with subareas and memorizer area dividing method - Google Patents
Memory device with subareas and memorizer area dividing method Download PDFInfo
- Publication number
- CN103617127A CN103617127A CN201310645545.3A CN201310645545A CN103617127A CN 103617127 A CN103617127 A CN 103617127A CN 201310645545 A CN201310645545 A CN 201310645545A CN 103617127 A CN103617127 A CN 103617127A
- Authority
- CN
- China
- Prior art keywords
- memory storage
- memory
- password
- subregion
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a memory device including a disk controller and a nonvolatile memory connected with the disk controller. The memory device is used for memorizing one or more passwords. The memory device further comprises a medium provided with more than one subarea, wherein the disk controller can be used for judging whether each subarea is accessed by one or more users or not according to one or more pre-memorized passwords. The invention further provides a memorizer area dividing method.
Description
Technical field
Various embodiment of the present invention relates generally to memory storage, particularly has the method for memory storage and the memory partition of medium.
Background technology
Memory storage has storage medium conventionally, such as magnetic disk media and flash memory.USB flash drive has become a popular memory storage.These devices are generally of portable form, and in inserting computing machine, become an extra memory storage or medium and are used by user or application program.
Safety is to become a hot issue in recent years, and the security of memory storage is also paid close attention to.Generally, sensitive information is stored in a memory storage, if but by unallowed people, accessed, with regard to easy generation problem.Yet the versatility of these flash disks and ease for use make domestic consumer can access them.
At present, security is to specify a password by the storage content to whole flash disk (typically referring to " memory stick " or " flash disk ").Yet, except previously described method, the flexible configuration of having no idea flash disk.
Therefore, be necessary to configure neatly thering is the memory storage of storage medium.
Summary of the invention
For the problems referred to above, the object of this invention is to provide an a kind of method that can overcome memory storage and memory partition of the problems referred to above.
A memory storage that comprises disk controller and coupled nonvolatile memory, for storing one or more passwords.Described memory storage further comprises has the medium that surpasses a subregion, and disk controller makes each subregion to determine whether by one or more user, accessed according to one or more passwords of prior storage.
In above-mentioned memory storage, this memory storage also comprises authentication module, and this authentication module is connected with this disk controller and responds this user, and this authentication module is used for identifying this user.
In above-mentioned memory storage, this authentication module response is from this user's biological characteristic, sound or key-press input.
In above-mentioned memory storage, this disk controller is connected with main frame by interface.
In above-mentioned memory storage, this interface is SATA, IDE, SAS, PCI/PCIE, SCSI or USB.
In above-mentioned memory storage, this memory storage also comprises encrypting module, and this encrypting module is connected with this medium with data buffer and is encrypted operation according to this first password and this second codon usage.
In above-mentioned memory storage, this encrypting module adopts AES, GOST, ECC, Zu Chongzhi, RSA or DES/3DES cryptographic algorithm.
In above-mentioned memory storage, this memory storage also comprises deciphering module, and this deciphering module is connected with this medium with this data buffer and is decrypted operation according to this first password and this second codon usage.
In above-mentioned memory storage, this nonvolatile memory is positioned at microprocessor internal.
In above-mentioned memory storage, this nonvolatile memory position is positioned at microprocessor outside.
In above-mentioned memory storage, this nonvolatile memory is flash memory, CD or tape.
In above-mentioned memory storage, this memory storage is USB flash drive.
In above-mentioned memory storage, this memory storage is with as lower interface: SATA, IDE, SCSI, SAS, the hard disk of one of PCI/PCIE.
A method for memory partition, comprising:
First password receiving;
Receive second password;
According to this first password, determine that first user accesses first subregion of nonvolatile memory;
According to this second password, determine that second user accesses this first subregion;
According to this second password, allow this second user to access second subregion of this nonvolatile memory; With
Stop this first user to access this second subregion.
In the method for above-mentioned memory partition, the method also comprises this first password of encryption and decryption.
In the method for above-mentioned memory partition, the method adopts AES, GOST, ECC, Zu Chongzhi, the encryption of RSA or DES/3DES.
In the method for above-mentioned memory partition, the method also comprises this second password of encryption and decryption.
In the method for above-mentioned memory partition, the method adopts AES, GOST, ECC, Zu Chongzhi, the encryption of RSA or DES/3DES.
Compared with prior art, the method for memory storage of the present invention and memory partition, by one or more passwords are set, make corresponding user can be identified authority, thereby can configure neatly memory storage.
Accompanying drawing explanation
Fig. 1 shows a memory storage 10 according to an embodiment of the invention.
Fig. 2 shows the further details of a disk controller 12 according to another preferred embodiment.
Fig. 3 shows the another one embodiment of the memory storage 10 of Fig. 1, is the USB flash drive with two subregions.
Fig. 4 shows another embodiment of the memory storage 10 of Fig. 1, is the SATA interface hard disk with two subregions.
Embodiment
Specific embodiment of the present invention and method publicity memory storage with disk controller and nonvolatile memory and can the one or more passwords of operation store.This memory storage further comprises the medium that surpasses a subregion, and this disk controller makes each subregion can be by one or more passwords of having deposited by one or more user's access visits.
A memory storage with medium has below been described.This medium is as described below, is partly or entirely divided into the subregion of different level of securitys, thereby improve, uses dirigibility and security.
Referring now to Fig. 1,, a memory storage 10 in showing according to one embodiment of present invention.Memory storage 10 comprises 12, one authentication modules 14 of a disk controller, a kind of nonvolatile memory 16 and medium 18.Disk controller 12 is connected with a main frame by interface 26.The connection of disk controller 12 and module 14 and nonvolatile memory 16.The input that authentication module 14 receives from user by the interface 4 between user and device, for example, by keyboard, fingerprint, iris, voice, or the biological characteristic of other type.
In some embodiments of the invention, medium 18 is a disk controller or an or flash memory.Memory storage 10 can adopt various application, and one of them is USB dish.Main frame and memory storage 10 communicate by interface 26, can be hard disk or flash card.
In the exemplary embodiment, interface 26 is SATA, IDE, SAS, USB, burst disk (SD) or mmc card.In an exemplary embodiment, nonvolatile memory 16 is flash memories, CD or tape.
In operating process, authentication module 14 receives users' input, and carries out user and authenticate.Just as noted earlier, the example of such input is voice, bio-identification, or keyboard keystroke.In addition, customer-furnished one or more password is passed to module 14.Module 14 receives from user's information and communicates by letter to disk controller 12, and these information may or may not can be encrypted.Disk controller 12 is stored in the password of receiving in nonvolatile memory 16.With nonvolatile memory, store password extremely important, even because after power down, password is still held.
In some embodiments of the invention, nonvolatile memory 16 is in disk controller 12.Disk controller 12 utilizes the password being stored in nonvolatile memory 16 to come release to subregion A20 or subregion B22 or both access.That is, the access rights that are allowed to or arrange according to user, the different subregion of storer or two subregions can be accessed by the user.Yet, Subscriber Locked, outside a specific subregion, can be prevented to user accesses this specific subregion.As everyone knows, although only have two subregions shown in Fig. 1 in embodiment, can adopt the subregion of any amount.
Perhaps, concrete example will contribute to understand better the effect of the medium 18 of subregion.In commercial affairs, all information that wherein responsible official need to access, responsible official may be allowed to any subregion A or the B of access, but the office worker who reports to responsible official may be assigned to more low-level access rights, accesses subregion A as being merely able to.There are many reasons to make various users there is different safe classes.In operating process, responsible official grasps all passwords can allow subregion A that he/her accesses and B enter, inputs one of them password, and the certified module of password receives.If need to have access to other subregions, responsible official can input different passwords.These passwords, once be identified by disk controller 12, just become the mark that different users can access respective partition.For example, password A can only access subregion A20 and password B can access two subregion A and B(20 and 22) or password B can only access subregion B.
In a kind of bypass mode, user always will provide password.
Fig. 2 shows the further details of disk controller 12 in another embodiment of the present invention.Disk controller 12 comprises interface protocol module 200, data buffer 202, microprocessor 204, encrypting module 210, deciphering module 206, selector switch 208, selector switch 212 and medium access interface 214.
Interface protocol module 200 is connected to main frame by interface 26, and receives information from main frame, is also connected to data buffer 202 and microprocessor 204 simultaneously.Data buffer 202 shows and is connected to module 14(Fig. 1), and therefrom receive password, be connected to microprocessor 204, selector switch 208 and encrypting module 210.Microprocessor 204 further shows and is connected to encrypting module 206 and deciphering module 210.Encrypting module 210 shows and is connected to selector switch 212, and this is to connect by medium access interface 214.Equally, deciphering module 206 is to be connected to selector switch 208 and medium access interface 214.Selector switch 208 shows and is connected to data buffer 202.Medium access interface 214 shows and is connected to selector switch 208, and data buffer 202 shows and is connected to selector switch 212.Selector switch 212 and 208 an exemplary enforcement are to realize with multiplexer.
In operation, according to the direction of main frame, data buffer stores the information providing by interface 26 into interface protocol 200.Data buffer 202 is also preserved Fig. 1 from nonvolatile memory 16() password that obtains.Selector switch 212 is controlled according to the direction of microprocessor 204, and the data transmission obtaining from data buffer 202 or encrypting module 210 is gone out.210 pairs of data of encrypting module are encrypted, and comprise password.The example that encrypting module 210 is realized can be AES, GOST, ECC, Zu Chongzhi, RSA, DES/3DES, or its suitable cryptographic algorithm.Deciphering module 206 is decrypted the enciphered data of receiving (comprising password), and offers selector switch 208, then decryption information is given to data buffer 202.
Fig. 3 shows the memory storage 300 of another embodiment of the present invention, is similar to the memory storage 10 in Fig. 1, is a USB flash drive that has two subregions.In one exemplary embodiment and method, user 301 is by keying input information and by 40 inputs of keyboard input interface, as password.Password is stored in piece 302.Storer is dish medium 304, is flash memories in an embodiment of the present invention.The disk partition without any form protection that dish medium 304 comprises an acquiescence, for example subregion 306, and comprise password-protected 302, and subregion 308.With hour indicator medium 304, also comprise the flash memory space 310 of storing a series of passwords.The in store memory storage 300 in space 310 all passwords used.In the embodiment shown in fig. 3, disk controller 12 is connected with usb host 303 by usb bus interface 26.
Fig. 4 shows the memory storage 400 of another embodiment of the present invention, is similar to the memory storage 10 in Fig. 1, is a SATA interface hard disk that has two subregions.As shown in Figure 4, module 12 comprises EEPROM on the sheet of preserving password, and piece 402.Piece 402 is preserved memory storage 400 password used in EEPROM.Disk controller 12 is connected by SATA bus 404 with SATA main frame 403.Piece 408 from user 401 by the take the fingerprint password of form of fingerprint input interface 412(.Dish medium 406 can be the dish medium of tape or other types.Dish medium 406 shows and comprises subregion A and subregion B.In this example, subregion A can only open with password A, and subregion B can be opened by password A or password B.
Although only provided the description to specific embodiment, these specific embodiment are only illustrative, rather than restrictive.
The above, only embodiments of the invention, not the present invention is done to any pro forma restriction, although the present invention discloses as above with embodiment, yet not in order to limit the present invention, any those skilled in the art, do not departing within the scope of technical solution of the present invention, when can utilizing the technology contents of above-mentioned announcement to make a little change or being modified to the equivalent embodiment of equivalent variations, in every case be not depart from technical solution of the present invention content, any simple modification of above embodiment being done according to technical spirit of the present invention, equivalent variations and modification, all still belong in the scope of technical solution of the present invention.
Claims (18)
1. a method for memory partition, is characterized in that, comprising:
First password receiving;
Receive second password;
According to this first password, determine that first user accesses first subregion of nonvolatile memory;
According to this second password, determine that second user accesses this first subregion;
According to this second password, allow this second user to access second subregion of this nonvolatile memory; With
Stop this first user to access this second subregion.
2. the method for the memory partition described in claim 1, is characterized in that, the method also comprises this first password of encryption and decryption.
3. the method for the memory partition described in claim 2, is characterized in that, the method adopts AES, GOST, ECC, Zu Chongzhi, the encryption of RSA or DES/3DES.
4. the method for the memory partition described in claim 1, is characterized in that, the method also comprises this second password of encryption and decryption.
5. the method for the memory partition described in claim 4, is characterized in that, the method adopts AES, GOST, ECC, Zu Chongzhi, the encryption of RSA or DES/3DES.
6. a memory storage, is characterized in that, comprising:
Disk controller;
The nonvolatile memory being connected with this disk controller, as one or more password of storage; With
Comprise the medium that surpasses a subregion, this disk controller determines that according to one or more passwords of this storage each subregion can be accessed by one or more user.
7. the memory storage described in claim 6, is characterized in that, this memory storage also comprises authentication module, and this authentication module is connected with this disk controller and responds this user, and this authentication module is used for identifying this user.
Described in claim 7 memory storage, it is characterized in that, the response of this authentication module is from this user's biological characteristic, sound or key-press input.
9. the memory storage described in claim 1, is characterized in that, this disk controller is connected with main frame by interface.
10. the memory storage described in claim 9, is characterized in that, this interface is SATA, IDE, SAS, PCI/PCIE, SCSI or USB.
Memory storage described in 11. claims 1, is characterized in that, this memory storage also comprises encrypting module, and this encrypting module is connected with this medium with data buffer and is encrypted operation according to this first password and this second codon usage.
Memory storage described in 12. claims 11, is characterized in that, this encrypting module adopts AES, GOST, ECC, Zu Chongzhi, RSA or DES/3DES cryptographic algorithm.
Memory storage described in 13. claims 11, is characterized in that, this memory storage also comprises deciphering module, and this deciphering module is connected with this medium with this data buffer and is decrypted operation according to this first password and this second codon usage.
Memory storage described in 14. claims 1, is characterized in that, this nonvolatile memory is positioned at microprocessor internal.
Memory storage described in 15. claims 1, is characterized in that, this nonvolatile memory position is positioned at microprocessor outside.
Memory storage described in 16. claims 1, is characterized in that, this nonvolatile memory is flash memory, CD or tape.
Memory storage described in 17. claims 1, is characterized in that, this memory storage is USB flash drive.
Memory storage described in 18. claims 1, is characterized in that, this memory storage is with as lower interface: SATA, IDE, SCSI, SAS, the hard disk of one of PCI/PCIE.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310645545.3A CN103617127B (en) | 2013-12-04 | 2013-12-04 | The method of the storage device with subregion and memory partition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310645545.3A CN103617127B (en) | 2013-12-04 | 2013-12-04 | The method of the storage device with subregion and memory partition |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103617127A true CN103617127A (en) | 2014-03-05 |
| CN103617127B CN103617127B (en) | 2017-04-05 |
Family
ID=50167830
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310645545.3A Active CN103617127B (en) | 2013-12-04 | 2013-12-04 | The method of the storage device with subregion and memory partition |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103617127B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104866437A (en) * | 2015-06-03 | 2015-08-26 | 杭州华澜微科技有限公司 | BIOS authentication-based safety hard disk and data authentication method |
| CN106020833A (en) * | 2016-05-26 | 2016-10-12 | 苏州乐派特机器人有限公司 | U-flash disk type building block used for physical programming |
| CN107729978A (en) * | 2017-09-29 | 2018-02-23 | 芜湖市振华戎科智能科技有限公司 | Secrecy USB flash disk with numerical ciphers |
| CN108416232A (en) * | 2018-03-02 | 2018-08-17 | 湖南源科创新科技有限公司 | encryption method for storage device |
| CN108427872A (en) * | 2017-02-14 | 2018-08-21 | 三星电子株式会社 | Storage device with fingerprint Identification sensor and its operating method |
| CN110175476A (en) * | 2018-02-20 | 2019-08-27 | 森萨塔科技公司 | For deferring to the memory-safe of the automobile function safety of independent downstream process |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070011166A1 (en) * | 2005-07-05 | 2007-01-11 | Takaki Nakamura | Method and apparatus for providing multi-view of files depending on authorization |
| KR20070113493A (en) * | 2006-05-24 | 2007-11-29 | 엠텍비젼 주식회사 | Multi-port memory device having register logic for providing access authority and control method thereof |
| CN101419576A (en) * | 2007-05-18 | 2009-04-29 | Mcm组合有限责任公司 | System and method of providing security to an external device |
| CN101763318A (en) * | 2010-01-21 | 2010-06-30 | 浙江大学 | Data dumping method and data dumping device |
| CN102110061A (en) * | 2009-12-24 | 2011-06-29 | 群联电子股份有限公司 | Block managing method, flash controller and flash memory device |
| CN103279431A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Access method for kinds of permissions of memorizer |
-
2013
- 2013-12-04 CN CN201310645545.3A patent/CN103617127B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070011166A1 (en) * | 2005-07-05 | 2007-01-11 | Takaki Nakamura | Method and apparatus for providing multi-view of files depending on authorization |
| KR20070113493A (en) * | 2006-05-24 | 2007-11-29 | 엠텍비젼 주식회사 | Multi-port memory device having register logic for providing access authority and control method thereof |
| CN101419576A (en) * | 2007-05-18 | 2009-04-29 | Mcm组合有限责任公司 | System and method of providing security to an external device |
| CN102110061A (en) * | 2009-12-24 | 2011-06-29 | 群联电子股份有限公司 | Block managing method, flash controller and flash memory device |
| CN101763318A (en) * | 2010-01-21 | 2010-06-30 | 浙江大学 | Data dumping method and data dumping device |
| CN103279431A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Access method for kinds of permissions of memorizer |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104866437A (en) * | 2015-06-03 | 2015-08-26 | 杭州华澜微科技有限公司 | BIOS authentication-based safety hard disk and data authentication method |
| CN104866437B (en) * | 2015-06-03 | 2018-11-20 | 杭州华澜微电子股份有限公司 | A kind of safe hard disk and data authentication method based on BIOS authentication |
| CN106020833A (en) * | 2016-05-26 | 2016-10-12 | 苏州乐派特机器人有限公司 | U-flash disk type building block used for physical programming |
| CN108427872A (en) * | 2017-02-14 | 2018-08-21 | 三星电子株式会社 | Storage device with fingerprint Identification sensor and its operating method |
| CN107729978A (en) * | 2017-09-29 | 2018-02-23 | 芜湖市振华戎科智能科技有限公司 | Secrecy USB flash disk with numerical ciphers |
| CN110175476A (en) * | 2018-02-20 | 2019-08-27 | 森萨塔科技公司 | For deferring to the memory-safe of the automobile function safety of independent downstream process |
| CN108416232A (en) * | 2018-03-02 | 2018-08-17 | 湖南源科创新科技有限公司 | encryption method for storage device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103617127B (en) | 2017-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3332372B1 (en) | Apparatus and method for trusted execution environment based secure payment transactions | |
| CN104951409B (en) | A kind of hardware based full disk encryption system and encryption method | |
| US9047486B2 (en) | Method for virtualizing a personal working environment and device for the same | |
| US8898477B2 (en) | System and method for secure firmware update of a secure token having a flash memory controller and a smart card | |
| US8572410B1 (en) | Virtualized protected storage | |
| WO2020192406A1 (en) | Method and apparatus for data storage and verification | |
| US8370645B2 (en) | Protection of security parameters in storage devices | |
| CN108139984B (en) | Security subsystem | |
| WO2017041603A1 (en) | Data encryption method and apparatus, mobile terminal, and computer storage medium | |
| CN103617127A (en) | Memory device with subareas and memorizer area dividing method | |
| CN101881997B (en) | Trusted safe mobile storage device | |
| TW201543265A (en) | Apparatuses and methods for securing an access protection scheme | |
| CN111131130B (en) | Key management method and system | |
| WO2010052722A1 (en) | Secure storage device | |
| CN104680055A (en) | Control method for performing management on U disk after access into industrial control system network | |
| TW201019113A (en) | Authenticable USB storage device and method thereof | |
| CN105303093A (en) | Token verification method for cryptographic smart token | |
| US10628334B2 (en) | System and method to protect digital content on external storage | |
| CN201549223U (en) | Trusted secure portable storage device | |
| CN108197457A (en) | Hard disk secure control method and device | |
| KR101156102B1 (en) | Memory card reader apparatus having security features and the method thereof | |
| CN107332670A (en) | Safety control, system, method and mobile device based on UFS interfaces | |
| US20220123932A1 (en) | Data storage device encryption | |
| TWI501106B (en) | Storage medium securing method and media access device thereof background | |
| CN102831080A (en) | Data security protection method for mobile storage equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: Hangzhou City, Zhejiang province 311200 Xiaoshan District Road No. 66 Building No. 1 building 22 layer Huarui Center Applicant after: SAGE MICROELECTRONICS CORP. Address before: Hangzhou City, Zhejiang province 311215 Xiaoshan Road No. 66 Building No. 1 building 22 layer Huarui Center Applicant before: Hangzhou Sage Microelectronics Technology Co., Ltd. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 311215 HANGZHOU, ZHEJIANG PROVINCE TO: 311200 HANGZHOU, ZHEJIANG PROVINCE Free format text: CORRECT: APPLICANT; FROM: HANGZHOU SAGE MICROELECTRONICS CO., LTD. TO: HANGZHOU SAGE MICROELECTRONICS, CORP. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |