The method of the storage device with subregion and memory partition
Technical field
Various embodiments of the present invention relate generally to storage device, the particularly storage device with medium and memorizer point
The method in area.
Background technology
Storage device generally has storage medium, such as magnetic disk media and flash memory.USB flash drive become one it is popular
Storage device.These devices are usually portable, when in insertion computer, become an extra storage device or medium
Used by user or application program.
Safety is to become a hot issue in recent years, and the safety of storage device is also paid close attention to.Under normal circumstances, it is quick
Sense information is stored in a storage device, but if the people not allowed have accessed, is easy for generation problem.However,
The versatility and ease for use of these flash disks causes domestic consumer access them.
At present, safety is by whole flash disk(Typically refer to " memory stick " or " flash disk ")Storage content refer to
A fixed password.However, except previously described method, flexible configuration of having no idea flash disk.
Therefore, it is necessary to be configured flexibly to the storage device with storage medium.
The content of the invention
For the problems referred to above, it is an object of the invention to provide a storage device and one kind that can overcome the problems referred to above is deposited
The method of memory partition.
One storage device for including disk controller and coupled nonvolatile storage, for storing one or more
Password.The storage device is further comprised with the medium more than a subregion, and disk controller causes each subregion can be with
One or more passwords according to being previously stored decide whether to be accessed by one or more users.
In above-mentioned storage device, the storage device also includes authentication module, the authentication module and the disk controller phase
Connect and respond the user, the authentication module is used to recognize the user.
In above-mentioned storage device, the authentication module responds the biological characteristic from the user, and sound or button are defeated
Enter.
In above-mentioned storage device, the disk controller is connected with main frame by interface.
In above-mentioned storage device, the interface is SATA, IDE, SAS, PCI/PCIE, SCSI or USB.
In above-mentioned storage device, the storage device also includes encrypting module, the encrypting module and data buffer and
The medium is connected and is encrypted operation according to first password and second codon usage.
In above-mentioned storage device, the encrypting module adopts AES, GOST, ECC, Zu Chongzhi, RSA or DES/3DES to add
Close algorithm.
In above-mentioned storage device, the storage device also includes deciphering module, the deciphering module and the data buffer
It is connected with the medium and operation is decrypted according to first password and second codon usage.
In above-mentioned storage device, the nonvolatile storage is located at microprocessor internal.
In above-mentioned storage device, the nonvolatile storage position is located at outside microprocessor.
In above-mentioned storage device, the nonvolatile storage is flash memory, CD or tape.
In above-mentioned storage device, the storage device is USB flash drive.
In above-mentioned storage device, the storage device is with such as lower interface:SATA,IDE,SCSI,SAS,PCI/
The hard disk of one of PCIE.
A kind of method of memory partition, including:
First password for receiving;
Receive second password;
According to first password, determine that first user accesses first subregion of nonvolatile memory;
According to second password, determine that second user accesses first subregion;
According to second password, it is allowed to which second user accesses second subregion of the nonvolatile memory;With
First user is prevented to access second subregion.
In the method for above-mentioned memory partition, the method also includes encryption and decrypts first password.
In the method for above-mentioned memory partition, the method adopts AES, GOST, ECC, Zu Chongzhi, RSA or DES/
The encryption of 3DES.
In the method for above-mentioned memory partition, the method also includes encryption and decrypts second password.
In the method for above-mentioned memory partition, the method adopts AES, GOST, ECC, Zu Chongzhi, RSA or DES/
The encryption of 3DES.
Compared with prior art, the method for storage device of the invention and memory partition is close by arranging one or more
Code, enables corresponding user to be identified authority such that it is able to be configured flexibly to storage device.
Description of the drawings
Fig. 1 shows a storage device 10 according to an embodiment of the invention.
Fig. 2 shows the further detail below of a disk controller 12 according to another preferred embodiment.
Fig. 3 shows the another embodiment of the storage device 10 of Fig. 1, is the USB flash drive with two subregions.
Fig. 4 shows the further embodiment of the storage device 10 of Fig. 1, is the SATA interface hard disk with two subregions.
Specific embodiment
One storage dress with disk controller and nonvolatile storage of only certain embodiments of the present invention and method publicity
Put and its operable one or more passwords of storage.This storage device further includes the medium more than a subregion, the disk
Controller allows each subregion to pass through one or more passwords deposited by one or more user's access visits.
The following describe a storage device with medium.The medium is as described below, is partly or entirely divided into not Tongan City
The subregion of full rank, so as to improve using motility and safety.
Referring now to Fig. 1, in showing according to one embodiment of present invention a storage device 10,.Storage device 10
Including a disk controller 12, an authentication module 14, a kind of nonvolatile memory 16 and medium 18.Disk controller 12 passes through
Interface 26 is connected with a main frame.The connection of disk controller 12 and module 14 and nonvolatile memory 16.Authentication module 14 leads to
The interface 4 crossed between user and device receives the input from user, for example, by keyboard, fingerprint, and iris, voice, or other
The biological characteristic of type.
Disk controller 12 is connected with medium 18 by Media Interface Connector 28.As further being expressed below, disk controller
12 have encryption and decryption capabilities.Nonvolatile memory 16 stores one or more passwords, and medium 18 includes subregion A20 and divides
Area B22.
In some embodiments of the invention, medium 18 is a disk controller or an or flash memory.Storage device 10
Various applications can be adopted, one of them is USB disk.Main frame is communicated by interface 26 with storage device 10, can
Being hard disk or flash card.
In the exemplary embodiment, interface 26 is SATA, IDE, SAS, USB, burst disk(SD)Or mmc card.Exemplary
In embodiment, nonvolatile memory 16 is flash memory, CD or tape.
In operating process, 14 receiving user's input of authentication module, and carry out user authentication.As earlier indicated, this
The example of the input of sample is voice, bio-identification, or keyboard key stroke.Additionally, customer-furnished one or more passwords are passed to
Module 14.Module 14 receives the information from user and communicates to disk controller 12, and these information may or may not be entered
Row encryption.Disk controller 12 is by the password storage for receiving in nonvolatile memory 16.Deposited using nonvolatile memory
Storage password is extremely important, because even after power down, password is still kept.
In some embodiments of the invention, nonvolatile memory 16 is in disk controller 12.Disk controller 12 is sharp
The access to subregion A20 or subregion B22 or both is unlocked with the password being stored in nonvolatile memory 16.That is, according to
The access rights that user is allowed to or arranges, the different subregion of memorizer or two subregions can be with accessed by the user.However,
Outside user is locked in a specific subregion, can prevent user from accessing the specific subregion.It is known that, although implement
Only two subregions in example shown in Fig. 1, but can be using any number of subregion.
Perhaps, specific example will be helpful to the effect of the medium 18 for more fully understanding subregion.In commercial affairs, wherein
Director needs all information for accessing, any subregion A or B that director may be allowed access to, but is reported to director
Office worker may be assigned to the other access rights of lower level, be such as merely able to access subregion A.There are many reasons to cause various use
Family has different safe classes.In operation, director grasps the institute that the subregion A and B that him/her can be allowed to access is entered
There is password, be input into one of password, the certified module of password is received.Have access to other subregions if desired, director can be with
The different password of input.These passwords, once being recognized by disk controller 12, the user for just becoming different can access corresponding point
The labelling in area.For example, password A can only access subregion A20 and password B and can access two subregions A and B(20 and 22)Or password
B can only access subregion B.
In a kind of bypass mode, user is always to provide for password.
Fig. 2 shows 12 further details of disk controller in another embodiment of the present invention.Disk controller 12 includes connecing
Mouth protocol module 200, data buffer 202, microprocessor 204, encrypting module 210, deciphering module 206, selector 208, choosing
Select device 212 and medium access interface 214.
Interface protocol module 200 is connected to main frame by interface 26, and from main frame receive information, while being also connected to data
Buffer 202 and microprocessor 204.Data buffer 202 is shown attached to module 14(Fig. 1), and password is therefrom received, even
It is connected to microprocessor 204, selector 208 and encrypting module 210.Microprocessor 204 is further illustrated and is connected to encrypting module
206 and deciphering module 210.Encrypting module 210 is shown attached to selector 212, and this is carried out by medium access interface 214
Connection.Equally, deciphering module 206 is attached to selector 208 and medium access interface 214.Selector 208 is shown attached to
Data buffer 202.Medium access interface 214 is shown attached to selector 208, and data buffer 202 is shown attached to
Selector 212.One exemplary enforcement of selector 212 and 208 is realized with multiplexer.
In operation, the information Store provided by interface 26 is assisted by the direction according to main frame, data buffer to interface
View 200.Data buffer 202 is also preserved from nonvolatile memory 16(Fig. 1)The password for obtaining.Selector 212 is according to micro- place
The direction controlling of reason device 204, the data transfer obtained from data buffer 202 or encrypting module 210 is gone out.Encrypting module
210 pairs of data are encrypted, including password.The example that encrypting module 210 is realized can be AES, GOST, ECC, Zu Chongzhi,
RSA, DES/3DES, or its suitable AES.Deciphering module 206 is by the encryption data for receiving(Including password)Solved
It is close, and selector 208 is supplied to, then data buffer 202 is given by decryption information.
Fig. 3 shows the storage device 300 of another embodiment of the present invention, similar to the storage device 10 in Fig. 1, is one
The individual USB flash drive for having two subregions.In one exemplary embodiment and method, user 301 passes through keying input information and passes through
Input through keyboard interface 40 is input into, such as password.Password is stored in block 302.Memorizer is disk medium 304, in the enforcement of the present invention
It is flash memories in example.Disk partition without any form protection of the disk medium 304 comprising an acquiescence, such as subregion 306,
And including password-protected piece 302, i.e. subregion 308.Disk medium 304 also includes a series of flash memory space of passwords of storage simultaneously
310.All passwords used by 310 in store storage device 300 of space.In the embodiment shown in fig. 3, disk controller 12 passes through
Usb bus interface 26 is connected with usb host 303.
Fig. 4 shows the storage device 400 of another embodiment of the present invention, similar to the storage device 10 in Fig. 1, is one
The individual SATA interface hard disk for having two subregions.As shown in figure 4, EEPROM, i.e. block on the piece that includes preserve password of module 12
402.Block 402 preserves the password used by storage device 400 in EEPROM.Disk controller 12 and SATA host 403 pass through SATA
Bus 404 connects.Block 408 passes through fingerprint input interface 412 from user 401(Place takes the fingerprint the password of form.Disk medium 406
Can be tape or other kinds of disk medium.Disk medium 406 is shown including subregion A and subregion B.In this example, subregion A
Can only be opened with password A, and subregion B then can be opened by password A or password B.
Although only giving the description to specific embodiment, these specific embodiments are merely illustrative, and
It is not restricted.
The above, is only embodiments of the invention, not makees any pro forma restriction to the present invention, although this
Invention is disclosed above with embodiment, but is not limited to the present invention, any those skilled in the art, is not taking off
In the range of technical solution of the present invention, when using the technology contents of the disclosure above make it is a little change or be modified to equivalent variations
Equivalent embodiments, as long as being without departing from technical solution of the present invention content, according to the technical spirit of the present invention to above example
Any simple modification, equivalent variations and the modification made, still falls within the range of technical solution of the present invention.